About
Hey, I’m Ryan.
I am a driven professional who is passionate about further developing a technical skill set in infosec. When I’m not rage-troubleshooting regex or questioning my understanding of an IDS, you can find me woodworking or shooting photography.
| Supportive Sherpa | Constantly Curious | Lifetime Learner |
|---|---|---|
| I have put in countless hours in to break into the industry and develop my skill set but I strive to make the next person’s journey easier by sharing advice and resources. | If I manage to successfully run a tool or command, I challenge my assumptions and test my hypothesis for why it worked. These exploratory sessions often result in iterative failures, but they allow me to gain deeper insight into the tool’s functionality. | I have always been enthusiastic to understand more about the world around me. This passion extends to the world of info sec and drives me to continuously learn about the industry. |
ACHIEVEMENTS
Participated in Cyber Shield 2021 as a member of the Red Team. Launching attacks over the course of the week and meeting with the Blue Team to walk though detection opportunities.
2020 - Placed first in Threat Hunting CTF at Circle City Con
Speaking Engagements:
| Event | Presentation |
|---|---|
| 2024 Cactus Con | Clearing the Fog: Detection and Defense against Cloud Persistence Techniques |
| 2023 GrrCon | Clearing the Fog: Detection and Defense against Cloud Persistence Techniques |
| 2023 SANS Blue Team Summit | Ecosystem of Insights: Building Operation Dashboards That Enable Teams |
| 2023 Cactus Con | A Peek Inside an Adversary’s Toolkit |
| 2022 Bsides Orlando | Keys to Staying Hidden: Defense Evasion with Windows Registry |
| 2022 Circle City Con | Keys to Staying Hidden: Defense Evasion with Windows Registry |
| 2022 Fal.Con | Reentry through the Windows: Uncommon Persistence Techniques |
| 2022 Bsides SATX | Watching Kittens at Play: Dissecting an Iranian Nation State Interactive Intrusion |
| 2020 Bsides Idaho | Suspect Last Seen Wearing Admin Creds: Building an Investigative Mindset |
SANS Challenge Coin Holder:
- SEC503 - Intrusion Detection
- SEC504 - Hacker Techniques
- SEC542 - Web Application Pentesting
- FOR508 - Threat Hunting/Incident Response
- FOR509 - Cloud Forensics & Incident Response
- FOR608 - Enterprise IR & Threat Hunting
- Cyber Defense Netwars v2 (4th place - Individual)
- Cyber Defense Netwars v3 (1st Place - Individual)
- Core Netwars v7 (2nd Place - Individual)
- DFIR Netwars (2nd Place - Individual)