--- orphan: true hidden: true --- ```{toctree} ``` # Event Presentations | Date | Event | Title | | ---------- | -------------------------------------------- | --------------------------------------------------------------------- | | 2025-10-03 | [SANS CloudSecNext][2025-CloudSecNext] | How I learned to stop worrying and love vibe coding: security edition | | 2025-09-19 | [BSides Columbus][2025-BSidesCol] | How I learned to stop worrying and love vibe coding: security edition | | 2025-07-11 | [BSides Pittsburgh][2025-BSidesPGH] | How I learned to stop worrying and love vibe coding: security edition | | 2025-05-28 | [CSA Pittsburgh][2025-CSAPgh] | [Vibe coding safety course][2025-CSA-coding-assist] | | 2025-02-18 | [ISSA Pittsburgh][2025-ISSA] | [Container Security][2025-container-security] | | 2024-10-28 | [Pittsburgh InfoSec Day 2024][PGHINFOSECDAY] | [Your Governance Is (Still) Broken][2024-gov-still-broken] | | 2024-09-10 | [Alabama CSA][Alabama-CSA] | [Automating Cloud Security][2024-CSABirm] | | 2024-06-27 | Cloud Native Security Con | [Cloud Native GRC][2024-CNSC] ([Slides][2024-CNSCSlides]) | | 2024-05-07 | [AI Hackathon][2024-05-AIHack] | AI Hackathon | | 2023-12-04 | [2023 PGH InfoSec Day][2023-PInfoSec] | [Your Governance is Broken][2023-PInfoSec-Talk] | | 2023-11-06 | [2023 KubeCon][2023-KubeCon] | [Lightning Talk][2023-KubeCon-Talk] | | 2023-10-16 | [2023 CloudSecNext][2023-CloudSecNext] | Event co-host | | 2023-10-13 | [2023 TRISS][2023-TRISS] | Cloud Security Panel | | 2023-09-22 | [2023 Pittsburgh TechFest][2023-TF] | Platform Engineering and Security Guardrails | | 2023-09-07 | [Cloud Native Security Pgh][2023-CNSP] | Getting Started with Security Policy as Code | | 2023-09-05 | SANS Cloud Security London @ Night | Just In Time Cloud Permissions (updated) | | 2023-08-23 | Domestic Security Alliance Council | Cloud Security (Private) | | 2023-07-25 | [OWASP Pittsburgh][2023-OWASP] | IaC Security (updated) | | 2023-06-07 | InfraGard Pittsburgh | Just In Time Cloud Permissions | | 2023-02-23 | SANS Cloud Defender Dallas @ Night | IaC Security at (even larger) Scale | | 2023-01-13 | Carnegie Science Center | [Passwords for Humans][2023-ScienceCenter] | | 2022-12-13 | Private | OWASP 2021 | | 2022-12-07 | DevSecCon | [Simplifying IaC Security][2022-DevSecCon] | | 2022-10-25 | Cloud Native Security Con | [Cloud Native Security Best Practices][2022-CNSC] | | 2022-10-18 | (ISC){sup}`2` Pittsburgh | [Cloud Native Security Best Practices][2022-ISC2] | | 2022-10-14 | Three Rivers Information Security | Transparent IaC Security | | 2022-05-04 | CloudSecNext | [IaC Security at Scale][2022-CloudSecNext] | | 2021-07-14 | Pittsburgh Hackers Association | Infrastructure as Code (IaC) Security | | 2021-07-13 | Private | The Pros and Cons of AWS Security Services | | 2020-11-23 | Private | Secure coding in ASP.NET | | 2020-11-03 | Pittsburgh CISSP Study Group | PKI and Cryptography | | 2020-01-30 | Doing Better Business Seminar | Making Security Faster | | 2019-12-09 | Pittsburgh InfoSec Day | SaaS Business Email Compromise Lessons Learned | | 2019-10-08 | Private | TLS Best Practices for Developers | | 2019-04-18 | BSides Flood City | Cleaning up your Command Line | | 2018-12-05 | Pittsburgh CISSP Study Group | Software Development Security | | 2018-04-18 | Steel City InfoSec | The Use and Abuse of Blockchains | | 2018-02-05 | InfraGard Pittsburgh | Steel City InfoSec | | 2017-10-20 | Three Rivers Information Security | [Cutting through the buzz: ML & AI][2017-TRISS] | | 2017-09-13 | BroCon 2017 | Apache Metron | | 2017-07-19 | NEOISF | Security Data Analytics for the masses | | 2017-03-15 | University of Pitt InfoSec Group | Wireless Security | | 2017-02-07 | University of Pitt InfoSec Group | Information Security Starter Kit | | 2017-01-12 | Steel City InfoSec | [Security Data Analytics for the masses][2017-SCIS] | | 2016-08-11 | Steel City InfoSec | [Proximity Attacks][2016-SCIS] | | 2016-07-22 | Community College Cyber Summit | Becoming the Enemy - Understanding Attackers | | 2016-06-08 | Pittsburgh Technical Institute | Kickstarting Your Cybersecurity Career | | 2016-05-12 | Steel City InfoSec | Automotive Security | | 2016-04-28 | Solutions 4 Networks | A DROWN deep dive (TLS security) | | 2016-04-07 | Software Engineering Institute | A Survey of Pittsburgh InfoSec | | 2016-02-11 | Steel City InfoSec | Software Defined Radios | | 2015-11-10 | Robert Morris University | Password Cracking | | 2015-11-05 | Pittsburgh Technical Institute | Alumni Speaker Series | | 2015-09-24 | Steel City InfoSec | [Password Cracking][2015-SCIS-PasswordCracking] | | 2015-09-16 | (ISC){sup}`2` Pittsburgh | Cryptography in 2015 (Quantum update) | | 2015-08-26 | Pittsburgh InfraGard | DEFCON Briefing | | 2015-07-07 | Pittsburgh Code & Supply | The Dos and Don'ts of Wireless | | 2015-04-09 | Steel City InfoSec | [Wireless Keyloggers and KeySweeper][2015-SCIS-WirelessKeylog] | | 2015-01-22 | Steel City InfoSec | Audio Surveillance | | 2014-10-20 | Robert Morris University | Mobile Device Security | | 2014-02-11 | Forbes Road CTC | Alumni Day Presentation | | 2014-01-09 | Steel City InfoSec | 2013 - What Just Happened? | | 2013-04-08 | Pittsburgh Technical Institute | Life After Graduation | | 2013-03-25 | Pittsburgh Technical Institute | Vulnerability Management 101 | | 2013-01-03 | Steel City InfoSec | Wireless Security | | 2012-08-07 | Pittsburgh Technical Institute | Life After Graduation | | 2011-10-05 | Pittsburgh Technical Institute | Alumni Speaker Series | You can also watch my recorded presentations by going to [this YouTube playlist](https://jonzeolla.com/youtube.html). [2025-CloudSecNext]: https://www.sans.org/cyber-security-training-events/cloudsecnext-summit-2025/ "How I learned to stop worrying and love vibe coding: security edition" [2025-BSidesCol]: https://www.bsidescolumbus.com/ "How I learned to stop worrying and love vibe coding: security edition" [2025-BSidesPGH]: https://bsidespgh.com/2025 "How I learned to stop worrying and love vibe coding: security edition" [2025-CSAPgh]: https://events.humanitix.com/csa-pittsburgh-chapter-in-person-meetup "Vibe coding safety course" [2025-CSA-coding-assist]: https://youtu.be/6s6K2zelYQo "Vibe coding safety course" [2025-container-security]: https://github.com/JonZeolla/monopreso/tree/main/presentations/2025-02-ISSA-Pittsburgh "Container Security" [2025-issa]: https://www.meetup.com/steel-city-infosec/events/305154174/ "ISSA Pittsburgh" [PGHINFOSECDAY]: https://www.pghinfosecday.com/ "Pittsburgh InfoSec Day" [2024-gov-still-broken]: https://github.com/JonZeolla/monopreso/tree/main/presentations/2024-10-PGH-InfoSec-Day "Your Governance is (still) Broken" [Alabama-CSA]: https://circle.cloudsecurityalliance.org/alabama/home "Cloud Security Alliance Alabama Chapter" [2024-CSABirm]: https://www.meetup.com/cloud-security-alliance-alabama-chapter/events/302397794/ "Automating Cloud Security with Jon Zeolla" [2024-CNSC]: https://youtu.be/HvLkkrNFiK8?si=pKXy-VvlDktl9ezU "Cloud Native GRC" [2024-CNSCSlides]: https://docs.google.com/presentation/d/167QYSLeDlz2pipln_V5kCVI2UWAIMRNpOQHBtIKikqg/edit?usp=drive_link "Cloud Native GRC Slides" [2024-05-AIHack]: https://community.cncf.io/events/details/cncf-cloud-native-security-pittsburgh-presents-ai-hackathon/ "Cloud Native Security AI Hackathon" [2023-PInfoSec-Talk]: https://www.youtube.com/watch?v=tKKrqNduBwA "Your Governance Is Broken" [2023-PInfoSec]: https://web.cvent.com/event/2014576f-92db-4057-ae41-9b25a39a1909/websitePage:eb8094ff-eb19-4b4c-a88f-22e9f5e536bb "2023 Pittsburgh InfoSec Day" [2023-KubeCon-Talk]: https://kccncna2023.sched.com/event/1R2ll/cl-lightning-talk-empowering-the-deaf-and-hard-of-hearing-in-cloud-native-and-open-source-jon-zeolla-seiso-catherine-paganini-buoyant "2023 KubeCon Lightning Talk" [2023-CloudSecNext]: https://www.sans.org/cyber-security-training-events/cloudsecnext-summit-2023/ "2023 CloudSecNext" [2023-KubeCon]: https://events.linuxfoundation.org/kubecon-cloudnativecon-north-america/ "2023 KubeCon and CloudNativeCon" [2023-TRISS]: https://www.threeriversinfosec.com/ "2023 Three Rivers Information Security Symposium" [2023-TF]: https://www.pghtech.org/events/2023TechFest_1 "2023 Pittsburgh TechFest" [2023-CNSP]: https://community.cncf.io/e/mvsutb/ "Cloud Native Security Pittsburgh - Kickoff Event in London" [2023-OWASP]: https://www.meetup.com/owasp-pittsburgh-chapter/events/294769152 "OWASP Pittsburgh: IaC Security" [2023-ScienceCenter]: https://youtu.be/RzFsM0b-4ms?t=922 "Passwords for Humans" [2022-CNSC]: https://www.youtube.com/watch?v=dSCJbdFbggA "Assessing Environments Against Cloud Native Security Best Practices" [2022-ISC2]: https://youtu.be/yihVuyu3I8A "Assessing Environments Against Cloud Native Security Best Practices" [2022-DevSecCon]: https://www.youtube.com/watch?v=Y1TGQWOmrTI "Simplifying IaC Security" [2022-CloudSecNext]: https://www.youtube.com/watch?v=jwqR_gtjSOc "IaC Security at Scale" [2017-TRISS]: https://www.youtube.com/watch?v=61qJnY9njgs "Cutting Through the Buzz: Machine Learning & Artificial Intelligence" [2017-SCIS]: https://www.youtube.com/watch?v=-\_ROZuYUNXY "Security Data Analysis for the masses" [2016-SCIS]: https://www.youtube.com/watch?v=4prUJI2Dm5Y "Proximity Attacks Intro" [2015-SCIS-PasswordCracking]: https://www.youtube.com/watch?v=QP7AEeeT-xQ "Password Cracking" [2015-SCIS-WirelessKeylog]: https://www.youtube.com/watch?v=ftRUj6esm1o "Wireless Keyloggers and KeySweeper" # My Training Classes | Date | Event | Training | | ---------- | ---------------------------------- | ----------------------------------------------------------------------------------- | | 2026-02-02 | SANS DC Metro Rockville | [SEC540][SEC540] | | 2025-12-15 | SANS Cyber Defense Initiative 2025 | [SEC545][SEC545] | | 2025-10-02 | SANS CloudSecNext, Denver | [SEC540][SEC540] | | 2025-09-22 | SANS Network Security, Vegas | [SEC540][SEC540] | | 2025-08-25 | SANS Emerging Threats, VA Beach | [SEC540][SEC540] | | 2025-07-28 | SANS Live Online | [SEC545][SEC545] | | 2025-06-02 | SANS Baltimore Spring 2025 | [SEC540][SEC540] | | 2025-04-13 | SANS 2025 (Orlando) | [SEC540][SEC540] | | 2025-03-17 | SANS OnDemand Recording | [SEC540][SEC540] | | 2025-03-03 | SANS Security East Baltimore 2025 | [SEC540][SEC540] | | 2024-12-04 | SANS Seattle 2024 | [SEC540][SEC540] | | 2024-10-07 | Private | [SEC540][SEC540] | | 2024-09-04 | SANS Network Security Las Vegas | [SEC540][SEC540] | | 2024-07-00 | Private | [SEC540][SEC540] | | 2024-05-09 | SANS Security West San Diego 2024 | [SEC540][SEC540] | | 2024-05-00 | Private | [Container Security 101 and 201][ContainerSec101201] | | 2024-04-00 | Private | [SEC540][SEC540] | | 2024-03-24 | SANS Orlando 2024 | [SEC540][SEC540] | | 2024-02-19 | SANS Security East 2024 (Nola) | [SEC540][SEC540] | | 2023-11-27 | Pittsburgh Code & Supply | [Container Security 101][ContainerSec101] ([Event link][2023-PCS]) | | 2023-11-01 | SANS Workshop | [Mastering Policy as Code][2023-PolicyasCode] | | 2023-10-18 | SANS Dallas Cloud Sec Next 2023 | [SEC540][SEC540] | | 2023-10-16 | SANS Workshop | [Container Security 101][ContainerSec101] | | 2023-09-25 | SANS Managing Security Risk 2023 | [SEC540][SEC540] | | 2023-09-04 | SANS Cloud Security London 2023 | [SEC540][SEC540] | | 2023-08-00 | Private | [SEC540][SEC540] | | 2023-07-10 | SANS SANSFIRE 2023 | [SEC540][SEC540] | | 2023-05-21 | SANS Cyber Security East | [SEC540][SEC540] | | 2023-04-27 | SANS Workshop | [Container Security 101][ContainerSec101] | | 2023-03-06 | SANS Las Vegas Winter 2023 | [SEC540][SEC540] | | 2023-02-20 | SANS Cloud Defender Dallas 2023 | [SEC540][SEC540] | | 2022-11-07 | SANS Cyber Security East | [SEC540][SEC540] | | 2022-09-26 | SANS Baltimore Fall 2022 | [SEC540][SEC540] | | 2022-07-10 | SANS London 2022 | [SEC540][SEC540] | | 2022-06-13 | SANS Cloud Defender Summer 2022 | [SEC540][SEC540] | | 2022-04-10 | SANS 2022 | [SEC540][SEC540] | | 2022-02-28 | SANS Cyber Security Central | [SEC540][SEC540] | | 2019-06-27 | BSides Pittsburgh | Blue Team CTF | | 2018-05-10 | Steel City InfoSec | [Smart Contract Security][2018-SmartContractSecurity] (Collab with Justin Leapline) | | 2018-02-08 | Steel City InfoSec | [Attacking Block Cipher Cryptography][2018-BlockCipherCrypto] | | 2017-02-09 | Steel City InfoSec | [Security Data Analysis][2017-SecurityDataAnalysis] | | 2016-08-11 | Steel City InfoSec | [Proximity Attacks Lab][2016-ProximityAttacks] | | 2016-05-12 | Steel City InfoSec | [Automotive Security Lab][2016-AutomotiveSecurity] (Collab with Dan Klinedinst) | | 2016-02-11 | Steel City InfoSec | [SDR Security][2016-SDRSecurity] (Collab with David) | | 2015-09-24 | Steel City InfoSec | [Password Cracking Lab][2015-PasswordCracking] | | 2015-07-07 | Pittsburgh Code & Supply | [Wifi Security][2015-WifiSecurity] | | 2015-01-22 | Steel City InfoSec | Audio Surveillance | | 2015-04-09 | Steel City InfoSec | [Attacker drop boxes][2015-Attackerdropboxes] (Collab with Brian Gray) | | 2015-01-22 | Steel City InfoSec | [Eavesdropping at a distance][2015-LaserMicrophones] (Collab with Brian Gray) | | 2013-03-07 | Steel City InfoSec | Wifi Security | [SEC545]: http://sans.org/sec545 "GenAI and LLM Application Security" [ContainerSec101201]: https://jonzeolla.com/labs/container-security-101.html "Container Security 101 and 201" [2023-PCS]: https://www.meetup.com/pittsburgh-code-supply/events/297107969/ "Pittsburgh Code & Supply Container Security 101 Workshop" [2023-PolicyasCode]: https://jonzeolla.com/labs/policy-as-code.html "Mastering Policy as Code" [ContainerSec101]: https://jonzeolla.com/labs/container-security-101.html "Container Security 101" [SEC540]: https://sans.org/sec540 "SANS SEC540: Cloud Security and DevSecOps Automation" [2018-BlockCipherCrypto]: https://github.com/JonZeolla/lab-BlockCipherCryptography "Attacking Block Cipher Cryptography" [2018-SmartContractSecurity]: https://github.com/JonZeolla/lab-SmartContractSecurity "Smart Contract Security" [2017-SecurityDataAnalysis]: https://github.com/JonZeolla/lab-SecurityDataAnalysis "Security Data Analysis Lab" [2016-AutomotiveSecurity]: https://github.com/JonZeolla/lab-AutomotiveSecurity "Automotive Security Lab" [2016-ProximityAttacks]: https://github.com/JonZeolla/lab-ProximityAttacks "Proximity Attacks Lab" [2016-SDRSecurity]: https://github.com/JonZeolla/lab-SoftwareDefinedRadio "Software Defined Radio (SDR) Security Lab" [2015-Attackerdropboxes]: https://github.com/JonZeolla/lab-DropBoxes "Attacker drop boxes lab" [2015-LaserMicrophones]: https://github.com/JonZeolla/lab-LaserMicrophones "Laser Microphones Lab" [2015-PasswordCracking]: https://github.com/JonZeolla/lab-PasswordCracking "Password Cracking Lab" [2015-WifiSecurity]: https://github.com/JonZeolla/lab-WifiSecurity "Wifi Security Lab" # Podcasts and Live Streams | Date | Name | Details | | ---------- | -------------------------- | --------------------------------------------------------------------------------- | | 2025-03-24 | SANS Cloud SEcurity | [Scaling Compliance: GRC Engineering and Policy as Code][2025-GRCEngAndPaC] | | 2025-03-24 | SANS Cloud Security | [Policy as Code and Automated Governance][2025-SEC540PaC] | | 2025-03-24 | Distilled Security Podcast | [AI in the business][2025-DistilledAI] | | 2025-03-24 | Seiso Side-up Podcast | [AI][2025-SeisoAI] | | 2024-08-30 | Seiso Side-up Podcast | [Easy_Infra][2024-SeisoEasyInfra] | | 2024-05-23 | Seiso Side-up Podcast | [Seiso's Origins][2024-SeisoOrigins] | | 2023-09-13 | Wednesday Offensive | [Cloud-native security][2023-WedOffensive] | | 2023-05-30 | Logicast | [Season 2 Episode 20 - IAM Roles, Crypto Mining and Hats][2023-Logicast] | | 2021-11-06 | Cloud Security Podcast | [Security Governance and Compliance in Serverless Applications][2021-CSP] | | 2020-07-26 | Reddup Security | [Episode II - Jon Zeolla][2020-Reddup] | | 2018-02-28 | Packet Pushers | [Datanauts 123: Security without Firewalls][2018-PacketPushers] | | 2016-06-01 | Packet Pushers | [Datanauts 036: Busting The Security Silo In The Data Center][2016-PacketPushers] | [2025-DistilledAI]: https://youtu.be/L12uZJBGE7A "Episode 14 - AI Risks, Threat Modeling, and The Future of Vibe Coding" [2025-GRCEngAngPac]: https://www.sans.org/webcasts/scaling-compliance-grc-engineering-policy-code/ "Scaling Compliance: GRC Engineering and Policy as Code" [2025-SEC540PaC]: https://www.sans.org/webcasts/cloud-native-security-part-4-policy-code-automated-governance/ "Cloud Native Security Part 4: Policy as Code and Automated Governance" [2025-SeisoAI]: https://open.spotify.com/episode/31wZsaJSfDTCJuwB8ZGdKG?si=ofbapiEYSPGzMVUfCuDXXQ "Seiso Side Up - AI" [2024-SeisoEasyInfra]: https://open.spotify.com/episode/4Ro93bIrRUU6LqK3dB4z8h "Seiso Side Up - Easy_Infra" [2024-SeisoOrigins]: https://open.spotify.com/episode/61atUIAeVe3RHQUFpcseOT "Seiso Side Up - Seiso's Origins" [2023-WedOffensive]: https://redsiege.com/wednesday-offensive/ "Wednesday Offensive - 9/13" [2023-Logicast]: https://logicastvideo.podbean.com/e/season-2-episode-20-iam-roles-crypto-mining-and-hats/ "Season 2 Episode 20 - IAM Roles, Crypto Mining and Hats" [2021-CSP]: https://cloudsecuritypodcast.tv/season-2/security-governance-and-compliance-in-serverless-applications/ "Cloud Security Podcast: Security Governance and Compliance in Serverless Applications" [2020-Reddup]: https://podcasts.apple.com/us/podcast/episode-ii-jon-zeolla/id1534967419?i=1000493972782 "Episode II - Jon Zeolla" [2018-PacketPushers]: https://packetpushers.net/podcast/datanauts-123-security-without-firewalls/ "Datanauts 123: Security without Firewalls" [2016-PacketPushers]: https://packetpushers.net/podcast/datanauts-036-integrating-security-data-center-operations/ "Datanauts 036: Busting The Security Silo In The Data Center"