Agent-Augmented Security Development and Operations – November 2025

November 11, 2025 / roanokeinfosec

As the days grow shorter and we start pulling out our warmest sweaters, it’s the perfect time to turn our focus inward and sharpen our technical skills. Before the frantic holiday season truly kicks in, let’s gather for a session that brings practical, powerful light to the often-dark and complex world of Large Language Models (LLMs) and security.

The lack of sunshine shouldn’t mean a lack of new knowledge! This Thursday, November 13th, Aaron McPhall will be illuminating how we can move past simple chatbot interfaces and start implementing powerful, secure AI agents directly into our workflows.

Feature Talk: Agent-Augmented SecOps: Building Your Private LLM Coding Workbench

The rise of large language models (LLMs) is fundamentally changing the software development and security operations (SecOps) lifecycle.

This session moves beyond basic chatbot coding to explore agentic coding: integrating powerful AI models directly into the IDE to automate complex workflows while maintaining data security.

Why Go Private? Secure AI, Lower Cost

We will focus specifically on utilizing local, open-weight LLMs (like Qwen3 Coder) as cost-effective and private alternatives to expensive cloud services, ensuring sensitive data remains on-premise. Attendees will learn how to build a practical development stack.

Key components that will be covered include:

Inference Providers: Selecting an appropriate inference provider (ollama, llama.cpp).
Model Mechanics: Understanding the trade-offs in model quantization and context length.
Hardware Planning: Calculating the necessary hardware and VRAM to run agents efficiently.
Live Orchestration: Through live demonstrations using IDE extensions like RooCode, the presenter will show how to orchestrate complex security tasks such as certificate lifecycle review and structured analysis of helpdesk tickets to unlock the true potential of AI agents in a developer or analyst’s workflow.

If you’ve been looking for a way to leverage AI agents without sacrificing data privacy or blowing your budget, this is a must-attend session. Don’t let the technical complexity of local LLMs keep you in the dark, come learn how to build your own secured workbench.

Meeting Details:

We will be meeting at Virginia Western Community College in the Hall Family Business/Science Building. Take the stairs to the left and go to the third floor and go to the CyberSecurity lab in room M302.

Meeting info:
Virginia Western Community College
Business/Science Building, Room M302
November 13th, 2025 @ 6PM
https://maps.app.goo.gl/ToJyoaMJ5BUy417QA

Looking forward to seeing you there!

DOMination: Weaponizing XSS – July 2025

July 8, 2025 / roanokeinfosec

Hope you’re all staying cool in this scorching July heat! While the temperatures outside are blazing, we’ve got a meeting coming up that’s going to be even hotter – in a good, cybersecurity-savvy way, of course!

Prepare to have your minds melted (with knowledge, not the sun!) at our next RISE Cyber Security meeting. We’re thrilled to announce a speaker who’s ready to fire up your understanding of web vulnerabilities.

This month, we’re welcoming the brilliant Ben Eldritch to the stage. He’s bringing a talk with the following details:

DOMination: Weaponizing XSS

Even the smallest input can create a big problem. Oftentimes XSS vulnerabilities are demonstrated by popping an alert box on your screen or sending out document cookies to an external endpoint. But did you know as soon as you get access to the DOM the webpage becomes a blank canvas? The possibilities are endless from background JavaScript execution, mapping internal networks and even assisting in MFA mimicry. Join us as we discuss various techniques that turn simple XSS vulnerabilities into powerful phishing landscapes and advanced threat playgrounds.

Come join us for an evening that’s sure to be illuminating and help you beat the heat of potential cyber threats! We promise it’ll be more refreshing than an ice-cold lemonade on a hot day.

Event Details:

Date: Thursday, July 10, 2025
Time: 6pm
Location: Virginia Western Business/Science Building Room M302
Speaker: Ben Eldritch
Talk Title: DOMination: Weaponizing XSS

Meeting Details:

Meeting info:
Virginia Western Community College
Business/Science Building, Room M302
July 10th, 2025 @ 6PM
https://maps.app.goo.gl/ToJyoaMJ5BUy417QA

Looking forward to seeing you there!

August 2023 – Lightning Talks Round 1

August 6, 2023 / roanokeinfosec

We had more lightning talks submitted than we initially expected! So, we are going to adjust the flow a bit, and split the lightning talks into two great sessions to provide a little more wiggle room for speakers to deliver their material.

