Some of the presentations we have given at various conferences.

• BSides Albuquerque 2025 - SecTopRat / Arechclient2 – The latest on this popular malware family

• BSides Albuquerque 2025 - Hacking a backup power solution(s) for your home, Tornado tested!

• BSides Austin 2024 - Can We Detect These So Called Sophisticated Attacks?

• HouSecCon 2024 - My InfoSec journey led me to create my own incident response tools, what led me here and how or why you should do it too!

• Austin ISSA 1/2 day Meeting 2024 - All these so called “sophisticated” attacks, can we really detect them?

• BSides OK 2024 - All these so called “sophisticated” attacks, can we really detect them?

• BSides Albuquerque 2023 - Incident Response Fails - What we see with our clients and their fails

• Wild West Hackin Fest - Windows Incident is harrrrrd, but does not have to be

• BSides Austin 2019, BSides OK, BSides SATX - Introducing ArTHIR –ATT&CK Remote Threat Hunting Incident Response Windows tool

• LASCON 2018 and BSidesDFW 2018 - MITRE ATT&CK is for all of us, and it is time to pay attention to it

• CactusCon and DerbyCon 2018 - Detecting WMI Exploitation

  • IronGeek recording of the presentation

• SANS Threat Hunting Incident Response Summit 2018 New Orleans - The fastest way to hunt on Windows systems

• Barrow Brewing Summer Lecture Series June 10, 2018 - What you need to know about all these breaches

• ShowMeCon 2018 - You CAN detect PowerShell exploitation

• BSides OK 2018 - You CAN detect PowerShell exploitation

• BSides Austin 2018 - Credential Stealing emails and what YOU need to know

• CTAGGL & INNOTECH 2017 - Defending Against Ransomeware and Malware, and what you can do about it v3.0

• HITCON 2017 - Defending Against Ransomware/malware and what can you do about it

• DerbyCon 2017 - EDR/ETDR/Next Gen AV is all the rage, so why am I ENRAGED?

  • Watch IronGeeks video of the DerbyCon 2017 talk

• IIA Southern Conference - Auditing Windows Logging

• RMISC 2017 - Email is the #1 way we get pwned, so how do they keep getting by our defenses and what can you do about it?

• BSidesAustin 2017 - Email is the #1 way we get pwned, so how do they keep getting by our defenses and what can you do about it?

• Texas DIR ISF - Defend Against Malware/Ransomware: You Already Have the Capability - Why are You Not Using It?

• BSidesNOLA - Windows IR made easier and faster

• HouSecCon - Email keeps getting us pwned - Prevent ransomware and malware from succeding

• BSidesSF - Are malware sandboxes as good as manual analysis?

• Austin IEEE Group - What can we do about Ransomware

• Austin Mac User Group - Securing your Mac and Safe Surfing Tips and Tricks

• SAINTCON - Searching Logs for Hackers, what you need to know to catch them

• DerbyCon - Are malware Sandboxes as good as manual analysis?

• ISC2 Congress - Proper Logging can catch breaches like Retail PoS

• ShowMeCon - Logging for Hackers - Here's how to catch them

• Dell Enterprise Security Summit - Top 10 Windows Event ID's used to catch Hackers in the act

• Rocky Mountain InfoSec Conference - Proper Logging would have caught the Retail Point of Sale Breaches, here's how

• Splunk .Conf - Finding Advanced attacks and malware with only 6 Event ID's

• BSides Austin - Commodity Malware means YOU! And everybody in this room, let's look at one called Dridex

• BSides OK - Logging for Hackers, How we catch advanced and commodity malware with this method

• DerbyCon - A deep look into a Chinese advanced attack