CactusCon

CactusCon13
February 14-15, 2025
Mesa, AZ

The Spy Who Liked Me: Grooming and Recruiting Assets in the Age of Social Media

November 05, 2019  /  Jessica Solper

We've all seen really cool OSINT talks, folks can grab basically all the details of your life and lay it out for the world to see, but what's often missing from these talks is the why? So many times when speaking on this topic I hear people say "So what?" I don't care if people know my birthday, or my address...the threat isn't real. This talk draws on my experience at NATO Counterintelligence where we used similar training to help soldiers and families resist nation-state grooming and protect their families.

In this talk I'll walk you through creating a dossier on a random public person (don't worry obfuscated because duh), how I learned where his kids went to school, where his class reunion was, where his wife worked and how I would use that information to approach him to be an asset for foreign intelligence.

Next I'll walk through how seemingly trivial information shared in Facebook Groups, Meetups and other public forums helps to gain access to restricted areas, classified information and work against national interests.

Finally, we'll walk through some common sense precautions you can take to avoid these types of attacks and protect your identity online.

Tracie Martin

Tracie Martin is a Staff Technical Program Manager at Twitter. Her previous roles included working on Android Security for Google and running the Information Security section of Allied Command Counterintelligence (NATO) and incident response for Microsoft Security Response Center.

categories / 2019-talks
tags / Tracie Martin

Exploiting IAM in GCP

November 05, 2019  /  Jessica Solper

In this talk, we will take a closer look at the Google Cloud Platform (GCP) IAM model. You’ll be introduced to the relevant concepts to understand the different types of identities, IAM permissions, and scopes. Did you know that the default IAM policy for the compute engine service account includes the ability to impersonate other service accounts, among other things?

Most importantly, we’ll learn how to leverage certain configurations of the service account to escalate privileges from a virtual machine. I will show a demo where I use a shell on a virtual machine to tear down another security control to allow data exfiltration out of the environment. By the end of the talk, you’ll understand how to impersonate service accounts, conduct recon, and escalate your privileges from a virtual machine. You’ll also get some ideas on how to mitigate against these attacks.

Colin Estep

Colin Estep is currently a threat researcher at Netskope focused on AWS and GCP. He researches the challenges with securing AWS and GCP, informing product direction for Netskope's IaaS product. Colin was previously the CSO at Sift Security (acquired by Netskope), where he built cloud-native intrusion detection for AWS and GCP. He was a senior engineer on the security teams at Netflix and Apple before joining Sift. Colin was also a FBI Agent specializing in Cyber crime, where he spent a fair amount of time coordinating with other countries to locate and arrest malware authors and botnet operators.

categories / 2019-talks
tags / Colin Estep

Return to the Hundred Acre Woods, what I've learnt in 3 years, or, 3 Eeyore 5 You

November 04, 2019  /  Jessica Solper

In 2016 I gave a talk about how everything in appsec was broken and there was no hope for the future. In the intervening years, I have worked in adversary simulation, formal & program analysis, as well as even more threat modeling. This talk is an answer to the problems I presented in 2016, as well why everything is still broken.

Lojikil

Lojikil is a principal security consultant at a boutique security firm. He works in threat modeling, vCISO services, program analysis with symbolic execution/abstract interpretation, and technical assessments.

categories / 2019-talks
tags / Lojikil

Cryptography Pitfalls

November 03, 2019  /  Jessica Solper

We often do a poor job of implementing cryptography and other security measures in our systems. Often the primitives used are out of date and overlook very subtle flaws. These mistakes lead to systems that are hopelessly insecure despite our perception that we’ve built an impenetrable fortress. Fortunately, there are a few tools and techniques at our disposal that can ease some of the pain. In this talk, we’ll explore some of the most common pitfalls developers encounter with cryptography and restore some of our sanity.

John Downey

John Downey is the Head of Business Unit Information Security for PayPal. He joined PayPal as part of their acquisition of Braintree. Before working on security at Braintree, he worked on their highly available infrastructure and integrations into the banking system. In his free time, he contributes to open-source projects and mentors high school students in the FIRST Robotics Competition.

categories / 2019-talks
tags / John Downey

Attacking and Defending Kubernetes Clusters: A Guided Tour

November 03, 2019  /  Jessica Solper

Is your Kubernetes cluster able to resist the most common attacks? And, are all the necessary detection mechanisms in place to know if a security issue did occur?

