Steven Legg

Antigen Security

Steven Legg has over 19 years of experience in the Information Technology and Information Security fields, and spent the last eight years focusing on governance, risk, and compliance within security programs while most recently building a strategic services practice for a Managed Detection & Response firm.

Steven has developed programs that specifically address security maturity, architecture, and risk in addition to other domains such as Incident Response. His Virtual CISO duties led him to work with regulatory organizations including the SEC, NERC, OEB, and more.

Steven unleashes his passion for the security community by leading a local security group (#misec), organizing B-Sides & Converge Detroit, and mentoring local folks in the industry.

Steven has held over 26 industry certifications over his career, but focuses on new challenges to grow and strengthen the organization.

Talk

Tales from the [De]crypt Keeper: Lessons Learned from 5 Ransomware Cases

Other Speakers

Allan Liska

Recorded Future

Allan “Ransomware Sommelier” Liska, Senior Security Architect and Ransomware Specialist, Recorded Future With more than 20 years of experience in ransomware and information security, Allan Liska has improved countless organizations’ security posture using more effective intelligence. Liska provides ransomware-related counsel and key recommendations to major global corporations and government agencies, sitting on national ransomware task...

Ryan Chapman

Blackberry

Ryan Chapman is an incident response consultant, malware analyst, and trainer. He is a Principal IR Consultant for BlackBerry, the author of the new SANS course FOR528: Ransomware for Incident Responders, an organizer for CactusCon, and a Pluralsight author. Ryan strives to imbue comedy into his trainings and loves being able to teach others while...

Brian Carrier

Cyber Triage

As CTO at BasisTech, Brian Carrier leads the Cyber Triage digital forensics team, which builds software for incident response, digital forensics, and custom mission needs. He is the author of the book, File System Forensic Analysis—used as a textbook in many college-level forensics classes—and developer of several open-source digital forensics analysis tools, including The Sleuth...

Harlan Carvey

Huntress

4Senior-level cyber security advisor and researcher, poised at the intersection of digital forensics and incident response, threat hunting, and threat intel. Prolific published author (9 titles), wrote the first book of it’s kind regarding analysis of the Windows Registry. Accomplished public speaker, innovative researcher and analyst.  Ford Prefect has described Harlan as a “hoopy frood...

Kyriakos Vassilako

FBI

Supervisory Special Agent Kyriakos Vassilakos is one of two cyber criminal supervisors at the FBI’s Washington Field Office (WFO). He currently leads a squad comprised of agents, analysts, task force officers representing 80 different departments and agencies, and one computer scientist. He has been a cyber supervisor at WFO since January 2018, and he was...

Dennis Labossiere

KPMG LLP

Dennis is a Manager within KPMG’s cyber response practice. He assists clients with incident response needs (e.g., ransomware attacks, network intrusions, etc.) including incident readiness and planning services. He has 8 years of DFIR experience, has worked over 30 ransomware cases including RYUK, LockerGoga, Conti, and LockBit/LockBit 2.0 variants, and worked on various cases where...

Steven Legg

Antigen Security

Steven Legg has over 19 years of experience in the Information Technology and Information Security fields, and spent the last eight years focusing on governance, risk, and compliance within security programs while most recently building a strategic services practice for a Managed Detection & Response firm. Steven has developed programs that specifically address security maturity,...

Brian Moran

BriMor Labs

Brian Moran is a digital forensic analyst currently residing in the Baltimore, Maryland area. He has over 20 years of experience in the cyber security field, with 17 of those years focusing on digital forensics/incident response (DFIR), both in the United States Air Force and private sector. His initial exposure to the DFIR field occurred...

Joseph Edwards

Reversing Labs

Joseph is a Senior Malware Researcher at ReversingLabs. He draws on his experience with Reverse Engineering and Digital Forensics to understand and respond to incidents. At ReversingLabs he hunts across the TiCloud file corpus for new and emerging threats. Joseph’s research interests include rootkits, EDR bypass techniques, viruses, file format exploitation, and mobile malware.

Dr. D. Kall Loper

Cyderes

Dr. Loper is the Vice President and Global Lead of Digital Forensic and Incident Response for Cyderes, the combined Fishtech-Herjavec Group. His 25+ year career includes being a hands-on forensic analyst and lead responder, a partner-level practice lead at a global consulting firm, the US Department of Justice, and founding a forensics firm. He has...

Balazs Bucsay

NCC Group

Balazs Bucsay (@xoreipeip) is Principal Security Consultant at NCC Group in the United Kingdom who does research and penetration testing for various companies. He has presented at many conferences around the world including Honolulu, Atlanta, London, Singapore, Moscow, and Melbourne on multiple advanced topics relating to the Linux kernel, NFC and Windows security. Moreover he...

Joel Parsons

USSS

Joel Parsons is a Special Agent with the United States Secret Service (USSS) assigned to the Cyber Intelligence Section (CIS). CIS targets high-value international cyber criminals, operates informants, supports and conducts investigations. Joel is currently detailed with the Federal Bureau of Investigation at the National Cyber Investigative Joint Task Force (NCIJTF), where members to include...

Matthew Swenson

Matthew Swenson currently serves as the Division Chief at the Homeland Security Investigations Cyber Crime Center in Fairfax, VA. At C3, he oversees four units: Cyber Crimes, Child Exploitation Investigations, Computer Forensics and Cyber Training and Engagement. Prior to serving as Division Chief, Mr. Swenson served as the Unit Chief over the Cyber Crimes Unit...

Ali Hadi

Cyber 5W / Champlain College

Ali Hadi is a Senior Cybersecurity Specialist with 14+ years of industrial experience in Information Technology (IT), currently working as a full-time professor and researcher for both the Computer and Digital Forensics and Cybersecurity Departments at Champlain College, USA. Ali is also a Co-Founder and the Chief Technology Officer at Cyber 5W. Ali provides consulting...

Dennis Allen

Stratascale

Director – Security Programs, Strategy & Risk at Stratascale Nearly 30 years in Information Technology and Security Decades of experience enhancing cyber defense tools, tactics, and procedures for the U.S. military, including Cyber Protection and Mission Defense Teams Designed and implemented secure network architectures for multiple Fortune 500 companies Former Technology and Security Director for ONTV,...

Daniel Iannotti

Arete Incident Response

Dan Iannotti is an independent consultant specializing in digital forensics and incident response. He has been forensicating for over 11 years in multiple capacities including law enforcement investigations, incident response, and consulting. In addition to several years conducting incident response, Dan spent years working on the FBI’s Washington Field Office Computer Analysis Response team. He has...

Devin Hill

Digital Silence

Devin Hill, Director of DFIR, has 17 years of technology experience with six in Incident Response. In addition to his Masters in Digital Forensics and Incident Handling Devin is a Global Information Assurance Certified Intrusion Analyst and has a CompTIA A+ certification. Devin has the knowledge and practical experience to provide excellent support in identifying,...

Aaron Sparling

Portland Police Bureau

Aaron Sparling is an Officer with the Portland Police Bureau in Portland Oregon where he serves in the Investigations Branch, Forensics Evidence Division, Digital Forensic Unit. Aaron has been working in Digital Forensics for over 10 years and has served as a Task Force Officer on the United States Secret Service Electronic Crimes Task Force...

Kelvin Wong

Forensics Ninja

Kelvin Wong is an independent security researcher. He focus on hardware analysis and forensics research. He was the first and the only one Asian who was leading a group of white-hat hackers to held an in-depth and hands-on hardware hacking village in DEFCON. He was also a frequent speaker and trainer in different top-level security...