Rich Savacool
10:00 am - 10:50 am
This presentation builds upon and expands technical content presented during two previous Rochester ISSA chapter meetings: Getting Started with Threat Hunting (December 4, 2023) and Analyzing a Recent Endpoint Attack (April 21, 2025). The presentation will include examples of common obfuscation methods used by adversaries and well and tips, tricks, and tools that can be used to facilitate analysis of attacks. This is a technical presentation geared towards SOC teams, security analysts, and/or threat hunters and will include packet captures and other low-level technical minutiae.
Rich Savacool is the Chief Security Officer for Nixon Peabody, LLP, a law firm based out of Rochester, N.Y. He has thirty years of experience in networking and systems security for both commercial and government sectors. Rich holds numerous industry certifications as well as a Master of Science degree in Computing Security and Information Assurance from Rochester Institute of Technology. When not at work, Rich is an assistant instructor of Aikido at the Eastern Sky dojo in Fairport, NY under the tutelage of Paul Gardner Sensei.
Jonathan Borgesen
11:00 am - 11:50 am
Many organizations struggle with security in complex IT environments, from legacy data centers to the cloud deployments. A key challenge is defending against malicious lateral movement (east/west traffic). We will discuss how segmentation and microsegmentation offer a proven strategy to mitigate these risks. We'll explore how these approaches enhance security across all IT infrastructure layers by creating granular, isolated security zones around workloads and applications. You'll gain insights into how this significantly reduces the "blast radius" of a breach, limits attacker movement, and strengthens your overall cybersecurity posture.
Jonathan Borgesen is a Client Security Principal for ePlus and is responsible for the overall security practice in the Upstate NY, New England, and United Kingdom regions. He has been a part of the security industry since 2009 with a focus dedicated to educating, consulting, and assisting local organizations to enable them to achieve their security goals. Throughout his tenure Jonathan has participated in and presented at many educational events at both the local and national level. This has allowed him to gain a greater understanding of security trends from a perspective that expands beyond the upstate, New England, and United Kingdom regions.
Jim Keeler
1:00 pm - 1:50 pm
Want to level up your security skills without risking your production environment—or your job? In this talk, we’ll walk through building your own security home lab: a low-cost, high-impact space to test tools, simulate attacks, and sharpen both offensive and defensive skills. Whether you're into red teaming, detection engineering, or just breaking things for fun, you'll learn how to architect, deploy, and maintain a lab tailored to your goals. We'll cover practical setups and tips to get started fast. No enterprise budget required—just curiosity, that crappy old laptop in your closet, and a power strip.
Jim Keeler is a software engineer-turned-hacker. After 14 years building enterprise systems, he now punches giant holes in them developing exploits instead of features. From pentester to red teamer to analyst to security engineer, Jim has had a winding security career path through various offensive and application security roles. These days, he's the principal product security engineer at a growing industrial cybersecurity company where he's helping engineering teams ship secure code without slowing down. If you catch him at RSS, ask him about his home lab.
Or Eshed
2:00 pm - 2:50 pm
Malicious browser extensions are an emerging attack vector for a simple reason: they work. In fact, compromised browser extensions are probably the biggest under-the-radar threat surface that most organizations don’t know about. Malicious browser extensions can steal a wide array of user identity information such as passwords, cookies, session tokens, etc., as well as sensitive data, such as page contents, input method interception, audio/video access, and more. In this session, we will explore malicious extensions, how they become compromised, what data they can access, and how they work under the hood, out of the belief that this is an up-and-coming threat vector that is relevant to a broad cross-section of security practitioners today.
Or Eshed is co-founder and CEO of LayerX Security. Or has over 15 years of cybersecurity experience sa an ML developer, security and intelligence researcher, and cybersecurity analyst. Prior to founding LayerX, Or worked as a cyber threat intelligence analyst at Check Point, Otorio, and ABN AMRO Bank. His work has led to the arrest of at least 15 threat actors and the exposure of the largest browser hijacking operation in history with over 50M browsers compromised. He has also written and spoken on topics of cybersecurity extensively. In addition, Or holds an MSc in Applied Economics.