We’re officially through the post-holiday slump, and it’s time to discuss the new year together. Let’s shake off the February chill with some good company and even better conversation!
Join your fellow cybersecurity pros for our February social; it’s the perfect chance to decompress, talk shop, and enjoy a cold beverage at one of our favorite local spots.
Vibe: Informal. No slides, no long-winded agendas; just peers swapping tales and learnings.
CFP Reminder: BSides Roanoke 2026
The clock is ticking! This is your friendly reminder that the Call for Presentations (CFP) for BSides Roanoke is winding down. We want your technical deep dives, your “I can’t believe I found this” stories, and your unique security perspectives.
Conference Date: Friday, June 5th, 2026
CFP Closes: This Month! Don’t wait until the last minute to get those talk ideas in.
Happy New Year! We hope you had a fantastic holiday season.
We are kicking off 2026 with an incredible speaker and a topic that hits home for every security enthusiast: building your own security visibility from the ground up.
The Details
Speaker: Lizz Boice, Head of Cybersecurity Operations at GFiber
Topic:More Logs Please! Building a SIEM in Your Homelab
Date: Thursday, January 15th
Location: Virginia Western Community College (VWCC)
A Note on the Date: RISE typically meets on the second Thursday of the month. The first Thursday fell on New Year’s Day, we shifted our planning cycle back one week. We are meeting on the third Thursday (Jan 15th) for this month only to adjust for a post holiday recovery!
About the Talk
The best way to understand the tools of the trade is often to build them yourself. Whether you are looking to sharpen your detection engineering skills or just want to know what your home network is actually doing, there is no better teacher than a well-built homelab.
Lizz Boice will walk us through the journey of deploying a production-grade security stack right in your own home. Drawing on her experience in detection and automation at organizations like Zoox and Palo Alto Networks, Lizz will strip away the enterprise buzzwords to give you a clear, practical guide to log collection.
In this hands-on session, we’ll cover:
The “Why”: How SIEM helps Blue Teamers correlate logs and Red Teamers understand forensics.
The Build: A step-by-step guide to deploying the Elastic Stack (Elasticsearch, Kibana, and Fleet) using Docker.
The Hurdles: Fixing real-world headaches like SSL certificates and “503 Service Unavailable” errors.
The Data: How to collect and search through data from your devices using Elastic agents.
Whether you are an aspiring SOC analyst, a seasoned Red Teamer, or a hobbyist who loves data, this talk will give you the blueprint to turn server logs into powerful security intelligence.
Meeting Details: We will be meeting at Virginia Western Community College in the Hall Family Business/Science Building. Take the stairs to the left and go to the third floor and go to the CyberSecurity lab in room M302.
As the year winds down, let’s take a moment to celebrate before the holidays officially take over! Join your fellow cybersecurity pros for our December social, it’s the perfect chance to decompress, share what you’ve learned this year, and enjoy a cold beverage.
Join us this Thursday, December 11th at 6:00 PM at Twisted Track Brewpub.
This is an informal gathering, meaning no agenda, just a great opportunity to connect with peers and swap tales from the front lines of information security.
🗣️ Call for Presentations (CFP) is OPEN for BSides Roanoke 2026!
Ready to share your knowledge? The Call for Presentations for BSides Roanoke 2026 is officially OPEN!
We’re looking for great technical sessions, deep dives, and unique perspectives for the conference on Friday, June 5th, 2026. If you have an idea, we want to hear it!
CFP Closes: February 2026! Start getting your talk ideas in now.
Conference Date: June 5th, 2026
Don’t miss the chance to be a part of the local infosec community’s premier event. Be sure to stay tuned to our shiny new website, https://bsidesroa.org, for all conference updates!
As the days grow shorter and we start pulling out our warmest sweaters, it’s the perfect time to turn our focus inward and sharpen our technical skills. Before the frantic holiday season truly kicks in, let’s gather for a session that brings practical, powerful light to the often-dark and complex world of Large Language Models (LLMs) and security.
The lack of sunshine shouldn’t mean a lack of new knowledge! This Thursday, November 13th, Aaron McPhall will be illuminating how we can move past simple chatbot interfaces and start implementing powerful, secure AI agents directly into our workflows.
Feature Talk: Agent-Augmented SecOps: Building Your Private LLM Coding Workbench
The rise of large language models (LLMs) is fundamentally changing the software development and security operations (SecOps) lifecycle.
This session moves beyond basic chatbot coding to explore agentic coding: integrating powerful AI models directly into the IDE to automate complex workflows while maintaining data security.
Why Go Private? Secure AI, Lower Cost
We will focus specifically on utilizing local, open-weight LLMs (like Qwen3 Coder) as cost-effective and private alternatives to expensive cloud services, ensuring sensitive data remains on-premise. Attendees will learn how to build a practical development stack.
Key components that will be covered include:
Inference Providers: Selecting an appropriate inference provider (ollama, llama.cpp).
Model Mechanics: Understanding the trade-offs in model quantization and context length.
