Welcome to BSides Asheville

Our 6th year building a more secure community

Steering you through the security fog, Going beyond the “1s and 0s”, Strengthening your knowledge of cyber security, Bringing insight to cyber threats

Join us on June 21-22, 2019

CFP is Now Open!

Please send Talk Title, Abstract, and Speaker Bio to   [email protected]

2019 Sponsorship Document

About Us

Where security ideas come from

BSides was co-founded by Mike Dahn, Jack Daniel, and Chris Nickerson in 2009. In the summer of that year, Black Hat USA rejected several Calls For Papers (CFP) that were submitted from well-known security researchers. Security BSides was created in response to these rejections, which were primarily based on the lack of speaker space and at Black Hat. Most commercial conferences, including Black Hat operate within very restrictive time boundaries to which the conference must adhere to.

The goal of BSides is to expand the spectrum of conversation beyond the traditional confines of space and time. It creates opportunities for individuals to both present and participate in an intimate atmosphere that encourages collaboration. It is an intense event with discussions, demos, and interaction from participants. It is where conversations for the next-big-thing are happening.


BSides is an open platform that gives security experts and industry professionals the opportunity to share ideas, insights, and develop longstanding relationships with others in the community. It is a rare opportunity to directly connect and create trusted relationships with key members of the community.

BSides Asheville (BSides AVL) was started in 2014 by several information security professionals living in the Blue Ridge Mountains of Western North Carolina. BSides AVL is a 100% volunteer-run information security conference that is held annually in Asheville, North Carolina. Presentations at this local conference cover a wide range of information security topics from technical topics, such as dissecting network protocols, to policy issues such as managing information leakage via social networks and complex international problems, such as cyber warfare. The conference also offers hands-on activities, such lock picking and ethnical hacking. Our programming focuses on high-quality content, and our smaller, more intimate networking atmosphere fosters strong audience participation and overall group interaction. BSides Asheville conference aims to give researchers, professionals, and practitioners alike a chance to meet, engage in conversation through scheduled talks and events, as well as offer a networking opportunity that will result in new collaborative efforts for research and other security projects in the local community and beyond.

Conference Info

BSides Asheville held its 5th Information Security Conference on June 22-23 in Asheville, North Carolina.
The keynote was given by Chris Nickerson, CEO of Lares.


Our goal is to make this conference affordable for all, so general admission tickets are only $32 dollars per participant, which includes lunch & t-shirt.


The conference was held at The Collider, which is located in the heart of downtown Asheville.


Every year we raffle off door prizes to conference participant. These door prizes have been graciously donate by sponsors and others.


Training classes are $64 each. This year's classes are: Threat Intelligence Automation and Web Application Pentesting.

Pub Crawl

Asheville was the first winner of USA TODAY's Beer City USA title, so BSides Asheville will be holding its annual Pub Crawl in and around the downtown area.

After Party

Our annual after party was held at Lexington Avenue Brewery, which is located in the heart of downtown Asheville.

Speakers 2018

Unlike many other conferences where the speaker is rushed in and out, BSides Asheville provides a small and intimate environment for the attendees to directly engage with the speaker before, during, and after their presentation. The speakers for the 5th BSides Asheville Information Security Conference are cybersecurity professionals that you want to know at the conference, but also after the conference. This year's speakers are industry experts & thought leaders from North Carolina and beyond.

Chris Nickerson

Chris Nickerson

Keynote Speaker Lares Consulting
Tim Hopper

Tim Hopper

Guest Speaker Cylance

Title: Challenges in Applying Machine Learning to Cybersecurity

Abstract: Machine learning and artificial intelligence are all the rage in cybersecurity (and seemingly every other industry). Despite the hype, machine learning is not a magic bullet for security problems. In fact, the security domain contains many unique challenges that make applying machine learning especially difficult. In this talk, I will discuss challenges including sourcing useful data, labeling data, the adversarial nature of security problems, and validation of machine learning models.