In this hands-on workshop, we will dive into the art and science of Kubernetes security through a series of interactive attack and defense scenarios. Attendees will learn through instructor-led exercises how to identify and exploit realistic misconfigurations in Kubernetes clusters to achieve full cluster compromise. Each attack step will be matched with hardening measures and specific methods for detection and response workflows.

Each workshop attendee will be provided with a pre-configured Kubernetes cluster running realistic workloads in a cloud-based lab environment. The tools and methodologies covered by these exercises will directly help attendees secure their own organization's clusters.

Jimmy Mesta

Jimmy is a security leader that has been working in AppSec and Infrastructure Security for over 10 years. He founded and led the OWASP Santa Barbara chapter and co-organized the AppSec California security conference. Jimmy has taught at private corporate events and security conferences worldwide including AppSec USA, LocoMocoSec, SecAppDev, RSA, and B-Sides. He has spent significant time on both the offense and defense side of the industry and is constantly working towards building modern, developer-friendly security solutions.

categories / 2019-workshops
tags / Jimmy Mesta

Extract and Visualize Data from URLs using Unfurl

November 03, 2019  /  Jessica Solper

Unfurl takes a URL and expands (“unfurls”) it into a directed graph, extracting every bit of information from the URL and exposing the obscured. It does this by breaking up a URL up into components, extracting as much information as it can from each piece, and presenting it all visually. This “show your work” approach (along with embedded references and documentation) makes the analysis transparent to the user and helps them learn about (and discover) semantic and syntactical URL structures.

Unfurl has parsers for URLs from popular search engines, mail services, and chat applications. It also has more generic parsers (timestamps, UUIDs, base64, etc) helpful for exploring new URLs or reverse engineering. It’s also easy to build new parsers, since Unfurl is open source (Python 3) and has an extensible plugin system.

No matter if you extracted a URL from a memory image, carved it from slack space, or pulled it from a browser’s history file, Unfurl can help you get the most out of it.

Ryan Benson

Ryan Benson works at Google doing DFIR and open source tool development. He has previously held DFIR roles at Exabeam, Stroz Friedberg, and Mandiant. He has experience investigating insider threats, responding to intrusions, and performing digital forensics in support of legal proceedings. He is the author of Hindsight, an open source web browser forensics tool, and researches and blogs about DFIR topics with an emphasis on browser forensics.

categories / 2019-talks
tags / Ryan Benson

Security Operations with PowerShell Core

November 03, 2019  /  Jessica Solper

Following along with the spirit of powershelling all of the things, open-source PowerShell and PScore 7+ supported all OS platforms; it is time to learn multi-platform PowerShell security operations. Stopping there? No way! With information coming from every source imaginable, you need a way to collect and analyze that information. Which is a perfect job for everyone's favorite open source database/interface solution, the Elastic Stack. Powershell is either already in place or allowed by default in many restricted environments and makes and makes for a ubiquitous living on the land binary for defensive cyber operators.

Whether performing continuous monitoring, intermittent threat hunting, or incident response, having access to the devices and resources available in your respective enterprise is a success condition. In this workshop, you learn how to install PowerShell cor 7 (current release) on Windows, Linux, and macOS devices through different local and remote install options. Next, you learn to leverage winRM for windows and ssh remoting for nix/osx devices to create power shell remote connections to each device. With PowerShell remote sessions established to every device, everything is pretty familiar. Pull net connections, query running process, and several other available queries useful for identifying malicious activity and pull that back to your centralized “security operations” endpoint. If you don't have the flexibility to create an elasticsearch service in your environment, don't sweat it. Aggregating, analyzing, and reporting interesting findings with nothing more than PowerShell is the perfect tool for your toolbelt. But, for when the opportunity arises, you will learn to quickly spin up a cloud instance, convert your freshly procured security opeartions data into json, ingest ,and analyze in kibana with ease and dashboard creating swag over 9000.

  • Setting Up your PowerShell Environment 15 min

  • Powershell Network Discover and Enumeration 20 min

  • Deploying PowerShell core 7 on dissimilar OS's 15 min

  • Creating Powershell Remoting Sessions with Winrm and SSH 20 min

  • Running OS information queries across your Environment 20 min

  • Collecting and Analyzing Information with PowerShell 10 min

  • Analyzing Powershell Collected Information with the Elastic Stack 20 min

Pre-Requirements: Create an elasticsearch cloud trial account, have 1 of each a Linux OS and 1 Windows OS, VM, or hard box prepared. If you also are virtualizing these on a Mac, then that is helpful, but we will have a Mac device for you to connect to if you like (be nice).

