One of the things I love about working at Rapid7 is how deeply this company embodies the concept of giving back to the Security Community. Whether it be discussing research on adversary analytics, attack methods for breaking out of sandboxes, or simply breaking into the industry - Rapid7 encourages its employees to actively participate in community events, both large and small. As a proponent of engaging with the Security Community, I'm very excited that my fellow employees continue to embrace giving back to the community through volunteerism, as well as presenting on interesting topics at this year's BSides Boston on April 15th.
As many are readily aware, Rapid7 is home to numerous passionate security professionals, several of whom give back personally – going well beyond all of their professional work. This year will be Patrick Laverty's third year as a member of the BSides Boston organizing committee, in addition to his other organizing roles including both the OWASP Rhode Island chapter, and the DefCon 401 (DC401) group in Providence. It has been a great pleasure working on the organizing committee this year with Patrick.
At this year's conference Patrick and I will be joined by several Rapid7 presenters who were fortunate enough to be selected to speak at the conference, including Bob Rudis, Kirk Hayes, and Justin Pagano.
Bob Rudis (@hrbmstr) will be giving a presentation titled Heisenberg Cloud: At-Scale Cross-Cloud Adversary Analytics. Bob will be talking about the research conducted from Rapid7's Heisenberg honeypot program. He'll also be showing specific attack and connection profiles for the Mirai botnet. It will be a deep dive into the frequency and flavor of attacks across every region in six major cloud providers.
Kirk Hayes (@l0gan) is fresh off giving presentations at DerbyCon and BlackHat regarding his “MyBFF” tool, and now in Boston he'll talk about methods he uses to break out of sandboxed environments. We may feel as though having the sandbox is keeping our users secure, but Kirk shows that it may just be a false sense of security. Find out how in Escaping Alcatraz: Breaking out of Application Sandboxed Environments.
Justin Pagano (@jp4gs) will be speaking on the “Breaking Into InfoSec” panel. As the Security Operations and Engineering Manager at Rapid7, Justin will be sharing tips, suggestions, and ideas on how to start your career in Information Security – whether you're changing careers, or just starting out.
In addition to moderating the “Breaking into InfoSec” panel, I have taken up the role of Volunteer Coordinator and Student Advocate on this year's BSides Boston Organizing Committee. This will be my second year as a volunteer at the conference, and I look forward to sharing my passion for helping others learn about information security in person. I'm fortunate to work for a company that encourages me to contribute to the community - they have been especially supportive of my recent work, the InfoSec Mentors Project.
Security BSides is an international, non-profit organization that hosts security conferences all around the world. The focus of BSides is to be a low-cost way to get people in the security community talking to each other and sharing what they know. This year's BSides Boston conference will have four tracks, and is recording many of the presentations – so if you can't make it on April 15th, you can check out the content at a later date!
Rapid7 is a proud sponsor of BSides Boston and several other Security BSides events.