Conference talks and presentations I’ve given over the years.
Beyond Quick Cash: Rethinking Bug Bounties for Greater Impact
A look at how bug bounty programs can deliver outcomes beyond payouts: signal quality, coverage, and program health.
Talks
Enemy Within: Leveraging Purple Teams for Advanced Threat Detection & Prevention
Using purple teaming to close the gap between detection engineering and adversarial emulation.
(re)Building a Blue Team (Chapter 4): The Color Purple
Chapter 4 of the rebuilding-a-blue-team series: standing up a purple team alongside the blue.
Red + Blue = Purple
Presented at SANS Pentest Hackfest.
MOSE: Using Configuration Management for Evil
Post-exploitation tool that automates compromise of configuration-management servers (Chef, Puppet, Ansible, SaltStack). Presented at DEF CON 27, BSidesSF 2020, and BSides Boulder 2020.
Hack Yourself to Stop the Bad Guys
Presented at NLIT 2018.