Aaron Rosenmund and Brandon DeVault

Aaron M. Rosenmund is a cyber security operations and incident response subject matter expert, with a background in federal and business system administration, virtualization and automation. Leveraging administration and automation experience, Aaron has contributed to multiple open and closed source security operation platform projects and continues to create tools and content to benefit the community, his efforts as an educator/researcher at Pluralsight, and advance the capabilities of the Air National Guard where he serves part time on a Cyber Mission Defense Team. Understanding the need for the cyber security workforce to be dynamically learning to keep pace with the ever changing cyber threat landscape, he has dedicated himself to researching,
teaching and sharing experiences and capabilities with the community to fill the knowledge gap that currently exists.

Brandon DeVault is a security analyst, incident responder, and educator. Background in network administration and hardware hacking. Previous experience with Special Operations Command (SOCOM) on deployable communication teams. Part-time member of the Air National Guard on a Mission Defense Team (SOC) defending North America’s air tracks. Currently working as an Engineer for Elastic performing security consulting and education.

categories / 2019-workshops
tags / Aaron Rosenmund, Brandon DeVault

APT33: A Case Study on Current Geopolitical Tensions and Cyber Espionage

November 03, 2019  /  Jessica Solper

As political tensions between the United States and Iran continued to rise over the course of 2019, the Iranian-based threat actor, known as APT33, became more active. Increasing geopolitical tensions resulted in backlashes against the private sector as a method to disable, disrupt, and destabilize governments. Throughout Mandiant’s investigation, we observed ties between U.S. sanctions, military operations, and cyber activity. APT33’s tradecraft included trojanized executables, Run keys, scheduled tasks, services, and Windows Management Instrumentation (WMI). Evidence showed that APT33 strategically harvested credentials from thousands of systems, performed data staging, and remained undetected for years.

APT33 has shown specific interest in aerospace & defense, energy & utilities, and oil & gas industries. We believe that Iranian-based threat actors, such as APT33 will continue to become more prolific as political tensions with Iran continue to rise. Raising industry awareness of this attacker’s methodology is critical to protect companies from this threat.

This presentation will recount Mandiant’s investigation from the perspective of the incident responders and will detail how it scoped, contained, and eradicated APT33 from the environment. Attendees of this presentation will come away with a deep technical understanding of the persistence, lateral movement, and data staging techniques used by APT33.

Daniel Chun and Steve Rasch

Daniel Chun is a Senior Incident Response Consultant in Mandiant’s Phoenix office. As a part of the Incident Response team, Mr. Chun provides emergency services to clients when a security breach occurs.

Prior to joining Mandiant, Mr. Chun spent time as a consultant where he helped build security programs, conducted investigations, and delivered training. He has been involved in malware analysis, payment card forensic investigations (PFI), and security operations development in various industries; including healthcare, industrial, financial, aerospace, and hospitality.

Steve Rasch is a Principal Incident Response Consultant in Mandiant’s Phoenix office.  As part of the Incident Response Team, Mr. Rasch focuses on incident response, compromise assessments, and computer forensics.

Prior to joining Mandiant, Mr. Rasch was a Senior Information Security Engineer for General Dynamics Missions Systems for over 4 years.  During this time, Mr. Rasch’s primarily served as an incident response lead and computer forensics analyst.

categories / 2019-talks
tags / Daniel Chun, Steve Rasch

The Impact and Standards of Data Protection Regulations

November 03, 2019  /  Jessica Solper

With breaches becoming "when" statements and not "if", the focus on Data Protection Regulations and their impact on business/people gained momentum. This discussion will focus on the Data Protection Standards established in the early 2000s and how they have evolved since that time. The EU GDPR and California CCPA Regulations will be used as examples of a trend towards making data privacy law and what that means for the businesses and people who use the technologies/data impacted.

Samantha K.

Samantha K. is certified in the General Data Protection Regulation (GDPR) established by the EU May 25th, 2018. She currently works as a Governance/Risk/Compliance IT Security Analyst for an Educational Services Corporation. She is familiar with SOX Audit practices, Arizona State Data Protection Regulation HB 2154 along with infrastructure policies/practices on an Enterprise level. She worked from the ground up in IT Services and is constantly on the hunt for new and impending Data Protection Laws/Regulations.

categories / 2019-talks
tags / Samantha K.