Hardware Planning: Calculating the necessary hardware and VRAM to run agents efficiently.
Live Orchestration: Through live demonstrations using IDE extensions like RooCode, the presenter will show how to orchestrate complex security tasks such as certificate lifecycle review and structured analysis of helpdesk tickets to unlock the true potential of AI agents in a developer or analyst’s workflow.
If you’ve been looking for a way to leverage AI agents without sacrificing data privacy or blowing your budget, this is a must-attend session. Don’t let the technical complexity of local LLMs keep you in the dark, come learn how to build your own secured workbench.
Meeting Details:
We will be meeting at Virginia Western Community College in the Hall Family Business/Science Building. Take the stairs to the left and go to the third floor and go to the CyberSecurity lab in room M302.
We’ve got a busy and exciting October planned for you! Please note the details for two separate events coming up this month.
Event 1: RBTC IT-Security, Defense Against the Dark Arts! Panel Demos
Join our colleagues at the RBTC (Roanoke Blacksburg Technology Council) for a fantastic evening of technical demonstrations! This year has something for everyone, and dinner and drinks are included.
Web Dev Security: A professional pentester demonstrates how web-XSS/JWTs are weaponized, and how to keep your stuff safe.
Red Teaming: The head of the VT ITSO Red Team (pentester) shares one of his custom scanning/reporting tools that he’s created himself and how he uses it to scan and assess VT network/host risks.
Malware Analysis: Drill into the methodology for tracking down a Linux endpoint infection with a bitminer, including detection, classification, and remediation.
Event 2: RISE Social – Your Pre-Holiday Decompression
Fall is officially here, and before the holiday season chaos begins, let’s gather for our last RISE social of the year! It’s the perfect time to grab a cold beverage (or pretend it’s pumpkin spice season) and decompress before the end-of-year sprint.
Join your fellow cybersecurity pros for a social gathering next Thursday, October 9th at 6:00 PM at Twisted Track.
This is your chance to log off, relax, and swap tales from your infosec adventures. There’s no formal agenda, just an opportunity to connect and maybe phish for some new insights from your peers. It’s a great time to patch into conversations about the latest trends.
As the days get shorter and the promise of cooler weather is in the air, we’re also entering a new season in the world of technology. The rapid evolution of AI is reshaping how we work and, more critically, how we manage data security. Just as we transition from summer to fall, our approach to cybersecurity must adapt to a changing landscape.
We invite you to our next RISE meeting this week for a timely talk: “Securing the Future — Data Security in the Age of AI.”
Our guest speaker, Trip Humphrey, Director of Data Science & AI at Carilion Clinic, will provide invaluable insights into this critical topic. Leveraging his extensive experience, Trip will cover:
How AI is transforming data usage and risk landscapes
Emerging threats and vulnerabilities introduced by AI technologies
Best practices for securing sensitive data in AI-powered environments
Ethical considerations and governance frameworks for responsible AI
Whether you’re a security leader, a technologist, or a business stakeholder, this conversation is essential for safeguarding your organization while harnessing the power of AI.
We look forward to seeing you there!
Event Details:
Date: Thursday, September 11, 2025
Time: 6pm
Location: Virginia Western Business/Science Building Room M302
Speaker: Trip Humphrey
Talk Title: Securing the Future — Data Security in the Age of AI
Meeting Details:
We will be meeting at Virginia Western Community College in the Hall Family Business/Science Building. Take the stairs to the left and go to the third floor and go to the CyberSecurity lab in room M302.
Hacker Summer Camp is now wrapping up, and with the back-to-school season just around the corner, why not take a moment to decompress before we get back to the daily grind?
Join your fellow cybersecurity pros for a social gathering next Thursday, August 14th at 6:00 PM at Twisted Track.
This is your chance to log off, relax, and swap tales from your infosec adventures. There’s no formal agenda, just an opportunity to connect and maybe phish for some new insights from your peers. It’s a great time to patch into the conversation about the latest trends, including how AI is hacking into our daily workflows.
Hope you’re all staying cool in this scorching July heat! While the temperatures outside are blazing, we’ve got a meeting coming up that’s going to be even hotter – in a good, cybersecurity-savvy way, of course!
Prepare to have your minds melted (with knowledge, not the sun!) at our next RISE Cyber Security meeting. We’re thrilled to announce a speaker who’s ready to fire up your understanding of web vulnerabilities.
This month, we’re welcoming the brilliant Ben Eldritch to the stage. He’s bringing a talk with the following details:
DOMination: Weaponizing XSS
Even the smallest input can create a big problem. Oftentimes XSS vulnerabilities are demonstrated by popping an alert box on your screen or sending out document cookies to an external endpoint. But did you know as soon as you get access to the DOM the webpage becomes a blank canvas? The possibilities are endless from background JavaScript execution, mapping internal networks and even assisting in MFA mimicry. Join us as we discuss various techniques that turn simple XSS vulnerabilities into powerful phishing landscapes and advanced threat playgrounds.
