January 15th: Building a SIEM & BSides Roanoke CFP!

/ roanokeinfosec

Happy New Year! We hope you had a fantastic holiday season.

We are kicking off 2026 with an incredible speaker and a topic that hits home for every security enthusiast: building your own security visibility from the ground up.

The Details

  • Speaker: Lizz Boice, Head of Cybersecurity Operations at GFiber
  • Topic: More Logs Please! Building a SIEM in Your Homelab
  • Date: Thursday, January 15th
  • Location: Virginia Western Community College (VWCC)

A Note on the Date: RISE typically meets on the second Thursday of the month. The first Thursday fell on New Year’s Day, we shifted our planning cycle back one week. We are meeting on the third Thursday (Jan 15th) for this month only to adjust for a post holiday recovery!

About the Talk

The best way to understand the tools of the trade is often to build them yourself. Whether you are looking to sharpen your detection engineering skills or just want to know what your home network is actually doing, there is no better teacher than a well-built homelab.

Lizz Boice will walk us through the journey of deploying a production-grade security stack right in your own home. Drawing on her experience in detection and automation at organizations like Zoox and Palo Alto Networks, Lizz will strip away the enterprise buzzwords to give you a clear, practical guide to log collection.

In this hands-on session, we’ll cover:

  • The “Why”: How SIEM helps Blue Teamers correlate logs and Red Teamers understand forensics.
  • The Build: A step-by-step guide to deploying the Elastic Stack (Elasticsearch, Kibana, and Fleet) using Docker.
  • The Hurdles: Fixing real-world headaches like SSL certificates and “503 Service Unavailable” errors.
  • The Data: How to collect and search through data from your devices using Elastic agents.

Whether you are an aspiring SOC analyst, a seasoned Red Teamer, or a hobbyist who loves data, this talk will give you the blueprint to turn server logs into powerful security intelligence.

Meeting Details:
We will be meeting at Virginia Western Community College in the Hall Family Business/Science Building. Take the stairs to the left and go to the third floor and go to the CyberSecurity lab in room M302.​

Meeting info:
Virginia Western Community College
Business/Science Building, Room M302
January 15th, 2025 @ 6PM
https://maps.app.goo.gl/ToJyoaMJ5BUy417QA

Call for Presentations: BSides Roanoke 2026

It’s never too early to start planning for June! BSides Roanoke 2026 is happening on June 5th, 2026, and the CFP is officially open.

If you have a talk, a workshop, or a cool project you’ve been working on, we want to hear from you.

Submit your proposal here:https://forms.gle/XXXgp2fysP91v4oR9

We look forward to seeing you all at Virginia Western on the 15th!

December 2026: December Social & BSides Roanoke CFP Open!

/ roanokeinfosec

As the year winds down, let’s take a moment to celebrate before the holidays officially take over! Join your fellow cybersecurity pros for our December social, it’s the perfect chance to decompress, share what you’ve learned this year, and enjoy a cold beverage.

Join us this Thursday, December 11th at 6:00 PM at Twisted Track Brewpub.

This is an informal gathering, meaning no agenda, just a great opportunity to connect with peers and swap tales from the front lines of information security.

🗣️ Call for Presentations (CFP) is OPEN for BSides Roanoke 2026!

Ready to share your knowledge? The Call for Presentations for BSides Roanoke 2026 is officially OPEN!

We’re looking for great technical sessions, deep dives, and unique perspectives for the conference on Friday, June 5th, 2026. If you have an idea, we want to hear it!

Don’t miss the chance to be a part of the local infosec community’s premier event. Be sure to stay tuned to our shiny new website, https://bsidesroa.org, for all conference updates!

📅 December Social Details

We look forward to seeing you there!

Agent-Augmented Security Development and Operations – November 2025

/ roanokeinfosec

As the days grow shorter and we start pulling out our warmest sweaters, it’s the perfect time to turn our focus inward and sharpen our technical skills. Before the frantic holiday season truly kicks in, let’s gather for a session that brings practical, powerful light to the often-dark and complex world of Large Language Models (LLMs) and security.

The lack of sunshine shouldn’t mean a lack of new knowledge! This Thursday, November 13th, Aaron McPhall will be illuminating how we can move past simple chatbot interfaces and start implementing powerful, secure AI agents directly into our workflows.

Feature Talk: Agent-Augmented SecOps: Building Your Private LLM Coding Workbench

The rise of large language models (LLMs) is fundamentally changing the software development and security operations (SecOps) lifecycle.

This session moves beyond basic chatbot coding to explore agentic coding: integrating powerful AI models directly into the IDE to automate complex workflows while maintaining data security.

