Banner
Event Banner

BSides Harrisburg 2025

Friday, Apr 25, 2025 at 8:00 AM to 5:00 PM EDT

Pennsylvania Farm Show Complex & Expo Center, 2300 N Cameron St, Harrisburg, PA, 17110, United States

Sale ended

1. Select Seats

2. Review and Proceed

Days
Hours
Minutes
Seconds

Event Information

Friday, Apr 25, 2025 at 8:00 AM to 5:00 PM EDT

Pennsylvania Farm Show Complex & Expo Center, 2300 N Cameron St, Harrisburg, PA, 17110, United States.

BSides Harrisburg is an annual community-driven cybersecurity conference that provides a platform for information sharing, collaboration, and networking among security professionals, enthusiasts, and students.

Attendees gain valuable insights into the latest security trends, emerging threats, and innovative solutions through technical talks, workshops, and hands-on activities.

The conference fosters a welcoming and inclusive environment that encourages open dialogue and knowledge exchange, making it an ideal event for anyone passionate about cybersecurity to learn, connect, and grow.

Event Location

About Organizer

BSides Harrisburg Organizer name

bsideshbg.com

Annual gathering of cybersecurity professionals, hackers, and enthusiasts

Contact the Organizer View other events

Speakers

Meet Ean Dudley, a graduate of Penn State University majoring in Cybersecurity with a focus on geopolitics
and a minor in Political Science. He currently is working to obtain a Masters in Cyber Security from Western
Governors University.
Ean is a proven young talent in the field, holding a certification from ISC2 and the CASP-005. Ean has also
participated in the SANS Core Netwars Tournament of Champions and is a member of the US Cyber Team
Pipeline Program.
Ean currently works in IT at Sight and Sound Theatres and in his free time engaged in Bug Bounties. Ean is a
dedicated individual with a keen interest in the dynamic and ever-evolving field of cybersecurity

About Ean Dudley
infosec pro
N/A

​Ryan English is a researcher at Lumen Technologies’ Black Lotus Labs, where the team chases threats across the backbone of the internet. He began his career in cybersecurity over 13 years ago after spending most of his life in the military and as a private security specialist, because breaking things is a universal skill. He has spoken at BsidesLV and BsidesNYC among other places, but nothing is better than a Bsides and Hershey’s Chocolate Tour

About Ryan English
Security Researcher
Lumen

Danny Adamitis is a principal information security engineer at Black Lotus Labs, the threat research team at Lumen Technologies. Danny has tracked nation-state adversaries using both open-source and proprietary datasets in various roles for several years. More recently he has focused on threats to ISPs, including campaigns in which actors targeted networking equipment, Linux servers, and DNS infrastructure. Prior to joining Lumen Technologies, Daniel worked at Cisco Talos. Danny has a bachelor's degree in Diplomacy and International Relations from Seton Hall University.

About Danny Adamitis
Security Researcher
Lumen

Tim Otis has spent the last 28 years at the forefront of the cyber security industry.
He has held numerous roles from help-desk, system administrator, field engineer, software development, and incident response roles that have provided a wealth of knowledge, expertise,
and a seat at the table in cleaning up some of largest cyber security attacks in the world.
As Head of IR/MDR at Check Point, Tim leads a global team of IR Analysts, SOC Analysts, Coordination Experts,
Customer Success/Support and Software Developers to deliver Incident Response and MDR services to customers all over the world.

About Tim Otis
Head of IR/MDR
Check Point

Juan Giarrizzo is a Sr. Information Security Engineer and deputy CISO, with over 10 years of experience in
data analytic and cloud architecture pivoted to Cybersecurity after connecting over cocktails with amazing
hackers over six years ago. He loves to deliver creative and innovative solutions for the protection of digital
assets and data. He focuses mainly on incident response application security, threat intelligence, and
threat hunting.
Additionally, as an OSINT investigator Juan has collaborated with non-profit organizations focused on
human rights abuse, preparing evidence for international courts cases and identifying perpetrators and
responsible actors to bring justice to victims.
Additionally, he is the current Director for the RaicesCyber Philadelphia chapter, a non-profit organization
focusing on the empowerment of Hispanic professionals in the field of cybersecurity, and providing
resources to students and anybody interested in joining the field of cyber.
As a security subject matter expert for diverse technical initiatives, he finds himself embedded in technical
teams, enabling security by design in on-prem and cloud platforms while creating a collaborative dynamic
with different teams and stakeholders.
In his free time, he practices Judo and Jiu Jitsu and likes to learn technical skills that can apply to his
professional life, while cooking and exploring places in the search for new flavors and cool humans to talk
to.

