Zach Grace

Musing on security, mostly offensive.

12 Apr 2018

About

I’ve worked in offensive security for nearly a decade focusing on securing financial institutions. I’ve been a systems administrator, developer, pen tester and currently lead a team offensive security team at a Fortune 100.

You might find me at our local CitySec meetup, MilSec, or at OWASP Milwaukee. I’ve also been a member of the Wisconsin CCDC Red Team since 2012.

Speaking Engagements

I’ve had the privilege to present at the follwing events. In my presentations, I like to do demos, be educational and have something for all skill levels.

DateOrganizationTitle
2018.10.07DerbyCon 8Red Mirror: Bringing Telemetry to Red Teaming
2018.04.12Cyphercon 3.0Crypt-Oh No!
2017.10.31Synercomm IT SummitBetter Network Defense Through Threat Injection and Hunting
2017.09.24DerbyCon 7changeme: A better tool for hunting default creds
2017.09.06CheddarconUnleash the Kraken: The Art of Password Cracking
2016.09.23Wisconsin Association of Computer Crime Investigators (WACCI) 2016 ConferenceAnatomy of an Attack
2016.09.23DerbyCon 6Better Network Defense Through Threat Injection and Hunting
2015.01.28WCTC Cyber Security SummitBeyond Prevention, Assume Compromise
2015.05.16BSides ChicagoPen Testing Is Broken
2014.11.14WCTCPenetration Testing with NIST SP800-115 and Metasploit
2014.10.30AT&T Wireless Technology ForumMobile Security
2014.09.10Illinois State UniversityCracking the Perimeter via Web Application Hacking
2014.05.15InfraGuard SuperConWindows Expoitation Demystified
2014.03.11SIM/InfraGuardExternal Attack Vectors
2014.01.30Wisconsin Mega ConferenceCracking the Perimeter via Web Application Hacking
2013.10.30DePaul UniversityCracking the Perimeter via Web Application Hacking
2013.10.17ISSA/InfraGuardPreemptive Strike - Testing Your Security Before The Attackers Do
2013.09.19403 Labs SAFKnowing and Controlling Your Exposure
2013.07.30Milwaukee OWASPWeb Application Fuzzing Techniques
2013.21.02InfraGuardThe OWASP Top Ten and the Associated Risks