ABOUT FIRETALKS
Firetalks is an evening event that tests the skills of those who stand on the stage. Six people are given 15 minutes to dive right into the core of their content and present their ideas.
Several judges will be on hand, American Idol-style, to listen to and critique the presentation on both style and content. This is done in both a serious and humorous manner in front of the audience. After the event the judges will vote on the best presentations–with the top three being awarded some cool prizes to be handed out at ShmooCon closing ceremonies.
Firetalks is a ShmooCon event and contestants and attendees must already have a ShmooCon Barcode to participate.
Questions can be sent to firetalks@shmoocon.org.
FIRETALKS 2025 SCHEDULE| Friday, January 10, 2025 | |
|---|---|
| Time | Firetalks |
| 2000 | Firetalks Opening |
| 2010 | Multi-Sector/Industry Hobo: Rules of Riding the Security Rails Amélie Koran |
| 2030 | Start at the Finish Line (Demystifying the Tech Career Path) Kirsten Renner |
| 2050 | SOC Humor: How to Use Memes and Chaos to Improve Detection Tyler Moody |
| 2110 | ‾‾\___ʌ__.__ Gabriel Bassett |
| 2130 | MalwareDB:
An Open-Source Bookkeeping System for Malicious and Benign Files Richard Zak |
| 2150 | The Unethical Engineer’s Guide to Event Ticket Acquisition Karl Koscher |
| 2210 | Firetalks Closing |
FIRETALKS 2025 PARTICIPANTS
Multi-Sector/Industry Hobo: Rules of Riding the Security Rails
Amélie Koran
It takes a lot to survive being a good human, let alone working through your career without selling your soul or becoming the one folks warn others about, and still have an ethical compass to help navigate it all. This industry tends to go from missing steps, gatekeeping, ambulance chasing, and even mis- or disinformation, but there’s always an effort to identify and remove the barriers from the space and allow people to flourish and grow. One of these guiding principles, or even several, could be garnered from the old hobo culture’s ethical code, and can help guide us to sustain this space we’ve not only rely on for careers but also friends and colleagues.
Say’er of things, Do’er of stuff, Amélie Koran (@webjedi) is currently the director of a Red Team at a *very large org*. She’s also a Non-Resident Senior Fellow at The Atlantic Council, with a career that has been split between the public and private sectors in various industries. There’s a lot of “you may know her from…” moments for a bio, but she’d rather live in the moment and talk about what we are dealing with in the here and now.
Start at the Finish Line (Demystifying the Tech Career Path)
Kirsten Renner
Everyone asks, ‘Where do I begin?’
No matter what stage of your career journey you are in, from entry level, to trying to grow or changing to a completely different discipline, you can start with imagining exactly where you want to be, and work yourself back from there.
The information age arms us with tons of data. Start by searching for the job title you’d like to have.
Finding that opportunity is like reverse engineering any other solution. Who else holds that title; where do they work; what did their growth path look like; do you know them or any of their connections; where are they spending their time?
You can apply to that company–but then you reach out or find a mutual connection to do an intro. Its that simple. You just hacked the search!
Once a helpdesk tech turned programmer turned tech recruiter, Kirsten Renner directs BSides LasVegas HireGround, BSides Charm Hiring Village, Hack the Capital’s Workforce Development Day, and is a member of ICS Village. She’s currently the VP of Recruiting at SilverEdge and in her spare time, when not volunteering, can be found on a trail training for her next ultra.
SOC Humor: How to Use Memes and Chaos to Improve Detection
Tyler Moody
SOC teams face a constant barrage of alerts, leading to fatigue and diminished effectiveness–but what if humor could help? This Firetalk explores how memes, creative alerting, and simulated chaos can improve SOC detection and engagement. From injecting meme-based alerts to testing response workflows with humorous attack scenarios (e.g. “Rick Astley ransomware”), this talk highlights innovative ways to keep teams sharp while reducing fatigue. Attendees will learn practical methods to inject humor into security exercises, build more resilient SOC workflows, and foster collaboration within overstressed teams. Let’s explore how laughter can be a tool for better detection.
Tyler Moody has worked across the InfoSec spectrum since 2012, transitioning from a self-taught ’90s phone phreaker to a global security operations analyst for a government contractor. Specializing in offensive purple teaming, password auditing, and testing frameworks, Tyler’s passion lies in empowering SOC teams through creative, real-world emulation scenarios. A ShmooCon atendee since 2013, this is Tyler’s first Firetalk, where he brings a unique mix of humor and technical expertise to a serious yet engaging topic.
‾‾\___ʌ__.__
Gabriel (Gabe) Bassett
Distributions were one of those things in stats that never made sense to me so I never really used them. Fast forward to being a data scientist and having tons of logs, events, breaches, and such. Since I didn’t know what I was looking for, I needed a tool to help me find stuff in the data. I’ve found it and want to share the cliff notes with you. I won’t be making you a data scientist in 15 minutes but can hopefully give you the cliff notes I wish I’d had.
Gabriel Bassett is the Head of Risk Engineering in Liberty Mutual’s Global Cyber Office of Underwriting, focused on providing trusted advice and cyber risk services to underwriters and clients. He was previously the lead data scientist for the Verizon Data Breach Investigations Report and has held risk management, testing, intelligence, architect, program management, leadership, and founding positions at the Missile Defense Agency, Hospital Corporation of America, and Information Security Analytics LLC. Gabriel volunteers as the Ground Truth track director at the BSides Las Vegas conference and sits on the board of CTF Factory Inc.
MalwareDB: An Open-Source Bookkeeping System for Malicious and Benign Files
Richard Zak
MalwareDB: An open-source bookkeeping system for benign and malicious files aiming to support malware researchers and forensics investigators. MalwareDB allows users to store samples and metadata and catalog them by customizable hierarchical types, along with where the file was obtained from and when. It also uses similarity hashes so that relationships may be made between similar files, or the database may be queried to see if similar files are already known. It also has an optional tie-in to fetch anti-virus reports from VirusTotal and optionally submit files to VirusTotal for analysis.
Richard Zak is a malware and AI researcher who works on malware detection models and the tooling around them. As a programmer who’s a fan of Rust and open source, he works on MalwareDB in his spare time. He also is part-time faculty at UMBC in Baltimore, Maryland, teaching Introduction to Computer Science.
The Unethical Engineer’s Guide to Event Ticket Acquisition
Karl Koscher
In this fiery talk, we’ll dive into the murky waters of ShmooCon ticket acquisition, exploring a trifecta of techniques against ShmooCon’s anti-bot measures. We’ll first go over how the ShmooCon CAPTCHA generally works, exposing some weaknesses in the system. We’ll then dive into three different exploits for these weaknesses. We’ll cover how an odd quirk of some AWS address spaces led them to be vulnerable to MITM attacks. We’ll also explore how effective LLMs can be by optimizing the time-to-first-token. We’ll examine the power of crowdsourcing CAPTCHAs through a custom browser extension, turning your social circles into ticket-grabbing armies. Finally, we’ll briefly discuss some defenses to these attacks and alternative strategies used by other events, highlighting the challenges in creating a fair ticketing system for high-demand events.
Karl Koscher is a technology and security generalist with an emphasis on wireless and embedded systems security. As part of his dissertation work at the University of Washington, he and his collaborators were the first to demonstrate a complete remote compromise of a car over cellular, Bluetooth, and other channels. He is a multi-time F5 day winner and has obtained all tickets to ShmooCon ethically without the use of bots or other tools.