About Juan Giarrizzo
infosec pro
N/A

Results-oriented Cybersecurity Leader with extensive experience in managing Security Operations Centers
(SOCs), leading incident response efforts, and implementing comprehensive security strategies. Proven
ability to mitigate cyber threats through proactive vulnerability management, security control
implementation, and threat intelligence analysis.

About Annas Mirza
infosec pro
N/A

Kayla is a senior security engineer in the CTO office with Zenity. Her professional career started in the
United States Marine Corps, where she then left active duty to pursue a career in Cybersecurity. Throughout
her years in security, she has served as a practitioner in vulnerability management, security operations,
crowdsourced security, and most recently, Agentic AI security and governance.
With a passion for bridging the gap between business and technology, Kayla will continue to evangelize the
importance of security for everyone.

About Kayla Underkoffler
Senior Security Engineer
Zenity

Danny Ocasio is an Information Security Officer with experience in Security Operations, Incident Response,
and GRC. Danny's career started as an Intelligence Specialist in the US Marine Corps. This early exposure to
network security influenced his decision to pursue a bachelor's degree in Security & Risk Analysis (SRA)
from Penn State University. Danny has worked at various unicorn startups, SOCs, and consulting.

About Danny Ocasio
Information Security Officer
N/A

Chris is a Pentester at Black Hills Information Security (BHIS), where he is responsible for Pen Testing web
apps, mobile app, APIs, and networks. He is also the owner of Ridgeback InfoSec (ridgebackinfosec.com)
and has authored two cybersecurity classes (Offensive Tooling Foundations and Offensive Tooling for
Operators) which he teaches via Antisyphon Training. Chris has nearly two decades of experience in
Web/Mobile development, QA automation, and Penetration Testing.
Certifications:
GSEC: GIAC Security Essentials
GCIH: GIAC Certified Incident Handler
GWAPT: GIAC Web Application Pen Tester
GPEN: GIAC Penetration Tester

About Chris Traynor
Pentester
BHIS + Ridgeback infosec

Carolina Hatch is a senior cybersecurity major at Messiah University. She frequently serves on panels for
the honors program, speaking to potential students and addressing their concerns. Carolina is also an
ambassador for the Computing, Math, and Physics Department, promoting the department. Most recently,
she was accepted to give a poster session at the National Center for Undergraduate Research earlier this
month.
In addition to her research, she is a member of the school’s Collegiate Cyber Defense Competition (CCDC)
team, where she serves as the head of communication and throws discus for the Track and Field team. After
graduation, Carolina plans to study the overlap of Artificial Intelligence and cybersecurity at Colorado State
University.

About Carolina Hatch
Sr CyberSecurity major
Messiah University

Raymond Nutting, (CISSP-ISSEP) is a published author, mentor and security practitioner supporting both
the public and private sectors with over 23 years’ experience in the field of information security. Raymond is
the co-owner and founder of nDepth Security, a Cybersecurity company that specializes in vulnerability
assessment and penetration testing. Raymond graduated magna cum laude with a degree in computer

information systems and a concentration in information systems security. He holds numerous industry-
recognized certifications and has presented at various conferences and events throughout his career.

About Raymond Nutting
Founder
nDepth Security

About Nathalie Baker
infosec pro
N/A
About Robert Vulpe
infosec pro
N/A

Vineeth is an GenAI Application Security Engineer at Amazon Web Services (AWS), specializing in core Data
Analytics services such as EMR, Athena, and LakeFormation. He has also been instrumental in developing
GenAI Security guidelines for service-to-service integration and development within AWS. Prior to his
current role, he held positions as a penetration tester and in threat intelligence. Additionally, he gained
valuable experience in Business Recovery and Disaster Recovery, particularly in mitigating ransomware
attacks during his tenure at Nordstrom.
Beyond his professional roles, Vineeth actively participates in the bug bounty scene and is passionate about
contributing to the community. He has shared his expertise as an Adjunct Instructor at the University of
Nevada, Las Vegas, and has delivered guest lectures at his alma mater, the University of Washington,
Seattle. Outside of work, he enjoys skiing and has recently started learning to surf. Vineeth also has a keen
interest in classic rock and EDM music.