Come join us for an evening that’s sure to be illuminating and help you beat the heat of potential cyber threats! We promise it’ll be more refreshing than an ice-cold lemonade on a hot day.
Event Details:
Date: Thursday, July 10, 2025
Time: 6pm
Location: Virginia Western Business/Science Building Room M302
Speaker: Ben Eldritch
Talk Title: DOMination: Weaponizing XSS
Meeting Details:
We will be meeting at Virginia Western Community College in the Hall Family Business/Science Building. Take the stairs to the left and go to the third floor and go to the CyberSecurity lab in room M302.
Summer’s heating up, and so is the next Roanoke Infosec Exchange (RISE) meeting! Get ready to dive deep and PAN out some serious knowledge, because we’ve got a fantastic session lined up that’s going to make your security senses tingle.
We’re absolutely thrilled to announce that Regen Peterson will be joining us on Thursday, June 12th to deliver a talk that’s as cool as a summer breeze and as insightful as a perfectly executed exploit:
“Forging the Attack Path: A Deep Dive into PAN-OS Exploitation and Post-Exploitation”
In this talk, Regen will pull back the curtain on a recent attack path he discovered and successfully utilized in multiple real-world engagements. You’ll gain a unique perspective on how a chain of Palo Alto PAN-OS vulnerabilities can be leveraged, and critically, how post-exploitation steps were identified and simplified using a custom-developed tool. Think of it as mapping out the perfect summer road trip, but for attackers!
This presentation offers a compelling blend of the “Hacker Mindset” – exploring methodology and thought processes – with a more technical discussion of the specific vulnerabilities abused. Regen will also briefly touch on crucial prevention and detection strategies, so you can help keep your networks as chill as a pool party.
And for those who love live action, if the demo gods are with us and time permits, Regen plans to walk through the entire attack chain on his own vulnerable VM! Prepare for some real-time fireworks!
This is a fantastic opportunity to learn from real-world experience and enhance your understanding of modern attack techniques and red team operations. Whether you’re a seasoned security professional or just starting out, you’ll walk away with valuable insights to Alto-er your security game.
Event Details:
Date: Thursday, June 12th, 2025
Time: 6pm
Location: Virginia Western Business/Science Building Room M302
Speaker: Regen Peterson
Talk Title: Forging the Attack Path: A Deep Dive into PAN-OS Exploitation and Post-Exploitation
Talk Description:
Through the talk we’ll be discussing a chain of PAN-OS vulnerabilities used in an attack path I recently found and used successfully in multiple real world engagements, as well as looking at how these post-exploitation steps were identified, and the tool I developed for simplifying these attacks. This allows the talk to serve as a combination of the typical “Hacker Mindset” talks (methodology, etc) and a slightly more technical discussion of each of the specific vulnerabilities abused in both the exploitation and post-exploitation. We’ll also very briefly touch on prevention and detection of these attacks. Lastly, I do have my own vulnerable VM, so if the demo gods and the clock allow it then we will be able to walk through it all in real time.
Meeting Details:
We will be meeting at Virginia Western Community College in the Hall Family Business/Science Building. Take the stairs to the left and go to the third floor and go to the CyberSecurity lab in room M302.
Please mark your calendars and spread the word! We look forward to seeing you there for another engaging RISE meeting. Don’t miss out on this hot topic!
Ready to swap your keyboard for a corner office? Or maybe just curious how to navigate the wild world of IT leadership? Then join us for the next RISE meeting!
Mark your calendars for April 10th at Virginia Western Community College!
We’re thrilled to welcome Rob Garbee, Director of Information Security at the Carilion Clinic, who’ll be sharing his epic quest “From IT Specialist to IT Strategist: My Move to Management.” Think of it as a cheat code for your career!
Here’s the lowdown:
Ever wondered what it’s really like to go from fixing firewalls to leading a team? Rob’s got the inside scoop! He’ll be dishing out the dirt (the good kind!) on his journey from network security engineer to the big boss. Expect tales of triumph, epic fails, and everything in between.
In his own words (or close to it):
“Are you contemplating a leap into management or intrigued by what such a transition entails? Join us for an enlightening presentation where I will recount my journey from a network security engineer to the Director of Information Security. I will candidly discuss the highs, the lows, and everything in between. I’m looking forward to giving you a real, unfiltered look at my move from the trenches to management, and hopefully, you’ll find it useful.”
Basically, Rob’s going to drop some knowledge bombs that could seriously level up your career. Don’t miss out on this chance to learn from someone who’s been there, done that, and probably has the t-shirt.
We’re looking forward to seeing you there! Get ready for some serious insights, a few laughs, and maybe even a networking opportunity or two.
See you on April 10th!
Meeting Details:
We will be meeting at Virginia Western Community College in the Hall Family Business/Science Building. Take the stairs to the left and go to the third floor and go to the CyberSecurity lab in room M302.
RISE - Roanoke InfoSec Exchange 