BSidesNoVA 2021 | Opening Keynote Address

what are you guys doing today any plans i know there's a happy hour are you checking twitter are you checking twitter come on man the twitter guy the communications director all right well hopefully everybody's in you guys can hear us rambling in here uh we are obviously very very excited to be here this year it has been one hell of a planning year for all of us um this is our core team uh plus some support staff too uh here kind of crowded around us uh don't worry we've all got the uh voucher shots um yeah we're really excited to kick off 2021 besides nova it's been a lot of fun there's been a lot of ups and downs i know there's been

a lot of miscommunications we originally came out with the idea of this hybrid event the idea was to have our speakers on site and defcon came out with their hybrid event where they actually wanted attendees on site and that caused some confusion so we are fully virtual if you're outside of any of our previous locations from the last four years we are not there we are at an undisclosed location at this point so um yeah but if you do want to see us and you're fully vaccinated and you're comfortable being out in public we will be at punchbowl tonight uh for happy hour starting at six sish um we should be over there uh show your b-sides nova pass as you

come in we've got plenty of food and drinks for folks that have paid for a ticket so you know if you invite some friends they may or may not have to buy their own drinks but besides nova pass will get you some some food and drinks when you come in um so you're probably in this platform very very confused don't worry so are we we're going to figure it out together we are hackers we're going to figure this stuff out but we're not going to hack our platform right just like being in a physical building respect the building right respect the platform if you have any problems getting navigating around there is a chat with

us function uh as soon as we're off this couch we will be monitoring that um if you're a sponsor uh speaker or one of the workshop folks you also are in the slack you can talk to us in the slack um it's not for attendees sorry folks but we do have the chat with us for attendees you can reach out to us you can also dm us on twitter and linkedin we'll be monitoring that as well we're gonna make sure everybody has a good event this year um that is what we stressed about all year so that is our job right um so real fast and talk about the platform a little bit um so you're right

now in the main stage main lobby for the kickoff this is also where we'll meet again tonight for uh the closing remarks um on the left you yes left you should see the thing for breakout sessions that's where the individual talks are each talk basically has its own room you can go through those talks right now or not right now as soon as this one's over you can go through that channel bookmark which talks you want to see today and that will kind of build you out your little schedule literally at the minute that the talk is supposed to start is when you're gonna be allowed to join speakers will be in there about 15

minutes early um but they will not be able to broadcast until the minute of that's just the way the platform's set up apologize i know it's a little bit concerning you're like i'm not in and it's talk starting now but we figured it out yesterday with the workshops um so go ahead and go through there if you're a speaker that is not how you get to your talk you want to go through my scheduled speaking or something like that there's a microphone in the bottom left corner of that um my speaker schedule there we go thanks love um you want to go and join your room from that side if you try to join it

from the from the breakout session side you're just going to be attendee and you're not going to be able to present and you're going to be very sad uh make sure you find the little microphone my speaking schedule and go and join your talk through that side again if you're any problems with the platform hit chat with us uh ping us on any of the social medias and we will we'll do our best to get it fixed um the cell events team behind the platform has been really helpful this last couple of days as we've been troubleshooting stuff we promise we're going to do our best everybody's obviously broadcasting from home you know we've been doing this for

a year and a half now i'm pretty much pretty sure for most people for work there's going to be some fun streaming issues i'm sure that's totally okay right if you're a speaker and you're having problems with voice audio problems right streaming you may have to pause your video share for a bit um totally normal thing to do at this point in in our lives right um yeah so like i said no hacking the platform don't be disrespectful we do have a code of contact code of conduct published on our website go go take a look at it uh basically means don't be a jerk um if any of our moderators warn you for being a jerk uh you're

gonna get one warning and then if we have to talk to you again we're just going to boot you from the platform um if it's bad enough you don't get invited back to the future b-sides uh this is a community uh we take care of each other and that's very very important to us right don't go after each other not cool the platform does also have gamification we have some amazing sponsors that ms sophia will introduce here in a second um but with the gamification means you earn points for going to do different parts of the platform so i believe you get some points for just going to talks right oh not talks talks are worthless no i'm just kidding

that's where all the value is um you do get points for going to check out the spa speaker booths um they have like their individual career pages but they also have some folks there willing to chat with you they can even fire up a live session and chat with you so if you're interested in what they're offering jobs wise go check out their opportunities and career pages talk to some folks um yeah we've got some amazing sponsors let me tell you to get sponsors for a virtual event um is very terrifying thing right people especially when we announced we were doing hybrid sponsors were like whoa that seems risky and we're like no no it's not risky we promise okay we're