About Vineeth Sai Narajala
GenAI Application Security Engineer
AWS

Amanda is a Principal Cyber Risk Engineer at Liberty Mutual Insurance. She is a GSE, retired Army, and
enjoys playing with yarn.

About Amanda Draeger
infosec pro
Liberty Mutual Insurance

Jessica has spent the last 8 years helping companies navigate the conversations around the prioritization of
security based on business criticality and the need for resiliency. She serves as a liaison between IT
leadership and boards to translate technical goals, and to turn the conversation of No into How.

About Jessica Weiland
infosec pro
N/A

Ashley Chackman is a cybersecurity leader who specializes in security education, intelligence research,
and cyber workforce development. With expertise in OSINT investigations, she also supports federal and
state law enforcement agencies by collecting and analyzing intelligence on human trafficking and missing
persons. She has led security training programs for global organizations, driving engagement through
organizational design, behavioral science, change management, and data-driven strategies.

About Ashley Chackman
Cybersecurity Leader
N/A

Wil has worked in cybersecurity for more than 24 years. Most of that time working in consulting & managed
security companies (MSP/MSSP/MDR), and value added resellers (VARs).
He’s lead most areas of that business from: pre-sales / solutioning, GTM, channel, innovation, service
delivery. product management, service development, product marketing, and a C-Level strategist.
He has a broad skill set across most domains of cybersecurity. He is a partner & advisor to CISOs, CIOs &
CEOs. Currently advising managed services & consulting firms on their business to drive more revenue &
grow. As well as, technology, PE, VC & start-ups on direction, state of the market, GTM strategy, channel
engagement and more.

About Wil Klusovsky
infosec pro
N/A

Mike Miller has been in Tech / Cyber for around 25+ years. Currently serving as a vCISO at Appalachia
Technologies. Mike's been mentoring and speaking nationally for years.

About Mike Miller
vCISO
Appalachia Technologies

Event Schedule

Session Date
Clear all ×

Sessions on Apr 25, 2025

08:00 AM

Registration / Check-In

08:00 AM - 09:00 AMRegistration Desk
09:00 AM

OPENING KEYNOTE

09:00 AM - 10:00 AMMain Track
    speaker

    Ryan English

    Security ResearcherLumen

    ​Ryan English is a researcher at Lumen Technologies’ Black Lotus Labs, where the team chases threats across the backbone of the internet. He began his career in cybersecurity over 13 years ago after spending most of his life in the military and as a private security specialist, because breaking things is a universal skill. He has spoken at BsidesLV and BsidesNYC among other places, but nothing is better than a Bsides and Hershey’s Chocolate Tour

    SocialLink
    speaker

    Danny Adamitis

    Security ResearcherLumen

    Danny Adamitis is a principal information security engineer at Black Lotus Labs, the threat research team at Lumen Technologies. Danny has tracked nation-state adversaries using both open-source and proprietary datasets in various roles for several years. More recently he has focused on threats to ISPs, including campaigns in which actors targeted networking equipment, Linux servers, and DNS infrastructure. Prior to joining Lumen Technologies, Daniel worked at Cisco Talos. Danny has a bachelor's degree in Diplomacy and International Relations from Seton Hall University.

    SocialLink
    10:00 AM
      speaker

      Annas Mirza

      infosec proN/A

      Results-oriented Cybersecurity Leader with extensive experience in managing Security Operations Centers
      (SOCs), leading incident response efforts, and implementing comprehensive security strategies. Proven
      ability to mitigate cyber threats through proactive vulnerability management, security control
      implementation, and threat intelligence analysis.