Paying for Risk: How to Stay Objective in a Subjective World

November 03, 2019  /  Jessica Solper

As Bug Bounty programs continue to mature and evolve, we're faced with a problem: How do we incentivize the right things, and how do we ensure that our incentives are fair and consistent? PayPal's program has had many iterations, and in this talk we'll go behind the scenes to see how we determine what award to set.

Pax Whitmore

Pax started working on PayPal's Bug Bounty program in 2016. Prior to this role, he was a penetration tester for the US Courts and a security engineer for a major registrar and hosting provider. Before starting his IT career a decade ago, he was a photographer and film reviewer. He will argue about CVSS and movies with equal delight.

categories / 2019-talks
tags / Pax Whitmore

Tunneling to Freedom

November 03, 2019  /  Jessica Solper

If you've been in security for a while, you've probably heard about using tunnels to pivot segmented networks and exfiltrate data, but do you know the details or techniques currently in use? Do you know how to identify holes in your firewalls and understand the protocols that may allow an attacker or insider threat to bypass your proxies and transfer data out of your environment? Would you know how to detect it? "Tunneling to Freedom" takes you through the process of understanding tunnels and identifying the holes in your firewalls and security controls. Together we will explore ICMP tunneling, practical DNS tunneling, advanced SSH tunneling techniques and finally identifying protocols that could allow for data egress. Grab a shovel and a hard hat and come see how far this rabbit hole goes.

John Freimuth

John Freimuth - A security professional in the valley since 2012, currently performing penetration testing with a health care company in the valley. His previous CactusCon talks include: "Return of the Dork", "Wrangling Malware for Fun and Pentesting", and "Weaponizing your Pi".

categories / 2019-talks
tags / John Freimuth

Automated Dylib Hijacking

November 03, 2019  /  Jessica Solper

Applications on macOS use a common and flawed method of loading dynamic libraries (dylib), which leaves them vulnerable to a post-exploitation technique known as dylib hijacking. Dylib hijacking is a technique used to exploit this flawed loading method in order to achieve privilege escalation, persistence, or the ability to run arbitrary code. This talk provides an overview of the attack vector and the process involved in exploiting vulnerable applications. Additionally, the process of automating the exploitation of vulnerable applications will be demonstrated and discussed in depth.

Jimi Sebree

Jimi Sebree is a senior security research engineer on Tenable’s Zero Day Research team. With a strong background in software engineering and security, he bounces between research disciplines in an effort to appear knowledgeable about a variety of topics. Occasionally he succeeds in tricking someone into listening to his ramblings.

categories / 2019-talks
tags / Jimi Sebree

Signed, Sealed, Compromised: The Past, Present, and Future of Supply Chain Attacks

November 03, 2019  /  Jessica Solper

The first rule of defending networks is that a determined adversary will not be denied. This has been proven time and time again, with each high profile compromise there is a new and clever way that an advanced adversary penetrated an enterprise of interest. Whether it be through the use of 0-days, social engineering, or kompromat adversaries are going to do whatever it takes to achieve their mission objectives - whatever those might be. As organizations have gotten better at defending their networks, adversaries have recognized that in many cases it is quicker, cheaper, and easier not to target the organization directly, but to compromise a third party with a trusted relationship with the actual organization they are attempting to compromise. Enter supply chain attacks.

This talk will discuss one of the techniques we are seeing an increase in frequency supply chain attacks. Supply chain attacks are a broad topic, but one that has continued to evolve and mature over the last decade. We will walk through what a supply chain attack constitutes, the history of how these attacks have evolved, and finally where we see this attack technique moving in the future.

Nick Biasini and Edmund Brumaghin

Nick Biasini’s interest in computers and technology started at a young age when he tore apart his parents brand new 486SX PC. Ever since he has been tinkering with computers in one way or another. Nick got his start in security helping protect the National Air Space and has been working in security in one role or another ever since. In his time with Talos, Nick has been responsible for exposing new details to major threats, with a focus on crimeware. This includes exposing the Angler exploit kit, identifying new techniques like Domain Shadowing, helping to stop a large scale exploit kit campaigns, and revealing clever spam campaigns delivering malware. Nick has a master’s degree in digital forensics from the University of Central Florida and has worked for government and private sector environments in his career.

