BSides Atlanta
May 4 2019 - KSU Center, Kennesaw
Volunteer Signup Tickets

About Security BSides

Each BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of space and time. It creates opportunities for individuals to both present and participate in an intimate atmosphere that encourages collaboration. It is an intense event with discussions, demos, and interaction from participants. It is where conversations for the next-big-thing are happening.

CFP Dates

  • Friday, February 1 - CFP opens
  • Thursday, March 7 - CFP closes
  • Friday, March 8 - CFP Review process begins
  • Friday, March 29 - CFP Review process closes
  • Monday, April 1 - CFP Decisions sent out

Ticket Information

We’re doing tickets a little differently this year. As always, BSides Atlanta 2019 is a free event that is open to all. This year we’ve added a Personal Sponsor option. This sponsorship helps pay for putting the conference on and gets you early access to a ticket.

We also decided to release free GA tickets in waves based on feedback from all of you. Check the schedule below and get your clicking fingers ready!

Click here to get your tickets.

Ticket Schedule

  • Monday, February 18, Noon EST - Personal Sponsor tickets available
  • Friday, March 1, Noon EST - Wave 1 of GA tickets available
  • Monday, April 1, Noon EDT - Wave 2 of GA tickets available

A wait list will be available when Wave 2 completes. We will do our best to get tickets to as many people on the wait list as possible.


One day, endless entertainment

  • Keynote: Software-Defined Everything, and What That Means to Security

    Dave Shackleford

    What do security teams need to know about software-defined infrastructure, and new capabilities we may gain from using them ourselves? What will be some of the critical skill sets for security professionals now and in the future as these technologies become ever-more pervasive? In this presentation, Dave will cover everything from virtualization to containers, software-defined networking to public cloud, with a breakdown of key areas to focus on for security teams and specific advice for different security roles and positions.

  • More

Our amazing speakers

Without them, we’d just be drinking coffee and eating lunch all day.

Dave Shackleford

Voodoo Security

Keynote: Software-Defined Everything, and What That Means to Security

Amber Welch

Data Access Rights Exploits under New Privacy Laws

Until she’s accepted for a Mars mission, Amber Welch is pursuing the advancement of personal information privacy and data protection as a Privacy Technical Lead for Schellman & Company. Amber has been assessing corporate privacy compliance programs for the past year and prior to that, managed security and privacy governance for a suite of SaaS products. She has previously worked in companies creating ERP, CRM, event planning, and biologics manufacturing software.

Ben Knowles

Preparing for your Cybersecurity Career

Ben S. Knowles is a professional computer security consultant and educator in the Atlanta, Georgia, USA area. Ben presents at local groups and conferences on analysis, forensics, and security education, leads Community classes on defense, response, and analysis with the SANS Institute and has bugs and patches in a few public tools. Ben is a consultant on the incident response team of a global firm.

Brian Contos


Brian Contos is the CISO & VP, Technology Innovation at Verodin. He is a seasoned executive with over two decades of experience in the cybersecurity industry as well as a board advisor, entrepreneur, and author. After getting his start in cybersecurity with the Defense Information Systems Agency (DISA) and later Bell Labs, he began the process of building cybersecurity startups and taking multiple companies through successful IPOs and acquisitions, including Riptech, ArcSight, Imperva, McAfee, and Solera Networks. Brian has worked in over 50 countries across six continents. He is a board advisor for Cylance, JASK, Appdome, and the University of South Florida. He has authored several books, his latest with the former Deputy Director of the NSA, spoken at leading security events globally such as Black Hat, RSA, and BSides, and has been on C-SPAN, Fox, CNBC, CBS News, Bloomberg, and many others. Brian is a Distinguished Fellow with the Ponemon Institute and an Official Member of the Forbes Technology Council. Brian was recently featured in a cyberwar documentary alongside General Michael Hayden (former Director NSA and CIA).

Hudson Bush

Too Small to Fail: Securing Small and Medium Businesses

Hudson Bush is a Security Architect that injects Threat Modeling into everything he does. He mostly works with Government Regulatory Compliance, Risk Management, and Business Impact Analysis. His goal is to teach others about the mistakes that he has made so that others don’t have to repeat them.

Ismaelle Vixsama

Cyberstalking: A Privacy Issue

Ismaelle is an Information Security Governance and Strategy professional with experience working with Security Governance programs across Financial Services and Public Sector. Her compliance specialties include ISO 2700X, NIST, GLBA and FFIEC. Ismaelle holds a Master’s of Science in Cybersecurity, CISM and ISO 27001 Lead Implementer certifications.

In her spare time, she enjoys traveling, watching anime and spending time with her young nieces and nephews. She is also a mentor and an advocate for women and non-binary people in technology and cybersecurity.

Jason Hill

How to create a Compliance baseline and simplify compliance forever

Mr. Hill’s accomplishments include acting information security chief of one of the largest aluminum producers in the world and Information Assurance lead for a $180M infrastructure revamp for a Department of Defense entity. Training and consulting clients have ranged large and small included dozens of Managed Security Services Providers, Fortune 500 companies, NASA and other US government institutions. Mr. Hill has had cybersecurity consulting responsibilities for a variety of clients encompassing the globe utilizing the NIST-RMF, NIST- CSF, and ISO 27001 frameworks as well as his experience as a PCI QSA. Having a background in system architecture and design Mr. Hill brings a uniquely refreshing perspective on information security which provides clients and partners value beyond industry norms.

