Speakers at a Glance, Who's Your Hacker Con

David Kennedy – Keynote

Founder, CEO TrustedSec and Binary Defense

David is a cybersecurity authority whose mission is to drive the industry forward and make the world a more secure place. In addition to creating two large-scale cybersecurity firms, David has testified before Congress on issues of national security and has appeared as a subject matter expert on hundreds of national news and TV shows.

Prior to creating TrustedSec, David was a Chief Security Officer (CSO) for Diebold Incorporated, a Fortune 1000 company. As a forward thinker in the security field, David has had the privilege of speaking at some of the nation’s largest conferences, including Microsoft’s BlueHat, DEF CON, Black Hat, and DerbyCon, which he co-created in 2011 and expanded into DerbyCon Communities.

David is a regular contributor and subject matter expert on cybersecurity stories for Fox News, CNN, Bloomberg, BBC, and other high-profile media outlets. Further, his tools have been featured on a number of TV shows and movies, and he served as Technical Consultant for the critically acclaimed Mr. Robot TV show.

David served in the United States Marine Corps (USMC), focusing on cyber warfare and forensics analysis activities, including two tours to Iraq. David also served on the board of directors for (ISC)2, which is one of the largest security collectives and offers certifications such as the CISSP.

In an effort to advance the industry, David co-authored ‘Metasploit: The Penetration Testers Guide’ and co-founded the ‘Penetration Testing Execution Standard’ (PTES), which is the industry standard for penetration tests and has been adopted by the Payment Card Industry (PCI). David is the creator of several popular open-source tools, including ‘The Social-Engineer Toolkit’ (SET), PenTesters Framework (PTF), Artillery, and Fast-Track. In addition to focusing on research, David has released a number of security advisories, including zero-days.

David Kennedy’s passion for the information security industry is the reason TrustedSec was born. He wanted to build an organization that helps others in a profound way, serving as technical security experts and advisors to companies of all sizes and industries.

In addition to his formal achievements, David donates his time and wisdom by speaking with civic leaders and students about the importance of security. Bedford High School, David’s alma mater, named its Kennedy Center for Gaming and Leadership in his honor.

Liam Randal

With a career spanning 20 years, Liam Randall has worked at every level of the information systems pipeline- from building and operating large networks, developing and maintaining large 100M+ e-commerce solutions, to designing and implementing global network security monitoring sensor grids. A frequent speaker and trainer at security conferences Liam has trained 1000’s students on advanced incident response.

A serial entrepreneur, I most recently founded Critical Stack with the goal of automating security and compliance for secure container orchestration. Critical Stack was acquired by Capital One in 2016, where I currently serve as President of the Critical Stack division of Capital One.

Dave Marcus

Dave MarcusPrincipal Engineer, Advanced Programs Group’s Research and Intelligence Cell, McAfeeDave Marcus currently serves as director of research and intelligence for McAfee’s Advanced Programs Group. His responsibilities include advanced threat research, threat intelligence projects, open-source intelligence projects as well as running McAfee’s global intelligence practice.

As one of McAfee’s Principal Engineers, he is also a recognized technical leader and helps drive its technical direction and roadmap. In his spare time, he lifts heavy things and is a family man.

Stacey Banks

Stacey Banks is a Security Consultant who specializes in Government Regulatory Compliance (GRC) with over 20 years of experience in the field. She holds certifications that include but is not limited to CISSP, CRISC, CISA, CCO, CSM, PCI-QSA. She also holds degrees in BS Computer Science, MS Network Security, and an MBA.

Jeremy Druin

Jeremy Druin
Principal Security Architect
GISF, GSEC, GCIH-GOLD, GWAPT-GOLD, GPEN, GMOB, GXPN-GOLD, Sec+

Jeremy works as the Principal Security Architect for UPS where he created the application security, bug bounty and penetration testing programs. Jeremy is also the owner of Ellipsis Information Security where he provides security testing services and teaches secure application development and penetration testing courses.

As a Director of Education for the Kentucky ISSA chapter, Jeremy presents on various information security topics along with operating the “webpwnized” YouTube video channel. Additionally, Jeremy develops the open-source OWASP Mutillidae II training environment.

