Research

Sample of my present & past research publications & presentations

My GITHUB — RSFL

Due to Less Pollution, Secrets Stored on the Cloud are Now Clearly Visible – RSA USA Conference 2021

Hackmiami Meetup 02-06-2021 Whatsapp, Telegram & Signal attack vectors

Hakin9 – Splunk Attack Range

Kitploit – GitWildHunt A Tool To Hunt For Credentials In Github Wild AKA Git*Hunt

Black Hat Arsenal Europe 2020 – git-wild-hunt: Pwn API and leaked secrets

Purple Team Summit 2020 – Adversarial Attack Range with Splunk

Blog – Detecting Ryuk using Splunk Attack Range

Blog – Detecting CVE-2020-1472 Using Splunk Attack Range (mentioned in DHS Emergency Directive 20-04 *)

Blog – Using Splunk to Detect Abuse of AWS Permanent and Temporary Credentials

DEF CON Safe Mode Red Team Village – Rod Soto – Have My Keys Been Pwned API Edition

Blog -Approaching Azure Kubernetes Security

Blog – Approaching Kubernetes Security — Detecting Kubernetes Scan with Splunk

Blog – Splunk Attack Range Now With Caldera and Kali Linux

Blog – Use Cloud Infrastructure Data Model to Detect Container Implantation (MITRE T1525)

Rod Soto – Jose Hernandez. Texas Cyber Summit Junegle summit 2020. Attacking the sub surface. Adversarial simulation lab. 

Rod Soto – Jose Hernandez. DEFCON Red Team Village May-hem online summit 2020. Red Teaming Devops. 

Rod Soto – Jose Hernandez. Hackmadrid %27 Online Meetup. Red Teaming Devops (In Spanish – Espanol)

Rod Soto – Attacking & Defending Against Drones. Pacific Hackers Online Meetup 2020. 

Rod Soto – Phil Royer Splunk .CONF 2019 Use Splunk SIEMulator to Generate Data for Automated, Detection, Investigation, and Response

Rod Soto – Victor Fang – A Smart Contract Killchain How the first Blockchain APT – DEF CON 27 Block Chain Village

Rod Soto – Jose Hernandez – Using Splunk or ELK for Auditing AWS GCP Azure Security – DEF CON 27 Cloud Village

Bsides SFO 2019 – Profiling “VIP Accounts” Access Patterns in User-Centric Data Streams

Art Into Science Conference (AcoD) Austin – Ops track 01/30/19 – Profiling “VIP Accounts” Access Patterns – Rod Soto, Joseph Zadeh, Xioadan Li

Shellbot Crimeware Re-Emerges in Monero Mining Campaign (Dark Reading)

BSides Las Vegas 2018 – I am the cavalry

IATC – Cavalry is ALL OF US – Joshua Corman, Beau Woods, Rod Soto, Travis Moore & Heath Wickline

DEFCON XXVI – Defcon Demo Labs – Chiron

Black Hat Arsenal USA 2018 – Chiron

Identiverse 2018  – SMS Vulnerabilities in Identity Management

SAMBA Protocol Vulnerabilities Threat Advisory – 2018 – JASK

Domain Impersonation / IDN Campaigns TA – 2018 – JASK

DerbyCon 2017 – Chiron Home based ML IDS with Joseph Zadeh

Black Hat EU 2016 – Splunk 

Hackmiami Conference 2017 – Detection of webshells in compromised perimeter assets using ML algorithms

RSA Conference 2017 – Automated Prevention of Ransomware with Machine Learning and GPOs

DEFCON 2016 – Packet Hacking Village Dynamic Population discovery for Lateral Movement Detection

Hackmiami Conference 2015 – Biohacking – Implantable chip attack vector Demo video

Aktaion – Signatureless Threat Detection. Open source ML tool for ransomware detection

The Lambda Defense: Functional Paradigms of Defense for Cybersecurity

BSides Orlando 2014 – Civilianization of War, paramilitarization of cyberspace and its implications for infosec pros

AKAMAI State of The Internet Q4-2014

DDoS attacks against global markets PLXSert – White Paper

Yummba web injects AKAMAI/PLXSert

Zeus Crimeware kit PLXSert