Who is @grecs?

grecs avatarWelcome! This page started as an extension of my Twitter profile. I found it very frustrating that you couldn’t put much in the field associated with your Twitter account. As with most things that start small, this page continues to evolve as my interests and experiences in information security have grown over the years. Now a little about me… At this point I have almost two decades of experience, undergraduate and graduate engineering degrees, and a really well known security certification. Despite my formal engineering training, I have always been more of a CS person at heart going back to my VIC-20, Commodore 64, and high school computer club days. After doing the IT grind for five years, I discovered my love of infosec and have been pursuing this career ever since. Currently, I spend my days doing cybersecurity paperwork drills in building multi-billion dollar government systems. At night I run this small infosec website and try to get some hands-on skillz.

Also welcome to NovaInfosec.com if this is your first time here. The goal of this site is to centralize security news, events, and resources for infosec professionals in Northern Virginia (NoVA) and beyond. There are a lot of excellent general security sites, but we wanted to create a space where professionals in our geographical area could share information and meet face-to-face periodically. Here you’ll find industry and local news, local infosec conference and meetup events, security blogs/podcasts, training, and networking resources as well as career advice.

I generally tweet and blog about stuff that I think infosec professionals would be interested in. Some of the areas I cover include industry and general security news, various conferences and meetups that take place, and other interesting infosec resources. You may also find me posting about some of my other security interests, including security tools, education and training, career progression, application security, and helping lay people be secure in their daily Internet wanderings.

I’ll have other stuff to add here with time, ideas, suggestions, and requests. What would you like to see on a page like this? What questions do you have? Thanks for reading.

See below for some more stuff I’ve done through the years.



  • BSidesCharm, April 11 – 12, 2015, in Baltimore, MD, “Project KidHack – Teaching Kids (and even some adults) Security through Gaming” (slides)
  • BSidesOrlando, April 11 – 12, 2015 in Orlando, FL, “Project KidHack – Teaching the Next Next Generation Security through Gaming” (slides)
  • HackMiami, May 15 – 17, 2015 in Miami, FL, “Malware Analysis – N00b to Ninja in 60 Minutes” (slides)
  • SourceBoston, May 25 – 26, 2015 in Boston, MA, “Defending the Enterprise with Evernote” (slides)
  • TakeDownCon Capital Area, Jun 1 – 2, 2015 in Washington, DC, “Creating REAL Threat Intelligence…with Evernote” (slides)


  • (ISC)2 World Congress, September 29 – October 2, 2014 in Atlanta, GA, “Malware Analysis 101 – N00b to Ninja in 60 Minutes”
  • BSidesLV, August 5 – 6, 2014 in Las Vegas, NV, ” Malware Analysis 101 – N00b to Ninja in 60 Minutes” (slides)
  • NolaCon, June 20 – 22, 2014 in New Orleans, LA, “Malware Analysis 101 – N00b to Ninja in 60 Minutes” (no slides posted)
  • BSidesCT, June 14, 2014 in Hamden, CT, “Think Different – A Jobsonian Look at Information Security” (no slides posted)
  • BSidesPGH, June 6,  2014 in Pittsburgh, PA, “Think Different – A Jobsonian Look at Information Security” (no slides posted)
  • Notacon, April 10 – 13, 2014 in Cleveland, OH, “Malware Analysis 101 – N00b to Ninja in 60 Minutes” (slides)
  • Cactuscon, April 4, 2014 in Chandler, AZ; “Malware Analysis 101 – N00b to Ninja in 60 Minutes” (slides)
  • Shmoocon Epilogue, January 20, 2014 in Reston, VA; “Project KidHack” (no slides posted)


  • BSidesDC, October 19, 2013 in Washington, DC; “Malware Analysis 101 – N00b to Ninja in 60 Minutes” (abstract/slides)
  • BSidesLV, July 31, 2013 in Las Vegas, NV; “EC2 or Bust – How to Build Your Pwn Pen Testing Lab in Amazon EC2” (abstract/slides)
  • TakeDownCon, June 3, 2013 in St. Louis, MO; “Malware Analysis 101 – N00b to Ninja in 60 Minutes” (abstract/slides)
  • AIDE, April 19, 2013 in Huntington, WV; “Malware Analysis 101 – N00b to Ninja in 60 Minutes” (abstract/slides)
  • Shmoocon Epilogue, February 18, 2013 in Reston, VA; “Malware Analysis in 3 Steps” (slides not posted)


  • BSidesDE, November 10, 2012 in New Castle, DE; “PHP Website Security, Attack Analysis, & Mitigations – Crowdsourcing PHP Security” (slides not posted)
  • BSidesDE, November 9, 2012 in New Castle, DE; “Disruptive Security Chaos … for Good” (slides not posted)
  • PumpCon, October 20, 2012 in Philidelphia, PA; “Disruptive Security Chaos … for Good” (slides not posted)
  • DerbyCon, September 30, 2012 in Louisville, KY; “PHP Website Security, Attack Analysis, & Mitigations” (slides not posted)
  • AppSecDC 2012, “Using PHPIDS to Understand Attacks Trends” (abstract/slides)
  • AppSecDC 2012, “The ‘Easy’ Button for Your Web Application Security Career” (abstract/slides/career exploit kit)
  • RVASec 2012, “PHP Website Security, Attack Analysis, & Mitigations” (abstract/slides)
  • RSCon, “How to Win Followers & Influence Friends” (abstract/slides)


  • BSidesDE 2010, “Hacking Your Way into an Infosec Career” (abstract/slides)

Media/Appearances (e.g., quotes, podcasts, …)


Coming soon…

4 comments for “Who is @grecs?

  1. Mark
    June 3, 2011 at 1:01 pm

    Hey, @grecs

    How are you doing? I know that it has been a long time. I see all the wonderful security meetings that you have listed. I am looking forward to attending a lot of the meetings.



    As well as increase my knowledge base.

  2. Simon
    March 13, 2012 at 10:47 pm

    Love the idea for your portal and the events aront Norva

  3. k_sec
    July 30, 2012 at 7:41 pm

    Hey grecs- the current poll asks “how many people do you know that lost Internet access due to DNSChanger?” seems to leave some significant information out. How about adding “how many people do you know whose ISP/upsteam providers are performing internal redirecting for the DNSChanger ranges to minimize support calls altogether?”. It was nice to hear those guys acknowledge the activity in their talk, which makes the poll question a moot one.


  4. October 22, 2012 at 9:36 am

    Glad I came across your blog.
    Great read.
    Keep up the good work!

    (Also, K_Sec suggestion was the best thing I’ve read all day) 🙂

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.