Jeremy has a Bachelor’s in Computer Science from Indiana University, a Graduate Certificate in Cybersecurity and Masters in Computer Science from the University of Louisville and is a GIAC-certified Web Application, Mobile and Network Security Penetration Tester.

Deral Heiland

Deral Heiland CISSP, serves as a Research Lead (IoT) for Rapid7. Deral has over 25 years of experience in the Information Technology field, and over the last 15+ years Deral’s career has focused on security research, security assessments, penetration testing, and consulting for corporations and government agencies.

Deral also has conducted security research on numerous technical subjects, releasing white papers, security advisories, and has presented the information at numerous national and international security conferences including Blackhat, Defcon, Shmoocon, DerbyCon, RSAC, Hack In Paris. Deral has been interviewed and quoted by several media outlets and publications including ABC World News Tonight, BBC, Consumer Reports, MIT Technical Review, SC Magazine, and The Register.

Charles Shirer (BSD Bandit)

Charles is a Senior Security Consultant for the Red Siege. In his spare time Charles does retro gaming and works on the SECBSD open source project which is a penetration testing distro based on the OpenBsd Operating System. He currently works as Staff at several Security Conferences, Podcast(GrumpyHackers)(IronGeek Cast) (Detections Podcast) and is a part of NovaHackers.(OSCP,OWSP).

Susan Sons

Susan E. Sons is a passionate and experienced Chief Information Security Officer and information security leader with experience ranging from tech startups to defense to academic science to private-sector research and development environments. She currently serves as Chief Security Analyst at IU’s Center for Applied Cybersecurity Research, Deputy Director of ResearchSOC, and a leader in the CI CoE Pilot. Susan is passionate about software and control systems security, building security programs and teams that enable research and development and advancing the practice of information security.

Susan’s professional interests include:

– Securing scientific research, other R&D, and life-critical technologies
– Turning around projects and organizations that need pervasive information security improvements
– The security and trustworthiness of internet infrastructure software
– Building better information security teams and organizations
– Getting to the heart of information security for a mission…not as a one-size-fits-all dictum

Dave Chronister

Dave Chronister – @bagomojo is co-founder and Managing Partner of Parameter Security, an ethical hacking firm. As a Certified Ethical Hacker and Certified Information Systems Security Professional, Chronister possesses deep security expertise in some of the most heavily regulated industries including financial services and healthcare. Specifically, Sarbanes Oxley (SOX), Gramm-Leach-Bliley Act (GLBA), Payment Card Industries (PCI), and the Health Insurance Portability and Accountability Act (HIPAA).

Cutting his teeth on technology at the age of 5, Chronister gained an instant attraction to the inner-workings of his computer. Before the age of 8, he wrote his first computer software program and by the time he was a teenager he ran one of St. Louis’ biggest networked bulletin board systems. It was at this time he experienced war dialing and first encountered the underground world of hacking.

During the course of his professional career, Chronister served as Architect for A.G Edwards’ electronic messaging system – the largest Exchange Server deployment at the time. At Cybersource, he was the technical liaison to the various credit card organizations, developing their payment card compliance standards. Additionally, working with numerous medical and dental practices, Chronister served as Technical Advisor helping these practices meet HIPAA compliance. Recently, he served as Chief Technology Officer for a $700 million dollar bank holding company for over 5 years prior to starting Parameter Security.

Chronister’s expertise has been featured on television’s CNN, Bloomberg TV, CNBC, Fox Business, ABC World News with Diane Sawyer, America Now with Leeza Gibbons, FOX 2 KTVI, KMOV Channel 4, KSDK News Channel 5 as well as several local radio stations. Also spotlighted in online and print publications such as FOX Business News, CNBC, CBS, Associated Press, CIO Magazine, Information Security Magazine, InfoWorld Magazine, Computerworld, Entrepreneur Magazine, Popular Science, American Banking Journal, BankNet 360, Bank News, Credit Union Tech Talk, The Kansas City Star, St. Louis Post-Dispatch, The Suburban Journal, St. Louis Business Journal, St. Louis Business Monthly and other publications. Plus, Chronister has written several articles for numerous industry publications. Chronister appears as a regular cybersecurity expert on Fox Business, CNBC, MSNBC, and CNN.