Ken Smith
Director of Offensive Security Learning & Development at Praetorian
Cleveland, Ohio, United States
Actions
Ken Smith is the Director of Sales Engineering – Enterprise (Ohio Valley) at Arctic Wolf. With over fifteen years of experience in offensive security, Ken has held leadership roles across both consulting and industry sectors. He also brings a strong background in education, having spent a decade teaching information security at the University of Mount Union. A Cleveland native and former U.S. Army Signals Intelligence Operator with the 5th Special Forces Group (Airborne), Ken blends deep technical expertise with a passion for mentorship and community engagement and is currently on the boards of BSidesCLE, Burning River Cyber Con, and the eCenter@LindenPointe.
Area of Expertise
Topics
Physical Penetration Testing in 2025
The physical penetration testing landscape has shifted significantly over the last five years. COVID and other industry-specific events have changed expectations and delivery, in most cases, for the worse. Safety concerns, emerging threats, and a lack of standards and practices all further complicate this niche area of information security.
In this talk, we will discuss the current state of physical penetration testing and how we can do better both as potential clients and as consultants delivering this work while avoiding the chaos and mistakes of the past.
Mind Games - Exploiting and Defending GenAI Applications
As organizations eagerly adopt generative AI capabilities into their applications, new attack surfaces and vulnerabilities are emerging that traditional app security approaches fail to address. In this presentation, we will examine the unique security challenges posed by Large Language Model (LLM) applications through the lens of the 2025 OWASP Top 10 for LLMs. Through live demonstrations and practical examples, we'll explore critical vulnerabilities including prompt injection, sensitive information disclosure, and system prompt leakage. Attendees will learn how attackers can manipulate LLMs to bypass security controls, access unauthorized information, and exploit excessive agency in GenAI applications. The session will also provide mitigation strategies for developers and security professionals working in this space. Whether you're developing GenAI applications or securing them, this presentation offers essential insights into this rapidly expanding area of application security.
Building and Delivering Effective Security Training
Modern technical security training requires a careful blend of technology, puzzle-solving, and mindset. However, the process of building effective labs and exercises is often complicated by licensing restrictions, constantly evolving software, and significant time investments. At the same time, professional certifications continue to demand increasing time and financial commitments.
With 15 years of experience teaching offensive security at both the university and corporate levels, Ken will share practical tools, techniques, and successful lab builds that have helped train the next generation of pentesters. This talk will also spark a conversation about the current landscape of security certifications and what it means for aspiring professionals.
Behind the Training Curtain: From Zero to Con
Behind many big conference trainings are facilitators who help technical experts navigate the path from concept to conference acceptance. This talk shares the approach our team used to develop training courses on CI/CD pipeline attack paths and IoT pentesting that were accepted at these prestigious security venues.
I'll outline our collaborative content development process: organizing brainstorming sessions, structuring whiteboarding exercises, developing outlines, and creating presentation materials. You'll hear practical insights on supporting technical experts who have deep knowledge but may have limited teaching experience, and considerations for tailoring submissions to each con.
This talk is for anyone interested in helping technical teams share their knowledge through conference trainings.
Michigan Technology Conference 2025 Sessionize Event
Simply Cyber Con '24 Sessionize Event
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top