Why Go Private? Secure AI, Lower Cost

We will focus specifically on utilizing local, open-weight LLMs (like Qwen3 Coder) as cost-effective and private alternatives to expensive cloud services, ensuring sensitive data remains on-premise. Attendees will learn how to build a practical development stack.

Key components that will be covered include:

  • Inference Providers: Selecting an appropriate inference provider (ollama, llama.cpp).
  • Model Mechanics: Understanding the trade-offs in model quantization and context length.
  • Hardware Planning: Calculating the necessary hardware and VRAM to run agents efficiently.
  • Live Orchestration: Through live demonstrations using IDE extensions like RooCode, the presenter will show how to orchestrate complex security tasks such as certificate lifecycle review and structured analysis of helpdesk tickets to unlock the true potential of AI agents in a developer or analyst’s workflow.

If you’ve been looking for a way to leverage AI agents without sacrificing data privacy or blowing your budget, this is a must-attend session. Don’t let the technical complexity of local LLMs keep you in the dark, come learn how to build your own secured workbench.

Meeting Details:

We will be meeting at Virginia Western Community College in the Hall Family Business/Science Building. Take the stairs to the left and go to the third floor and go to the CyberSecurity lab in room M302.

Meeting info:
Virginia Western Community College
Business/Science Building, Room M302
November 13th, 2025 @ 6PM
https://maps.app.goo.gl/ToJyoaMJ5BUy417QA

Looking forward to seeing you there!

Two October Events! RBTC Defense Against the Dark Arts (Oct 2) & RISE Social (Oct 9)

/ roanokeinfosec

We’ve got a busy and exciting October planned for you! Please note the details for two separate events coming up this month.

Event 1: RBTC IT-Security, Defense Against the Dark Arts! Panel Demos

Join our colleagues at the RBTC (Roanoke Blacksburg Technology Council) for a fantastic evening of technical demonstrations! This year has something for everyone, and dinner and drinks are included.

When: Thursday, October 2nd, 5:30 PM – 8:00 PM
Where: VWCC Roanoke

Demo Presentations Include:

  • Web Dev Security: A professional pentester demonstrates how web-XSS/JWTs are weaponized, and how to keep your stuff safe.
  • Red Teaming: The head of the VT ITSO Red Team (pentester) shares one of his custom scanning/reporting tools that he’s created himself and how he uses it to scan and assess VT network/host risks.
  • Malware Analysis: Drill into the methodology for tracking down a Linux endpoint infection with a bitminer, including detection, classification, and remediation.

Come Hack (and defend) with us!

RSVP: https://www.rbtc.tech/event/defense-against-the-dark-arts/

Event 2: RISE Social – Your Pre-Holiday Decompression

Fall is officially here, and before the holiday season chaos begins, let’s gather for our last RISE social of the year! It’s the perfect time to grab a cold beverage (or pretend it’s pumpkin spice season) and decompress before the end-of-year sprint.

Join your fellow cybersecurity pros for a social gathering next Thursday, October 9th at 6:00 PM at Twisted Track.

This is your chance to log off, relax, and swap tales from your infosec adventures. There’s no formal agenda, just an opportunity to connect and maybe phish for some new insights from your peers. It’s a great time to patch into conversations about the latest trends.

Details
Location: Twisted Track Brewery, 523 Shenandoah Ave NW
Quick Link: https://maps.app.goo.gl/C7eVeZsoa2kERYAE7
Date: Thursday, October 9th
Time: 6pm

Looking Ahead: Also, be sure to stay tuned for November, when we’ll pivot back to a technical session and do a deep dive into agentic coding!

We’re looking forward to seeing you at one or both events!

Securing the Future — Data Security in the Age of AI – September 2025

/ roanokeinfosec

As the days get shorter and the promise of cooler weather is in the air, we’re also entering a new season in the world of technology. The rapid evolution of AI is reshaping how we work and, more critically, how we manage data security. Just as we transition from summer to fall, our approach to cybersecurity must adapt to a changing landscape.

We invite you to our next RISE meeting this week for a timely talk: “Securing the Future — Data Security in the Age of AI.”

Our guest speaker, Trip Humphrey, Director of Data Science & AI at Carilion Clinic, will provide invaluable insights into this critical topic. Leveraging his extensive experience, Trip will cover:

  • How AI is transforming data usage and risk landscapes
  • Emerging threats and vulnerabilities introduced by AI technologies
  • Best practices for securing sensitive data in AI-powered environments
  • Ethical considerations and governance frameworks for responsible AI

Whether you’re a security leader, a technologist, or a business stakeholder, this conversation is essential for safeguarding your organization while harnessing the power of AI.