The ⚡three ⚡lightning ⚡talks we have set for this month are:

Verify your Verification
Speaker Ben Eldritch shared the following for this talk: “I’ve pentested 3 different webapps over the past few months, and none of them have implemented account/email verification correctly. Here are a few examples of what can go wrong with account creation, and how you can fix it!”

Terraforming your Cyber Landscape
Speaker Aaron McPhall shared the following for this talk: “This talk will cover an introduction to Terraform, and why it should be considered for any cloud enabled organization. Aaron will cover the benefits of infrastructure as code as well and how terraform can be used to enable scaling and security for cloud services.”

DDoS: What you wanted to know but didn’t want to talk to your 13 year old neighbor
Andrew Beard will be leading this talk on DDoS techniques and mitigation.

In other news, there is an upcoming CTF hosted by RBTC on September 7th. Find out more at:
https://www.rbtc.tech/event/hands-on-security-capture-the-flag-event/

We look forward to seeing you in-person. If you can’t make it, we will also attempt a zoom session and recording.

Meeting info:

August 10th, 2023 @ 5:30PM

ECPI University
5234 Airport Rd NW Suite 200, Roanoke, VA 24012
https://goo.gl/maps/T6TikCHLoPQaWXzT7

Hope to see you there!

March 2021 – Quantum Computing – Fact vs Fiction

March 4, 2021March 4, 2021 / roanokeinfosec

For March 2021 Rob Perry (CISO from Carilion Clinic) returns with an insightful look at quantum computing and how it could potentially change the IT Security landscape. Never wanting to shy away from the more technical topics Rob’s previous talk regarding BlockChain challenged the most well held beliefs regarding its usage and forced us to look at Block Chain differently. Now we have an opportunity to see where he will take us in this talk. Don’t miss a great opportunity to hear from a local industry leader as we cover “Quantum Computing – Fact vs Fiction”. This meeting will be virtual, and we will send connection details prior to the event. Hope to see you there!

Event Details

March 11th, 2021 @ 5:30pm,

Virtual Event – sign up to RISE email list for connection info

Subject of discussion:

Talk of recent advances in quantum computing has security professionals wondering if encryption algorithms like RSA are now vulnerable and need to be replaced or completely discarded. This talk will provide a brief overview of quantum computing and then pragmatically evaluate whether quantum computing is rewriting the security landscape or if quantum more closely resembles the hype of AI / artificial intelligence. Drinks will be served (virtually), so have your favorite beverage handy.

Presenter Bio:

Robert Perry is the Chief Information Security Officer (CISO) for Carilion Clinic, one of the largest hospitals and healthcare providers based in southwest Virginia, serving nearly one million in the Virginia community and surrounding areas.

As an expert in the technology industry, Mr. Perry’s charismatic speaking style and passion for technology and cybersecurity have made him a sought after speaker at conferences. Speaking topic range in areas including: cybersecurity systems, and tools, attack and counter attack cybersecurity response systems, authentication and access control.

Mr. Perry is a high performance IT leader with over 20 years’ experience managing cybersecurity, technology systems and networking. His business and technology experience has allowed Mr. Perry to align technology initiatives with corporate and organizational business objectives.

He holds dual masters degrees: Masters in Technology Management and a Masters of Business Administration (MBA). Mr. Perry’s licenses and certificates include: CISSP (retired), CISA, CCSP, and CCNA-Voice

Earn CPE Credits through RISE

June 20, 2019 / roanokeinfosec / Leave a comment

We know you don’t need additional incentive to come out to monthly RISE meetings. But a little icing on the cake never hurts. Did you know that you can earn continuing professional education (CPE) credits for your (ISC)² certifications through participation in RISE?

Continue reading →

(ISC)2 – Cyber Safety and Education for Children

April 30, 2019April 28, 2019 / roanokeinfosec / Leave a comment

Logo for the Center for Cyber Safety and Education

The Center for Cyber Safety and Education is a charitable organization formed by the cybersecurity professional organization (ISC)². The Center provides educational materials designed to educate and raise awareness of cybersecurity and cyberbullying. Visitors to the site can find information on cybersecurity research, scholarships, and educational packages designed to teach cybersecurity to elementary children – including free, downloadable basic packages for classes up to 20 students. Materials present concepts and situations at a fundamental level so non-IT professionals can share the message of cyber safety.

RISE – Roanoke InfoSec Exchange

The premier InfoSec group in the Roanoke, VA region!

Education