Presentations

• 2022
• 2021
• 2020
• 2019
• 2018
• 2016

Publications

• 2022
• 2020

Podcasts

• 2022

_______________________________________________________________________________________________________________________________

Presentations

2022:

BSides Birmingham

• “Attack Vectors: Your Helpdesk Technology May Be the Weakest Link”
• Slides

BSides Augusta (10/1/2022)

• “True Story: I Saw Phishing Done by a Panda[Doc]”
• Slides

Texas Cyber Summit (9/22/2022)

• “Attack Vectors: Your Helpdesk Technology May Be the Weakest Link”
• Slides

BSides Atlanta (8/27/2022)

• “A Tale of the Times: Flying Under the Radar Screen[Connect]”
• Slides

SANS DFIR Summit (8/15/2022)

• “Establishing Connections: Illuminating Remote Access Artifacts in Windows”
• Slides
• Video

NolaCon (5/20/2022)

• “New Shell in Town: Adventures in using PowerShell in Linux”

PowerShell + DevOps Global Summit (4/25/2022 and 4/27/2022)

• “New Shell in Town: Adventures in using PowerShell in Linux”
• Slides
• “Revealing the Antivirus Quarantined: Using PowerShell to enable Analysis”
• Slides

BSides Tampa (4/23/2022)

• “Gaining Clarity within the Clouds: Incident Response Tactics for the Untrained and Unequipped”
• Slides

SANS New2Cyber Summit (3/23/2022)

• “Getting started with PowerShell on Linux”
• Slides
• Video

BSides Huntsville (2/4/2022)

• “The Evolution of PowerShell: Red and Blue Team Tactics”

2021:

BSides Salt Lake City (12/3/2021)

• “Gaining Clarity within the Clouds: Incident Response Tactics for the Untrained and Unequipped”
• Slides
• Video

BSides Birmingham (10/15/2021)

• “Overlooked Artifacts: Enhancing Windows Forensic Analysis”
• Slides

BSides Augusta (10/2/2021)

• “New Shell in Town: Adventures in using PowerShell in Linux”
• Slides
• Video

BSides Augusta Cyber Week (9/30/2021)

• “Operationalizing PowerShell”

National Cyber Summit (9/28/2021)

• “The Evolution of PowerShell: Red and Blue Team Tactics”

BSides Charlotte (9/25/2021)

• “Overlooked Artifacts: Enhancing Windows Forensic Analysis”
• Slides
• Video

PowerShell & DevOps Global Summit (4/27/2021)

• “Gaining 20/20 Vision During an Incident with PowerShell”
• Slides
• Video

8th Annual Cyber Focus Day (ISSA) (4/22/2021)

• “Modern Day Artistry: Painting Stories with Windows Artifacts”
• Slides
• Video

ChiCyberCon (4/16/2021)

• “Weapon of Mass Destruction: A Look at the Ransomware Pandemic“
• Slides

The Central Savannah River Area (CSRA) ISC(2) Chapter (2/24/2021)

• “Artifactually Speaking: Residuals in the Registry and Event Logs”
• Slides
• Video

BSides Huntsville (2/6/2021)

• “The Invisible War: A Look at the Ransomware Battle”
• Slides
• Video

2020:

AVENGERCON (11/30/2020)

• “Weapon of Mass Destruction: A Look at the Ransomware Pandemic“
• Slides
• Video

Research Triangle PowerShell User’s Group (11/18/20)

• “Living off the Land: Defensive and Offensive PowerShell“
• Slides
• Video

Rocket Secure 4 (10/30/2020)

• “Alter Ego: Defensive and Offensive use of Capabilities”
• Slides
• Video

BSides Charlotte (9/26/2020)

• “Weapon of Mass Destruction: A Look at the Ransomware Pandemic”
• Slides
• Video

BSides Greenville (6/13/2020)

• “A Tale of Two PowerShells”
• Slides
• Video

BSides Huntsville (2/8/2020)

• “Gaining 20/20 Vision During an Incident with PowerShell”
• Slides

BSides Huntsville (2/7/2020) workshop

• “The Evolution of PowerShell: Red and Blue Team Tactics”

2019:

Augusta ISSA (12/17/2019)

• “A Tale of Two PowerShells”
• Slides

BSides Charleston (11/9/2019)

• “Having Your Pick of the Litter: Storing Malware Stagers in Enterprise Services”
• Slides 
• Video

BSides Charleston (11/8/2019) workshop

• “The Evolution of PowerShell: Red and Blue Team Tactics”

BSides DC (10/27/2019) workshop

• “The Evolution of PowerShell: Red and Blue Team Tactics”

AVENGERCON (10/16/2019)

• “Gaining 20/20 Vision During an Incident with PowerShell”
• Slides

BSides Birmingham (10/12/2019)

• “A Tale of Two PowerShells”
• Slides

BSides Augusta (10/5/2019)

• “Gaining 20/20 Vision During an Incident with PowerShell”
• Slides
• Video

BSides Charlotte (9/28/2019)

• “Having Your Pick of the Litter: Storing Malware Stagers in Enterprise Services”
• Slides
• Video

PowerShell Sunday (9/22/2019) workshop

• “Security Deep Dive” 

PowerShell Saturday (9/21/2019)

• “Gaining 20/20 Vision During an Incident with PowerShell”
• Slides
• Video

Charlotte PowerShell Users Group (9/5/2019) workshop

• “PowerShell Training through Red and Blue Tactics”

BSides Greenville (3/30/19) workshop

• “Powering up on PowerShell”

2018:

AVENGERCON (11/27/2018)

• “Artifacts… That’s the Name of the Game”
• Slides

AVENGERCON (11/26/2018) workshop

• “Powering up on PowerShell”

BSides Charleston (11/10/2018) workshop

• “Powering up on PowerShell”

BSides Augusta (10/20/2018)

• “Under the Wire PowerShell Workshop”
• Slides

2016:

Organization Technical Exchange (5/3/2016)

• “The Power of the Shell”
• Slides

 

Publications

2022:

• How Ready is Your Ready? Assessing the Usability of Incident Response Playbook Frameworks
  Rock Stevens, Daniel Votipka, Josiah Dykstra, Fernando Tomlinson, Erin Quartararo, Colin Ahern, and Michelle L. Mazurek. ACM CHI Conference on Human Factors in Computing Systems, April 2022.

2020:

• The PowerShell Conference Book, Volume 2

 

Podcasts

2022:

• PowerShell Podcast, Episode 21 – Using PowerShell for Incident Response
  • Apple podcasts
  • Youtube