gonna do fully virtual um and then of course there's the what's it for me how do i get to talk to your folks this is how we're doing it go talk to them in their exhibit hall i think they're called exhibitors in there that's where our sponsors are there are some humans on the other side of those chat rooms you can talk to them ask about their companies and engage right if you're looking for a job that's the great place to be but you also get points uh through the gamification system for doing different things like talking to them or just visiting their site and the top three winners are going to get some extra duper super duper

uh b-sides nova swag a couple weeks after this event all attendees are actually getting a shirt and some other little goodies as surprises but the uh speakers will get some goodies um above and beyond uh the workshop leads we'll get some goodies above and beyond in the top three winners for the gamification we'll get some cool stuff uh so uh i want to introduce my amazing uh team they have kept us alive this year literally checking in every month and then the last six months every other week and then the last two months every week sometimes twice a week uh we're gonna start down on this end with rich he's getting ready to give a talk at 9

30 so go check him out but go ahead hey i'm rich wickersham i'm a chief security architect at an undisclosed company but you'll use ocean to figure that out soon enough if you watch my talk normally i bring pinball to these events and arcade games and i hack hardware that wasn't the case so i committed in other ways this year i'm very excited to be a part of the team and get moving into the conference how's it going everyone my name is steve higdon i've been doing the security thing for i don't know i guess 15 years or so um been involved with b-sides nova since the start as a volunteer i volunteered a lot of the uh the local

dc area com conferences as well um yes if you've seen twitter in the last uh i don't know a couple of months and especially today and going into uh the next couple of days that's me unless it's something that you don't like and then it was andy andy tweeted that um but yeah great to meet everyone all right we got one of the little sophia's over there in the corner there's actually one behind the microphone she's got like 19 daughters here they all look just like her and we got our newest member of the team go ahead and introduce yourself good morning everybody my name is mike i've been around the b-sides community for a while now

i used to be a cyber manager at accenture i've recently moved but i'm also a cyber warfare officer with the marine corps excited to be here [Music] morning everybody i am meredith um i make the cool swag that you wear um i am in charge of branding i work for a company called fia and i do the same thing for them um and i've been with b-sides since the second year hey good morning jessie to brock i work for a large insurance company as a threat hunt manager an incident responder i think this is my third year helping sophia out uh it's been a blast uh non-stop excitement how's it going everyone my name is ian

uh i work for a major u.s financial uh where my goal is to uh evangelize uh threat modeling to every single developer architect product owner business analyst and anyone else who will listen to me at any time of the day and uh my second year with besides noven glad to be here excellent thad bokner i work for a local bank as the pin test lead and i do the cfp uh lead here so i've been here for a few years as well and looking forward to this year good morning my name is andrew connell and i'm an institutional training officer for a center within a department of corrections and this is my second year here with b-sides a great

community great family it's kind of dipping my toes in the water and helping out where uh wherever that i can good morning my name is christina crystal and i work as a cyber security analyst for center healthcare and i've been was besides for about four years volunteering first two and helping organize workshops past two years all righty tasha denos i've been with b-sides this is my first time i work with the wonderful sophia um i've been in cyber for about 12 years this is my first year working with b-sides helping with the career panels awesome and um hopefully uh people know me by now this is our third fifth year but i'll go ahead and

introduce myself again sophia family started this thing six years ago um some crazy people were crazy enough to believe in me and join the team and help us out andy and i'm mary they've been doing this since 2015 right i was in the army but um i tell you uh this team didn't uh happen overnight members trickled in and we built this team over the past four years and i couldn't have wished for a better team great people we have a lot of fun it is stressful to put together a con but i have to say it's a lot of fun hanging out with these people and every week every two weeks we we have meetings that's supposed to

last 45 minutes end up being two hours just because we enjoyed so much um i want to take the time to also um thank our sponsors um we couldn't have put together this conference without them the swag the venues that we booked um our top our three platinum sponsors altus accenture and amazon altars have been putting the happy hour for pea size nova since day one uh they have a finance a really great uh happy hour today uh punchbowl social in arlington i hope we'll see a lot of you there accenture have been supporting us since day one and they continue to support the community and they were the first one to sign up with us this year

even though we weren't sure what we're putting together uh we want to also introduce amazon our first time sponsored um so looking forward for continued partnership um our gold members capra one um has been great in their support ridgeline international second time and fia of course not only they gave us great you know volunteers but also they support our conference so thank you uh to all our sponsors who couldn't have done this without you my my a third thank you as to the contributors of this uh community uh thank you for for submitting uh to speak to uh put up a workshop to the community and transferring your skills and knowledge um this is why we do this