Joe Gray

Social Forensication: A Multidisciplinary Approach to Successful Social Engineering

Joe Gray joined the U.S. Navy directly out of High School and served for 7 years as a Submarine Navigation Electronics Technician. Joe is currently a Senior Security Architect and maintains his own blog and podcast called Advanced Persistent Security. In his spare time, Joe enjoys attending information security conferences, contributing blogs to various outlets, training in Brazilian Jiu Jitsu, and flying his drone. Joe is the inaugural winner of the DerbyCon Social Engineering Capture the Flag (SECTF) and was awarded a DerbyCon Black Badge. Joe is a regular Forbes contributor and has contributed material for the likes of AlienVault, ITSP Magazine, CSO Online, and Dark Reading. Joe is an IBM Recognized Speaker/Presenter.

Nathan Hamiel

Agile Security for Modern Threats

Nathan Hamiel is Head of Cybersecurity Research at Kudelski Security, an international security company providing innovative and tailored solutions to enterprises and public-sector clients. Nathan works in the innovation group defining the future of services and products for the company. A security veteran with a strong focus on software security, he has spent his nearly 20-year career helping customers around the world solve complex security challenges.

Nathan has presented his research at global security events including Black Hat, DEF CON, HOPE, ShmooCon, SecTor, ToorCon and many others. He is also a member of the Black Hat review board where he evaluates research for inclusion into the various conferences around the world.

Ray Kelly

Mobile App Vulnerabilities – The Bad, The Worse And The Ugly

Ray Kelly is an internet security professional with over twenty years of development experience, twelve of which has focused on the internet security space. Ray has been a key player in multiple successfully acquired cyber security start-ups. He was the Lead Developer and Business Unit Director for WebInspect with SPI Dynamics which is an industry leading application security scanner. Currently Ray is a Application Security Architect for Micro Focus where he contributes to security research, business vision and customer success

Ryan Wilson

Continuous Monitoring on a Budget: OpenWRT, Python, Documented Analytic Tradecraft, and the Cloud

Ryan is a cybersecurity professional, instructor, and entrepreneur. He has served the U.S. Government with his expertise for over 10 years. More recently, he has started consulting with small businesses and families to help them protect themselves from the cyberspace things that keep them up at night. When not nerding around (he really likes programming!), he loves shaping his children (a.k.a. parenting), kayaking, camping, and biking. And he recently achieved a childhood dream of computerizing his Christmas light display and syncing them to music with his Raspberry Pi. Soli Deo Gloria.

Tony Drake

Incident Response for the Overwhelmed, Understaffed and Unprepared

Tony Drake has over 25 years of experience in various areas of information security and system administration including certifications in Pen Testing, Incident Response and Forensics.

Vishruta Rudresh

Under the skin: Privacy engineering of medical devices

Vishruta Rudresh is a Senior Cybersecurity Researcher at Kudelski Security focusing on fundamental new approaches to IoT and OT environment security, including but not limited to machine learning, edge device decision making, and low power environment security. She has been working in the Information Technology industry since 2011 specializing in IoT security, malware reverse engineering, system and application administration, incident response, digital forensics, and mobile security and has a master’s degree in Information Technology- Information Security from Carnegie Mellon University.

Wes Lambert

Alexa Knows My Kids Better Than I Do

Wes Lambert is a Senior Engineer at Security Onion Solutions, where he helps customers to implement enterprise security monitoring solutions and better understand their computer networks. He is an active supporter of open source software projects, and loves helping others to solve problems with completely free and easily deployable tools.

Wes Widner

The Sound of Evil - An exploration of the audio security landscape

One of the first dates with my wife was spent overclocking a Gateway 2000 66Mhz to 175Mhz. I knew she was the one as the under-cooled chip glowed red hot and set off the smoke alarm. These days, I’m an Engineering Manager at CrowdStrike, a leading cybersecurity company. Hit me up if you’re interested in joining our team!

Xavier Ashe

Indicators of Crap

Xavier Ashe is currently the VP of Security Engineering at SunTrust. He is a Georgia Institute of Technology alumnus and has 25 years of hands-on experience in information security. Working for various security vendors and consulting firms for the last 15 years, including IBM, Gartner, and Carbon Black, Xavier has been focused on helping secure companies of all sizes. Xavier was the first hire at the startup Drawbridge Networks, where he was instrumental in bringing the first microsegmentation solution for servers and workstations to market. Mr. Ashe holds many industry certifications, including CISM, CISSP, ITIL, SOA, and others.

Our Sponsors

We thank these sponsors for making our event great!







Code of Conduct

We have NO TOLERANCE for physical/verbal/sexual harassment of any human, humanoid or AI!

Our “Code of Conduct” is “Be Excellent to Each Other” AKA the Golden Rule. Failing that, it is “Do not be an Ass* or we will kick your ass out!“.

Asking questions of a speaker during their talk, to get clarity or debate a point is NOT being an ass – heckling or haranguing the speaker IS. If you are not sure, ask, or err on the side of basic decency and common courtesy. If what they are doing would not be acceptable to have done to you, your best friend, your worst enemy, your sister, niece, daughter, brother, nephew, son, mother, father, or any human being, do not let them treat anyone else that way – whether you know them or not. If someone asks you to stop – stop.

If you are having an issue with a BSidesATL participant of ANY type, find an organizer. They will assist you in determining the next steps for you to feel safe and heard.

*Staff reserves the right to determine what constitutes “Being an Ass”.