      SocialLink
        speaker

        Ean Dudley

        infosec proN/A

        Meet Ean Dudley, a graduate of Penn State University majoring in Cybersecurity with a focus on geopolitics
        and a minor in Political Science. He currently is working to obtain a Masters in Cyber Security from Western
        Governors University.
        Ean is a proven young talent in the field, holding a certification from ISC2 and the CASP-005. Ean has also
        participated in the SANS Core Netwars Tournament of Champions and is a member of the US Cyber Team
        Pipeline Program.
        Ean currently works in IT at Sight and Sound Theatres and in his free time engaged in Bug Bounties. Ean is a
        dedicated individual with a keen interest in the dynamic and ever-evolving field of cybersecurity

        SocialLink
        10:00 AM
          speaker

          Wil Klusovsky

          infosec proN/A

          Wil has worked in cybersecurity for more than 24 years. Most of that time working in consulting & managed
          security companies (MSP/MSSP/MDR), and value added resellers (VARs).
          He’s lead most areas of that business from: pre-sales / solutioning, GTM, channel, innovation, service
          delivery. product management, service development, product marketing, and a C-Level strategist.
          He has a broad skill set across most domains of cybersecurity. He is a partner & advisor to CISOs, CIOs &
          CEOs. Currently advising managed services & consulting firms on their business to drive more revenue &
          grow. As well as, technology, PE, VC & start-ups on direction, state of the market, GTM strategy, channel
          engagement and more.

          SocialLink
          11:00 AM
            speaker

            Kayla Underkoffler

            Senior Security EngineerZenity

            Kayla is a senior security engineer in the CTO office with Zenity. Her professional career started in the
            United States Marine Corps, where she then left active duty to pursue a career in Cybersecurity. Throughout
            her years in security, she has served as a practitioner in vulnerability management, security operations,
            crowdsourced security, and most recently, Agentic AI security and governance.
            With a passion for bridging the gap between business and technology, Kayla will continue to evangelize the
            importance of security for everyone.

            SocialLink
            11:00 AM
              speaker

              Danny Ocasio

              Information Security OfficerN/A

              Danny Ocasio is an Information Security Officer with experience in Security Operations, Incident Response,
              and GRC. Danny's career started as an Intelligence Specialist in the US Marine Corps. This early exposure to
              network security influenced his decision to pursue a bachelor's degree in Security & Risk Analysis (SRA)
              from Penn State University. Danny has worked at various unicorn startups, SOCs, and consulting.

              SocialLink
              11:30 AM
              Track 2

              Pentest Pains

              11:30 AM - 12:00 PM
                speaker

                Chris Traynor

                PentesterBHIS + Ridgeback infosec

                Chris is a Pentester at Black Hills Information Security (BHIS), where he is responsible for Pen Testing web
                apps, mobile app, APIs, and networks. He is also the owner of Ridgeback InfoSec (ridgebackinfosec.com)
                and has authored two cybersecurity classes (Offensive Tooling Foundations and Offensive Tooling for
                Operators) which he teaches via Antisyphon Training. Chris has nearly two decades of experience in
                Web/Mobile development, QA automation, and Penetration Testing.
                Certifications:
                GSEC: GIAC Security Essentials
                GCIH: GIAC Certified Incident Handler
                GWAPT: GIAC Web Application Pen Tester
                GPEN: GIAC Penetration Tester

                SocialLink
                12:00 PM

                Lunch

                12:00 PM - 01:00 PMOnsite
                01:00 PM
                  speaker

                  Carolina Hatch

                  Sr CyberSecurity majorMessiah University

                  Carolina Hatch is a senior cybersecurity major at Messiah University. She frequently serves on panels for
                  the honors program, speaking to potential students and addressing their concerns. Carolina is also an
                  ambassador for the Computing, Math, and Physics Department, promoting the department. Most recently,
                  she was accepted to give a poster session at the National Center for Undergraduate Research earlier this
                  month.
                  In addition to her research, she is a member of the school’s Collegiate Cyber Defense Competition (CCDC)
                  team, where she serves as the head of communication and throws discus for the Track and Field team. After
                  graduation, Carolina plans to study the overlap of Artificial Intelligence and cybersecurity at Colorado State
                  University.

                  SocialLink
                  01:00 PM
                    speaker

                    Nathalie Baker

                    infosec proN/A

                    SocialLink
                    01:15 PM
                      speaker

                      Mike Miller

                      vCISOAppalachia Technologies

                      Mike Miller has been in Tech / Cyber for around 25+ years. Currently serving as a vCISO at Appalachia
                      Technologies. Mike's been mentoring and speaking nationally for years.