so uh i think that's that's it for me i hope everyone gets to enjoy the con and final intro myself i figured i would go last i do have a few minutes to talk about b-sides as well um so yeah i'm andy piazza this is my fifth year i am the director of operations now for b-sides nova that means it's my job to run around crazy and make final decisions um on day of and it's a whole lot of fun i started about five years ago i heard about b-sides nova like a month before it was supposed to happen and i was like oh crap the tickets are sold out so i emailed volunteers and i was or i

filled out the volunteer forum and i was like hey i've got some security experience and stuff and then i got an email from the mary galloway um which was really funny if you don't know her she's absolutely amazing go follow her everywhere but at the time she was working like eight cubes down from me and i had no idea that she was helping put this thing together with sophia and she was like hey you're one of the only guys with previous security experience do you want to be our security lead and i was like i don't know what that means let's do this um so that brought me in about five years ago if you didn't know this is our

fifth year because i keep saying that our theme is fifth element uh hence the orange wigs over the logo this year uh that is also why i look like bruce willis was bought from wish um i don't dress like this normally he

yeah i tried to go chris tucker and wear you know wear some of the dresses but apparently they're hard to get in my size um [Laughter] he can um so i just want to take a few minutes to talk about b-sides as a community it's actually a global community it's not just besides nova there's an amazing amazing community that was uh started originally by jack daniels and a bunch of his core team back in the day it is spread out from the original crew to uh cities all over the world at this point they are sharing the good news of hacking i mean infosec um they're they're it's just a really cool community as a core team of members we're on a

distro list and we just get to see some of the challenges they went through this year um share you know how the sponsors are going how ticketing what virtual platforms there were and it's just been really really helpful to us as a core team to launch this thing this year um not gonna lie i mean you probably saw a lot of uh b-sides and other events cancel their events this year it doesn't quite feel right not all being in person because the biggest thing for us is having a local community of hackers getting together all of that noise and energy that goes into running up and down the hallways um you know jesse for getting the

lanyards and having to drive back a different county to go get them five minutes before the event starts right like that's the stuff that makes it fun and if you didn't know we are all fun if you didn't know we're all 100 volunteers here we're not getting paid here um other than they're supporting my monster habit today um and some donuts uh yesterday was national donut day so we got some good stale donuts today um other than that we're all 100 volunteers we've given our time to get this thing ready um so you know if you have problems with the platform you have problems within the speakers and stuff um you can be sad i

get it it sucks like we wish we were all in person so we could you know talk about it and fix it but we're just gonna do our best today um and that's all we can expect from anybody is just you know try to make things better every day you know just trying to improve the situation around us so um get into the talks today and engage with them in the q a a lot of the talks will have one of our moderators in there they're going to kind of do the introduction to the speaker and then they'll do the q a towards the end um and so any of your questions from the chat the moderators will be able to ask

them verbally they'll try to get to most of them but we only leave a couple of minutes to the end of each talk for actual q a so we apologize right if they if the talks will actually cut off we found out with the platform at the end of the schedule time so um you know speakers be cognizant of the time moderators will try to keep you on track with the time but ultimately the q a is really important but what's what's on their sides and what they plan on talking about is also important so if they go over or if they go to the end of their time it is what it is um find them on social

media ask them all your questions there i'm sure they'll they won't be minded if you just do a little linkedin opsec lookups on them and hunt them down um and if you don't know what i'm talking about there rich is giving a talk here at 9 30 all about that creepy stuff um if you got a recent connection request it was probably him um especially if it was from a celebrity but there's a lot of amazing talks today uh john stoner who's in the background here today is giving a crazy one on um you know i'm not even trying to say it because it's a pink song lyric but uh he's gonna start a cti fight i'm a

cti guys i'm really excited to hear that one he's gonna talk about all the different roles that make up a cyber threat intelligence team uh we have a bunch of community panels today talking about what it takes to run a b-sides right all the volunteering all the sponsoring all that craziness we've got a panel that's going to be certs first no certs hopefully everybody remains friends after that panel and there's no blood or tears i'm on the cert life because i'm in the sands masters program so i i believe in certs but you know they'll ultimately win because i said so um but we also have some career panels that i'm really excited about these

career panels we want to do a little differently than most panels you see we actually want to talk about what's the actual job look like there's so much confusion and what the heck a role is right is blue team red team purple team um so we just want to talk about the day to day right uh you know if you're in thread intel you should probably know excel and powerpoint that kind of a thing so i'm really excited of those one i get to host uh the cti panel and i get to talk to some of my really good friends from the community uh one of them recently got twitter verified katie nichols i'm just saying