Edmund Brumaghin is a threat researcher with Cisco Talos. He has spent the past several years protecting environments across a number of different industries including nuclear energy, financial services, etc. He currently spends his days hunting malware and analyzing various threats as they emerge and continue to evolve. In his time with Talos he has researched ransomware and other threats being distributed using various attack vectors. He has also worked to expose large scale malware campaigns and raise awareness of security threats observed across the threat landscape.

categories / 2019-talks
tags / Nick Biasini, Edmund Brumaghin

Designing Secure Implants

November 03, 2019  /  Jessica Solper

Security tools often have very poor security, this talk will cover our attempts at creating a reasonably secure implant framework. This talk will cover the motivations, reasoning, design, and tricks of building secure custom implants and covert C2 channels.

Sliver is an open source general purpose cross-platform implant framework that supports C2 over Mutual-TLS, HTTP(S), and DNS. Sliver uses an embedded version of the Go compiler to dynamically generate implant binaries with per-binary X.509 certificates, per-binary obfuscation, and per-binary DNS canaries (unique domain strings that are deliberately not obfuscated and the server trigger alert if it's ever resolved, indicating the implant has been discovered). Other features include in-band TCP tunnels (e.g. TCP over DNS), procedurally generated HTTP C2 messages, automated Let's Encrypt integration, and more.

Sliver supports Windows-specific post-exploit features such as: user token manipulation in-memory .NET assembly execution, process migration, and privilege escalation features.

The Sliver GUI features a reasonably secure Electron design, leveraging sandboxed webviews, custom protocol handlers, context isolation, content-security-policy, and sandbox-to-native-IPC communication.

moloch and ronan

I like computers

Associate at Bishop Fox

categories / 2019-talks
tags / moloch, ronan

Bug Hunting with Structural Code Search

November 03, 2019  /  Jessica Solper

Searching through source code is key to vulnerability hunting and performing code audits. Regular expression search (e.g., grep) remains the fastest and most accessible way to quickly search for buggy code patterns. But writing or understanding regular expressions is still hard. For example, this pattern was used to find an integer overflow in the libssh2 library (circa 2013): "ALLOC[A-Z0-9_]*\s*\([^,]*,[^;]*[*+-][^>][^;]*\)\s*;". Although useful, what it does is not obvious. Besides being difficult to read, regular expressions like these are rudimentary: they cannot generally match nested expressions (like code blocks) and can easily lead to noisy or spurious matches. If you are interested in a new way for matching code, its applications for bug hunting, and related static analysis techniques, then this talk is for you.

This talk presents a new technique and tooling to match code in a way that is simpler and more powerful than regular expressions. Patterns are expressed as declarative syntax templates where the key ideas are that (1) patterns match code structurally (e.g., they can match content inside balanced braces or parentheses, which can nest arbitrarily) and (2) patterns understand the difference between code, data (such as strings), and comments on a per-language basis. While more sophisticated, many existing static analyzers and frameworks require users to program custom checks in order to reason over these code properties (i.e., by accessing the abstract syntax tree), leading to increased effort. I will discuss some of these design tradeoffs, and explain and demo how using declarative templates for bug hunting can take less effort compared to existing approaches (e.g., for finding suspicious code like arrays being written into inside a loop, or unchecked function return values).

In this talk you will learn about a new declarative way to search over richer code structures and see practical examples for bug hunting. You will learn about a new open source tool, comby, that implements these ideas and can complement your toolkit for code auditing tasks. You will also walk away with a high-level understanding of tradeoffs and effectiveness in the design of static analysis tools in the context of this work.

Rijnard van Tonder (@rvtond)

Rijnard holds a PhD in Computer Science from Carnegie Mellon University, where his research focused on automated bug finding and bug fixing. He is currently a software engineer at Sourcegraph, where he works on large scale code search, analysis, and modification. Previously, Rijnard worked on improving analysis reasoning and performance of state-of-the-art static analyzers at Facebook (e.g., Pyre for Python). He continues to have a research interest in the overlap of automated program repair, program analysis, and program transformation, with an emphasis on bringing new advances in these areas to practice.

categories / 2019-talks
tags / Rijnard van Tonder

One If By Land, Two If By Uber - Lessons Learned From the Worst Physical Assessment Ever

November 03, 2019  /  Jessica Solper

No car, no contacts, no problem - this 20-minute talk is meant to entertain and discuss the flexibility and perception skills that are a requirement for a professional penetration tester. While relaying several anecdotes about the worst physical penetration assessment ever performed, this talk will provide a high-level discussion on applied improvisation and how it relates to security assessments. Timing permitting, it will also go into ways for the audience to sharpen that skillset.