We look forward to seeing you there!

Event Details:

  • Date: Thursday, September 11, 2025
  • Time: 6pm
  • Location: Virginia Western Business/Science Building Room M302
  • Speaker: Trip Humphrey
  • Talk Title: Securing the Future — Data Security in the Age of AI

Meeting Details:

We will be meeting at Virginia Western Community College in the Hall Family Business/Science Building. Take the stairs to the left and go to the third floor and go to the CyberSecurity lab in room M302.

Meeting info:

Virginia Western Community College
Business/Science Building, Room M302
https://maps.app.goo.gl/ToJyoaMJ5BUy417QA

Looking forward to seeing you there!

Social at Twisted Track Brewpub – August 2025

/ roanokeinfosec

Hacker Summer Camp is now wrapping up, and with the back-to-school season just around the corner, why not take a moment to decompress before we get back to the daily grind?

Join your fellow cybersecurity pros for a social gathering next Thursday, August 14th at 6:00 PM at Twisted Track.

This is your chance to log off, relax, and swap tales from your infosec adventures. There’s no formal agenda, just an opportunity to connect and maybe phish for some new insights from your peers. It’s a great time to patch into the conversation about the latest trends, including how AI is hacking into our daily workflows.

Details

Location: Twisted Track Brewery, 523 Shenandoah Ave NW
Quick Link: https://maps.app.goo.gl/C7eVeZsoa2kERYAE7
Date: Thursday, August 14th
Time: 6pm

We’re looking forward to seeing you there!

DOMination: Weaponizing XSS – July 2025

/ roanokeinfosec

Hope you’re all staying cool in this scorching July heat! While the temperatures outside are blazing, we’ve got a meeting coming up that’s going to be even hotter – in a good, cybersecurity-savvy way, of course!

Prepare to have your minds melted (with knowledge, not the sun!) at our next RISE Cyber Security meeting. We’re thrilled to announce a speaker who’s ready to fire up your understanding of web vulnerabilities.

This month, we’re welcoming the brilliant Ben Eldritch to the stage. He’s bringing a talk with the following details:

DOMination: Weaponizing XSS

Even the smallest input can create a big problem. Oftentimes XSS vulnerabilities are demonstrated by popping an alert box on your screen or sending out document cookies to an external endpoint. But did you know as soon as you get access to the DOM the webpage becomes a blank canvas? The possibilities are endless from background JavaScript execution, mapping internal networks and even assisting in MFA mimicry. Join us as we discuss various techniques that turn simple XSS vulnerabilities into powerful phishing landscapes and advanced threat playgrounds.

Come join us for an evening that’s sure to be illuminating and help you beat the heat of potential cyber threats! We promise it’ll be more refreshing than an ice-cold lemonade on a hot day.

Event Details:

  • Date: Thursday, July 10, 2025
  • Time: 6pm
  • Location: Virginia Western Business/Science Building Room M302
  • Speaker: Ben Eldritch
  • Talk Title: DOMination: Weaponizing XSS

Meeting Details:

We will be meeting at Virginia Western Community College in the Hall Family Business/Science Building. Take the stairs to the left and go to the third floor and go to the CyberSecurity lab in room M302.

Meeting info:
Virginia Western Community College
Business/Science Building, Room M302
July 10th, 2025 @ 6PM
https://maps.app.goo.gl/ToJyoaMJ5BUy417QA

Looking forward to seeing you there!

Unmasking PAN-OS Exploits & Red Team Success – June 2025

/ roanokeinfosec

Summer’s heating up, and so is the next Roanoke Infosec Exchange (RISE) meeting! Get ready to dive deep and PAN out some serious knowledge, because we’ve got a fantastic session lined up that’s going to make your security senses tingle.

We’re absolutely thrilled to announce that Regen Peterson will be joining us on Thursday, June 12th to deliver a talk that’s as cool as a summer breeze and as insightful as a perfectly executed exploit:

“Forging the Attack Path: A Deep Dive into PAN-OS Exploitation and Post-Exploitation”

In this talk, Regen will pull back the curtain on a recent attack path he discovered and successfully utilized in multiple real-world engagements. You’ll gain a unique perspective on how a chain of Palo Alto PAN-OS vulnerabilities can be leveraged, and critically, how post-exploitation steps were identified and simplified using a custom-developed tool. Think of it as mapping out the perfect summer road trip, but for attackers!

This presentation offers a compelling blend of the “Hacker Mindset” – exploring methodology and thought processes – with a more technical discussion of the specific vulnerabilities abused. Regen will also briefly touch on crucial prevention and detection strategies, so you can help keep your networks as chill as a pool party.