and she's still going to show up to talk to me that's pretty awesome but i'm really excited for those i think the community panels all the talks are really cool but the opportunity to hear from people actually working in the community is really what makes b-sides i think stand out from all of the other events so in all of that this is my second monster already yep i am very very excited final comments from sophia and then we will break set up your agenda get into the talks get involved today yeah so um we have some great panels like uh and he mentioned um a really cool one is at the end i'm not sure if you guys

notice on the agenda we have a b-side society where we have most organizers of the local b-sides uh we've got besides dc of course nova and charm represent it we'll have some special guests heidi potter potter from uh shmoo is going to be here and uh our vasec is also going to be uh representing and they'll tell us a little bit about their plans uh for the future conference and and whatnot so that'll be a great um kind of panel um i want to give a chance to my team to talk i know i'm the only second monster was going but anyone wants to speak that love sure do so maybe we can we can talk about kind

of what we're looking forward to uh in the uh in the talk so i'm thinking offensive security that's kind of my my gig i want to see what what you know what differs from from my experience and how people got to where they are especially for a lot of people have been there for a while they don't take the traditional path because there was no traditional path and so typically you're coming from something unique and you have a cool story behind it what else you guys excited for it's a lot of talk today um i'm actually excited for rich's talk the offset one um but i did want to say so if you are reaching out for help

there's a circle button on the bottom of your screen um we've got the slack and some other channels like the chat um it's probably going to be me or christina um please be nice to us we are not actual tech support people we are just volunteers trying to help you guys navigate the platform um so we're not experts just be patient with us there may be a long line of people waiting so if we take a long time to get back to you it's because we're helping other people um so i just wanted to ask you guys to be nice to us and that's it well i think it's a really cool experience how i get

people i get to meet like kind of growing up into it i think it's really cool hopefully in the future you know like women keep on going i get to interact more on you know actually get into some of this stuff a lot better right now i'm just sitting here and observing i think it's a really cool experience to be um i get to walk around the daughter or something you know kind of check out the twitter you know link in bio but it's it's it's it's a really cool experience i'm really grateful to be part of it that's that's a good point we tried two years ago to have a kids con and like do it for

like uh young teenagers and teenagers um we've definitely had the some of the teenage groups show up for the ctf for noobs and stuff um if you're talk if you're watching us talk right now and you want to help us run a kids con next year um right get be a speaker do some hands-on stuff if you're you know playing with raspberry pies or whatever all the cool little texts we would love to absolutely love to have a kids track our tracks everything that we come up with workshops everything is all based off of volunteers volunteering to do it so if you think that's a cool idea and you've got something to contribute please reach out to us

we would love to love to love to have a kids track in person next year and we are going to be in person next year i don't care when hazmat suits fighting off t-rex we are gonna be in person next year and i did wanna say speaking of volunteers um obviously we have we have a big list of folks who normally help us put this on when we're in person and with the you know virtual platform we didn't necessarily need as many volunteers this year um so what we haven't forgotten about you the volunteers are really what makes this happen i mean we get together and we try to you know work our hardest to uh to

organize these sorts of things but it's really the volunteers that are that are on the ground level making it happen so um we haven't forgotten about you please please be interested in volunteering again for next year when we are in person and that's really if you've never volunteered before that is the best way to network in this community it's the best way to learn in this community to see behind the scenes that's really what got me into this i'm probably don't tell anybody i'm probably here more for the volunteering than i am for the talks um but uh yeah so consider it next year especially if you've never done it before i'm one of the ladies so

i am super excited to hear um all of the career talks like that was saying i want to hear all of the different journeys people had to take to get into this field so search versus no search i'm really really excited about but all of the career talks have got me here all right um i actually wanted to thank everyone who attended workshops yesterday i think everybody did a great job uh if you have a feedback please message us on slack or contact us via email we would like to hear what you think maybe what talks you and workshops you want to see next year or um if you want any repeats of the workshops we would like to hear from you

all right we're going to wrap it up because we are on a delay so we've got only a couple minutes left um we want to give everybody opportunity to go check out the breakout sessions area and kind of plan out their schedule for today again um you can bookmark them and it'll build out your schedule we're doing our best to keep all the talks rolling um you will be able to join the talk as a attendee at the minute that this thing is scheduled to start not a minute before it's just the way the platform works um speakers you are not logging in through there you are going to join your talk through the my sket

by speaker schedule and you'll be able to join a couple minutes early and be able to test your audio so please again if you have any problems use the chat with us if you're on the speaker or sponsor side and you're in the slack you can ping us there we will get to you faster there i promise um we want to make sure you guys are good to go for your talks but we are super super super excited and we cannot wait to see you next year thank you so much for being here kill that thing