Witch

A Security Consultant and penetration tester for a private firm, Meag is also known as Witch_Sec on Slack and Twitter.

categories / 2019-talks
tags / Witch

Hacking Your Anxiety

November 03, 2019  /  Jessica Solper

Anxiety/Stress is known to cause people to leave our field. Burnout is one of the most common problems as to why leadership/senior employees choose to move on to something else. I have wanted to put a collection of my experiences and feelings together for a long time in the hope that it could help people just coming into the business so they make better decisions than what I have during incidents/time of employment. If we can get even one person to seek out help, or utilize some of the suggestions during high stress periods in their life, we can say that we have successfully improved the stability of our field, even if it's just by a little bit.

Destruct_Icon

I am Jason Azzarella and I work with Bechtel as part of the CIRT (Computer Incident Response Team). I have been part of this family for over seven years and have worked in the security field for a little over eight. Security has been more than a job for me. It has been an escape from the scary world we live in.

categories / 2019-talks
tags / Destruct_Icon

Owning a Security Camera

November 03, 2019  /  Jessica Solper

I will be attacking the merit lilin security camera suite. This includes the NVR and a dozen cameras. This is not your typical amazon special, its much more complex. I will be covering how to extract binaries from the firmware, how to use Ghidra / Ida / binutils to find vulnerabilities, and then cover found vulnerabilities of the stack smashing variety as well as other found vulnerabilities such as exposed keys, weak passwords, web vulnerabilities and the like.

Joe Giron

Local hacker / 2600 organizer / smuggler of spice.
Find out more of his exploits on his website https://gironsec.com

categories / 2019-talks
tags / Joe Giron

Overcoming the 3 Common Failures Within Vulnerability Management Programs

November 03, 2019  /  Jessica Solper

Over my many years of security consulting with organizations, I've always had a love for helping to create effective vulnerability management programs. The reality within both Fortune 100 and SMB organizations is that vulnerability management programs often struggle (and sometimes fail) within three common areas. My presentation will focus around how I've found success in addressing these program failures. I'm planning to include a lot of stories based on my experiences along with a few stories I've heard from other industry experts. My goal is to provide guidance and an approach so that members of the audience will be able to help build effective vulnerability management programs of their own.

Andy Jordan

Andy Jordan (CISSP, CISM, MCSA, MCP, Security+, Network+, ITIL v3, LeanIT) has built and managed multiple security programs for numerous large and small organizations throughout his 12-year career. He uses lean and agile methodologies to create demonstrable value within complex infrastructure and security programs. He is an active figure in the information security community, having presented at several venues as well as contributing to SC Magazine.

categories / 2019-talks
tags / Andy Jordan

Exploiting Bluetooth Low Energy 101

November 03, 2019  /  Jessica Solper

Bluetooth, especially Bluetooth Low Energy (BLE), has become the ubiquitous backbone that modern devices use to interact with each other. From mobile, to IoT, to Auto, most smart devices now support Bluetooth connections, meaning that the attack vector is becoming an increasingly important aspect of security testing. This class will breakdown various phases of Bluetooth “hacking” with an emphasis on sniffing BLE connections, spoofing devices, and exploiting GATT services. We will cover some history behind Bluetooth and the evolution of the protocol stack, the tools and setup required to start testing BLE in your home or as part of a Bluetooth Pentest, and demonstrate that all you need to start test BLE is a Android or iOS device.

Maxine Filcher

Maxine is a US Army Veteran, currently attending the University of Washington – Tacoma as a Senior pursuing a degree in Information Assurance and Cybersecurity. She has experience as a Security Analyst hunting wireless threats and vulnerabilities, and currently works for IOActive as a Security Consultant applying her knowledge to help companies identify wireless risks within their environments. She has also served as a Teaching assistant for the UWT CPES program, which builds and delivers cybersecurity focused curricula for K-12 students, where she focused on wireless security and RF concepts. Maxine was selected for the SANS Women’s Immersion Academy 2018 Cohort and holds the GSEC, GCIH, and GPEN GIAC certifications.

categories / 2019-workshops
tags / Maxine Filcher