Hunting Your First C2

In Hunting Your First C2, attendees who are beginning their cyber journeys will learn how to tap open source intelligence tools including Shodan, Greynoise, Censys, BinaryEdge, VirusTotal, and others to track down fresh malware C2 indicators and servers. Once unique and interesting indicators are found, attendees will learn how to potentially pivot on this information and translate it into actionable threat hunting logic to defend an organization.

Gremlin Hunting with SIGMA Rules

SIGMA rules are an agnostic, text-based, open signature format written in YAML for creating threat detections, developed and open-sourced in 2017 by Florian Roth and Thomas Patzke. The project was conceived to address the challenges facing analysts when sharing and translating rule logic across the various SIEMs and EDRs tools. I will share with you how I implemented the gift of SIGMAs in our hunting workflow to assist with sniffing out gremlins hiding in the network. I will walk through the SIGMA creation process, sharing tips on how to tackle some of the challenges you might run into in real life when working with SIGMA. Hopefully my story can prove helpful for you, whether you are looking for ways to mature and streamline your hunting programs or just getting started playing around with Sigma.

BSides Las Vegas 2025

Taking ChatGPT Hunting

While many vendors are pushing generative AI tool sets into their solutions, the use cases so far often end at simple generalizations and summary outputs. "Taking ChatGPT Hunting" focuses on how LLAMA and ChatGPT style solutions can enhance threat hunting efforts based on real world testing with multiple security technology stacks. Participants will learn how generative AI tools can be leveraged to assist in detection engineering workflows with SIGMA and YARA rule creation, as well as the current capabilities and limitations in common threat hunting use cases. This talk will briefly cover multiple parts including...

-An overview of generative AI tools with a focus on LLAMA style solutions for local deployment.
-Enhancing threat hunting operations including how generative AI can assist in different threat scenarios and detection rule creation.
-Creating YARA rules with generative AI.
-Creating SIGMA rules with generative AI.
-The current boundaries of generative AI capabilities in and common pitfalls found when attempting to use these tools for SIGMA rules, YARA rules, and threat hunting.

The session will allow open questions throughout to ensure attendees are able to get the information they need to make informed decisions about the potential usages for their operations. Attendees will take away a general understanding of the use cases for generative AI in detection engineering and threat hunting, and will hopefully empower analysts to safely adopt these technologies into their threat hunting workflows.

BSides Tampa 2025

From Help Desk to CISO

BSides Las Vegas
Hire Ground

This talk explores cyber career pathways and draws from the personal journey of Nicholas Carroll, who started his career in entry level IT and ascended to the role of a CISO. We will delve into the challenges and opportunities that shape these kinds of career progressions, providing a roadmap for those starting in entry-level IT roles and aspiring to advanced cybersecurity positions. The talk will highlight the importance of continuous learning, certifications, and hands-on experience in climbing the career ladder. We will also discuss tools to help guide career steps including the Cyber Career Pathways Tool, a resource that helps individuals understand the tasks, knowledge, and skills needed to advance in their cyber careers. Attendees will gain valuable insights into transitioning from roles like IT Helpdesk to more specialized cybersecurity roles, and ultimately to leadership positions like CISO. The talk will conclude with practical recommendations for those looking to move up in their careers, emphasizing the importance of mentorship, networking, and staying abreast of the latest trends in cybersecurity.

BSides Las Vegas 2025