And for those who love live action, if the demo gods are with us and time permits, Regen plans to walk through the entire attack chain on his own vulnerable VM! Prepare for some real-time fireworks!

This is a fantastic opportunity to learn from real-world experience and enhance your understanding of modern attack techniques and red team operations. Whether you’re a seasoned security professional or just starting out, you’ll walk away with valuable insights to Alto-er your security game.

Event Details:

  • Date: Thursday, June 12th, 2025
  • Time: 6pm
  • Location: Virginia Western Business/Science Building Room M302
  • Speaker: Regen Peterson
  • Talk Title: Forging the Attack Path: A Deep Dive into PAN-OS Exploitation and Post-Exploitation

Talk Description:

Through the talk we’ll be discussing a chain of PAN-OS vulnerabilities used in an attack path I recently found and used successfully in multiple real world engagements, as well as looking at how these post-exploitation steps were identified, and the tool I developed for simplifying these attacks. This allows the talk to serve as a combination of the typical “Hacker Mindset” talks (methodology, etc) and a slightly more technical discussion of each of the specific vulnerabilities abused in both the exploitation and post-exploitation. We’ll also very briefly touch on prevention and detection of these attacks. Lastly, I do have my own vulnerable VM, so if the demo gods and the clock allow it then we will be able to walk through it all in real time.

Meeting Details:

We will be meeting at Virginia Western Community College in the Hall Family Business/Science Building. Take the stairs to the left and go to the third floor and go to the CyberSecurity lab in room M302.

Meeting info:
Virginia Western Community College
Business/Science Building, Room M302
June 12th, 2025 @ 6PM
https://maps.app.goo.gl/ToJyoaMJ5BUy417QA

Please mark your calendars and spread the word! We look forward to seeing you there for another engaging RISE meeting. Don’t miss out on this hot topic!

From IT Specialist to IT Strategist – April 2025

/ roanokeinfosec

Ready to swap your keyboard for a corner office? Or maybe just curious how to navigate the wild world of IT leadership? Then join us for the next RISE meeting!

Mark your calendars for April 10th at Virginia Western Community College!

We’re thrilled to welcome Rob Garbee, Director of Information Security at the Carilion Clinic, who’ll be sharing his epic quest “From IT Specialist to IT Strategist: My Move to Management.” Think of it as a cheat code for your career!

Here’s the lowdown:

Ever wondered what it’s really like to go from fixing firewalls to leading a team? Rob’s got the inside scoop! He’ll be dishing out the dirt (the good kind!) on his journey from network security engineer to the big boss. Expect tales of triumph, epic fails, and everything in between.

In his own words (or close to it):

“Are you contemplating a leap into management or intrigued by what such a transition entails? Join us for an enlightening presentation where I will recount my journey from a network security engineer to the Director of Information Security. I will candidly discuss the highs, the lows, and everything in between. I’m looking forward to giving you a real, unfiltered look at my move from the trenches to management, and hopefully, you’ll find it useful.”

Basically, Rob’s going to drop some knowledge bombs that could seriously level up your career. Don’t miss out on this chance to learn from someone who’s been there, done that, and probably has the t-shirt.

We’re looking forward to seeing you there! Get ready for some serious insights, a few laughs, and maybe even a networking opportunity or two.

See you on April 10th!

Meeting Details:

We will be meeting at Virginia Western Community College in the Hall Family Business/Science Building.   Take the stairs to the left and go to the third floor and go to the CyberSecurity lab in room M302.

Meeting info:

Virginia Western Community College

Business/Science Building, Room M302

April 10th, 2025 @ 6PM

https://maps.app.goo.gl/ToJyoaMJ5BUy417QA

Social at Twisted Track Brewpub – March 2025

/ roanokeinfosec

Sorry for the last minute invite; we decided to interrupt our regularly scheduled programming to enjoy this warm spell we are having.  We’d like for you to join us for a casual social gathering at Twisted Track Brewery on Thursday, March 13th!

The weather forecast is looking fantastic, and we thought it would be a perfect opportunity to enjoy the unseasonably warm spring and connect with fellow cybersecurity professionals in a relaxed setting.

Details:

This will be a great chance to network, share insights, and simply enjoy a pleasant evening with your colleagues.

We apologize for any inconvenience for the last minute scheduling, and we hope you can join us for this fun social event. We look forward to seeing you there!

And a little teaser for next month: Get ready for Rob’s insightful talk, where he’ll share valuable lessons learned from his transition from a technical contributor to a leadership position. Think “From Bud to Boss” in the cybersecurity world! Rob’s journey over the past year has been filled with challenges and triumphs, and he’s eager to share his experiences with you. More details on this to come soon.