                      SocialLink
                      01:30 PM
                      Track 1

                      TARGETED

                      01:30 PM - 02:00 PM
                        speaker

                        Raymond Nutting

                        FoundernDepth Security

                        Raymond Nutting, (CISSP-ISSEP) is a published author, mentor and security practitioner supporting both
                        the public and private sectors with over 23 years’ experience in the field of information security. Raymond is
                        the co-owner and founder of nDepth Security, a Cybersecurity company that specializes in vulnerability
                        assessment and penetration testing. Raymond graduated magna cum laude with a degree in computer

                        information systems and a concentration in information systems security. He holds numerous industry-
                        recognized certifications and has presented at various conferences and events throughout his career.

                        SocialLink
                        02:00 PM
                          speaker

                          Vineeth Sai Narajala

                          GenAI Application Security EngineerAWS

                          Vineeth is an GenAI Application Security Engineer at Amazon Web Services (AWS), specializing in core Data
                          Analytics services such as EMR, Athena, and LakeFormation. He has also been instrumental in developing
                          GenAI Security guidelines for service-to-service integration and development within AWS. Prior to his
                          current role, he held positions as a penetration tester and in threat intelligence. Additionally, he gained
                          valuable experience in Business Recovery and Disaster Recovery, particularly in mitigating ransomware
                          attacks during his tenure at Nordstrom.
                          Beyond his professional roles, Vineeth actively participates in the bug bounty scene and is passionate about
                          contributing to the community. He has shared his expertise as an Adjunct Instructor at the University of
                          Nevada, Las Vegas, and has delivered guest lectures at his alma mater, the University of Washington,
                          Seattle. Outside of work, he enjoys skiing and has recently started learning to surf. Vineeth also has a keen
                          interest in classic rock and EDM music.

                          SocialLink
                            speaker

                            Robert Vulpe

                            infosec proN/A
                            SocialLink
                            03:00 PM
                            Track 1

                            The Cost of an Incident

                            03:00 PM - 04:00 PM
                              speaker

                              Amanda Draeger

                              infosec proLiberty Mutual Insurance

                              Amanda is a Principal Cyber Risk Engineer at Liberty Mutual Insurance. She is a GSE, retired Army, and
                              enjoys playing with yarn.

                              SocialLink
                              03:00 PM
                                speaker

                                Jessica Weiland

                                infosec proN/A

                                Jessica has spent the last 8 years helping companies navigate the conversations around the prioritization of
                                security based on business criticality and the need for resiliency. She serves as a liaison between IT
                                leadership and boards to translate technical goals, and to turn the conversation of No into How.

                                SocialLink
                                03:30 PM
                                  speaker

                                  Ashley Chackman

                                  Cybersecurity LeaderN/A

                                  Ashley Chackman is a cybersecurity leader who specializes in security education, intelligence research,
                                  and cyber workforce development. With expertise in OSINT investigations, she also supports federal and
                                  state law enforcement agencies by collecting and analyzing intelligence on human trafficking and missing
                                  persons. She has led security training programs for global organizations, driving engagement through
                                  organizational design, behavioral science, change management, and data-driven strategies.

                                  SocialLink
                                  04:00 PM

                                  CLOSING KEYNOTE

                                  04:00 PM - 05:00 PM
                                    speaker

                                    Tim Otis

                                    Head of IR/MDRCheck Point

                                    Tim Otis has spent the last 28 years at the forefront of the cyber security industry.
                                    He has held numerous roles from help-desk, system administrator, field engineer, software development, and incident response roles that have provided a wealth of knowledge, expertise,
                                    and a seat at the table in cleaning up some of largest cyber security attacks in the world.
                                    As Head of IR/MDR at Check Point, Tim leads a global team of IR Analysts, SOC Analysts, Coordination Experts,
                                    Customer Success/Support and Software Developers to deliver Incident Response and MDR services to customers all over the world.

                                    SocialLink
                                    05:00 PM

                                    Closing Ceremonies

                                    05:00 PM - 05:30 PM

                                    Refund Policy

                                    No refunds on tickets purchased after MAR 02, 2025.