DefCon, 2019

Hi!  I’m Ryan.  I’ve had the pleasure of working in the Digital Forensics & Incident Response (DFIR) realm for just shy of 10 years.  During my career, I have handled and led incidents from inception all the way through remediation.  When it comes to ask task that befalls the “blue team”, I’m on it!  Parsing, ingesting, and reviewing logs; researching domains and IPs; performing threat intelligence enrichment and pivoting; hunting through log aggregation utilities; sifting through PCAP; analyzing malware; and performing host and network forensics are just some of the things I love to do.

Prior to moving to security, I worked as a technical trainer for over five years. My stint working as a full-time trainer prepared me for the rigors of life-long learning. I absolutely love training and often find myself assisting with training development and/or delivery for new hires wherever I work.

Current Roles

I currently work as a Principal Consultant for BlackBerry Security Services.  I am also an instructor for SANS FOR610: Reverse Engineering Malware.  When not consulting or teaching, I work as the lead organizer for CactusCon, Arizona’s security/hacker conference.

In my role as a consultant with BlackBerry Security Services, I am responsible for the execution and analysis of incident response engagements and forensic work.  I help our team provide consulting services to clients, including digital forensics; incident response investigation and containment; malware reverse engineering; host and email compromise assessments;  tabletop exercises; and other security services.

As my career continues to take on a life of its own, I wanted to put together this Web site to catalogue some of things I’ve been up to… lest I forget it all!  Thanks for checking out my page, and feel free to drop a line.

– Ryan