Adam Mathis

Adam Mathis

Guest Speaker Red Canary

Title: Testing Endpoint Security Solutions with Atomic Red Team

Abstract: As organizations deploy endpoint solutions, testing them becomes imperative. Red Canary's applied research team has developed a free open source framework called Atomic Red Team to help organizations conduct these tests. The framework is designed to provide teams with small, discrete tests that are vendor agnostic and representative of actual adversary behavior. This talk will explore the Atomic RedTeam framework and demonstrate basic tests, chaining tests, and opportunities for security teams to contribute to the framework.

Erich Kron

Erich Kron

Guest Speaker KnowBe4

Title: Stopping the Explosion of Ransomware

Abstract: Ransomware is spreading at an alarming pace and infecting networks across all industries and company sizes, primarily through phishing attacks. The cyber criminals behind the attacks are furiously innovating and keeping ahead of the defenses. In this session we will have an interactive discussion related to the latest in ransomware threats and how to best protect your organization and yourself against this growing threat.

Nathan Danneman

Nathan Danneman

Guest Speaker Data Machines Corp

Title: Categorical Correlations as Probabilistic Rules

Abstract: Identifying Malware Delivery, Port-Protocol Mismatches and Atypical Server Communications Defenders who must understand and protect new networks quickly have a need to rapidly understand a network’s setup, and quickly identify deviations from normality. While many networks run under typical settings due to norms (i.e. DNS runs over port 53), any given network can be configured in a variety of ways. This presentation and the associated paper describe research on leveraging Apache Spark’s FPGrowth and Association Rule Inference algorithms to identify strong categorical correlations, or “rules”, in enriched network data (e.g. Bro, YAF). The work continues by showing how the algorithms can be used to rapidly identify violations of the induced rules, which can be subjected to purpose-built whitelists to surface the most security-relevant violations. This research is novel, and helps analysts move beyond querying for “known knowns” in network traffic. Instead, the algorithms and workflow described here allow analysts to begin by identifying classes of atypical behaviors, and then prune those down to the ones they find most interesting. Running examples from (anonymized) enterprise data include identifying mime-type and file extension discrepancies, mismatched port/protocol combinations, and communications to/from servers over unusual ports. A set of extensions and other potential use cases is described as well.

Dan Bearl

Dan Bearl

Guest Speaker Recorded Future

Title: Leveraging Automation For Threat Intelligence At Scale

Abstract: Effective application of Threat Intelligence in an Enterprise environment presents many challenges, especially for small Threat Intelligence teams. Given the volume of data in threat intelligence streams, it is easy for teams to become overwhelmed with collecting and assimilating data leaving little time for analysis. Automation provides a way to ease the burden on individual analysts, freeing them to do the deep analysis necessary to protect their enterprises. This discussion will dive into freely available technologies and techniques that allow Threat Intelligence teams of any size or budget to manage intelligence feeds effectively at scale and deliver value to their organizations.

Alejandro Caceres

Alejandro Caceres

Guest Speaker Hyperion Gray

Title: Breaking Everything

Abstract: punk.sh is a just-released project that is the next generation of our former PunkSPIDER project. PunkSPIDER aimed to perform web application fuzzing using our custom, and open source, fuzzer/fuzzing library massweb. punk.sh is different in many many ways: first, it performs far more than just web fuzzing. It port scans and banner grabs along with web fuzzing and makes all of this information searchable via an intuitive front-end at https://punk.sh. The aim is to expose vulnerabilities that the bad guys are finding before they find them and alert sysadmins of these so they can then fix them. Oh and did we mention this is all completely free and that we're open sourcing all of the components? We think punk.sh is a cool project, but its architecture is undeniably awesome. On the back-end we're using a scalable relational database to slice and dice the data how we (or you) want and a massively scalable queuing system powered by Apache Kafka. We're using nmap for port and banner grabs along with 100+ (safe) NSE scripts we run against the server along with web app scans from our custom-written web app scanner Ferret. This is all distributed across our queuing cluster, so various nmap and Ferret scans go off at once - don't worry though, politeness of the domains we scan is of the utmost importance and we don't allow our system to flood them with traffic. In this talk we plan to go over the purpose of the project, its architecture, and generally how to use it to your advantage. We think it'll be fun!

Jason Gillam

Jason Gillam

Guest Speaker Secure Ideas

Contact Us

Your email isn't going to the inbox abyss, never to be seen or heard from again.
We will answer your email within 86400 seconds.
  [email protected]