NAC-ISSA Rocket Secure

October 17, 2025
8:30AM – 4PM
Calhoun Community College,
Huntsville Campus

Rocket Secure is an annual event dedicated to exploring the latest trends, technologies, and best practices in cybersecurity. This conference attracts a cyber professional, industry experts, researchers, vendors, and sponsors from around the Tennessee Valley.

Months

Days

Hours

Minutes

Rocket Secure

Rocket Secure is NAC-ISSA’s fall conference and is being refreshed to include additional tracks and sessions. We will see you on October 17th, 2025 with a new feel.

Planned Tracks

Beginner

Intermediate

Advanced

Student (High School)

Attendee Registration

Rocket Secure 2025

Attendee Cost

$20

Rocket Secure Registration

Speakers

Jeremy Blevins
Andrew Staton
Chris Shrout
Michael Portera
Marc Sachs
Sam Williams
Jack Harston
Harvey Lange
Harold Finch
Shama Patel
Daniel Akridge
David Cole
Bryce Heise
David Noever
Forrest McKee
Grant Rosario
William Sinclair

Call for Speakers

Presentations

Presenter	Topic	Summary
Jeremy Blevins	Leveraging the DoD Cyber Workforce Framework (DCWF) to Prepare Students for Success	In an increasingly digital world, the demand for highly skilled cybersecurity professionals is at an all-time high. The Department of Defense Cyber Workforce Framework (DCWF) offers a comprehensive and standardized approach to identifying the necessary skills and competencies required for various cybersecurity roles. This presentation will explore how academic institutions and training programs can leverage the DCWF as a foundation to create targeted, industry-relevant curricula that align with the needs of both students and the cybersecurity workforce. Attendees will learn how to tailor their courses and training programs using the DCWF as a roadmap for developing clear and measurable course objectives that reflect the real-world skills employers demand. By aligning course content with the specific knowledge, skills, abilities, and tasks (KSATs) outlined in the DCWF, educators can better prepare students for success in cybersecurity careers, ensuring they are equipped with the expertise needed to meet the challenges of an evolving cyber landscape. This session will provide practical strategies for integrating the DCWF into course design, from introductory-level courses to advanced technical training. Additionally, it will demonstrate how to bridge the gap between academia and industry, enabling students to transition seamlessly into the workforce. Attendees will leave with actionable insights on how to use the DCWF to create a cyber workforce that is not only knowledgeable but also highly capable of tackling the nation’s most pressing cybersecurity challenges. Key takeaways: Understanding the structure and key components of the DoD Cyber Workforce Framework (DCWF) Practical methods for aligning course objectives with the competencies outlined in the DCWF Strategies for developing students’ skills to meet current industry demands How to create a curriculum that enhances student success in the cybersecurity field and prepares them for in-demand roles This presentation is ideal for educators, curriculum developers, and cybersecurity professionals who are eager to strengthen their programs and better prepare the next generation of cybersecurity experts.
Jeremy Blevins	It AIn’t Cheating If Used Properly	This session is a fun and interactive talk that shows students how to use AI tools like ChatGPT the right way. Learn how to stay ethical, avoid cheating, and think critically in the age of AI—with real-time demos, games, and surprising examples.
Andrew Staton	Houdini and Social Engineering
Chris Shrout	TBD
Michael Portera	Analyzing Chinese Devices from Amazon
Marc Sachs	Securing the Power Grid	The North American Power Grid, which spans the USA, Canada, and a portion of Mexico, is the largest machine ever constructed. To control and balance such a complex system requires a significant amount of computing power and a necessary exposure to external threats. This talk explains how the grid works, outlines various threats to the grid, and details specific grid security techniques and tactics.
Sam Williams	BountyBench: Using AI agents to attack and defend real-world systems	AI agents have the opportunity to significantly impact the cybersecurity landscape. Yet, some central questions stand—how can I make them useful right now, and how do we accurately quantify the risk and progress of our AI agents? This talk will explore BountyBench, the first framework to capture offensive and defensive cyber-capabilities in evolving real-world systems, as well as AI agents and their current use cases.
Harvey Lange & Jack Harston	A Social Experiment	From an inside joke at work, an idea sprung up about how ‘real’ someone could create a fake person with a digital footprint and physical evidence. Turns out, pretty real – and it was WAY easier than we thought! Here’s what we managed to pull off with a little help from our talented friends, coworkers, and some of you in the Huntsville cyber community.
Harold Finch	TBD
Shama Patel	Cyber Risks and Scam Awareness
Daniel Akridge	Primer on CMMC	CMMC requirements and how to solve problems so companies can continue to pursue DoD contracts starting in FY 2026.
David Cole & Bryce Heise	Hands-on Demonstrations using Marcraft Cybersecurity Essentials hardware	Calhoun’s CIS lab assistants will be walking attendees through hands-on lab exercises that explore industrial IT security, physical asset protection, and an introduction to ethical hacking tools. Multiple sessions will be run throughout the event, and seating will be limited.
David Noever, Grant Rosario, and Forrest McKee	Seven Lessons from Deploying AI-Augmented Cybersecurity in a Federal Cloud Environment	Federal security teams increasingly face the challenge of monitoring massive volumes of log data in real-time, particularly in environments such as Azure and AWS GovCloud where compliance requirements are stringent and operational stakes are high. Our team confronted this challenge head-on, managing multiple daily Apache, Tomcat, php, and RedHat system logs that exceeded the practical limits of human review. This presentation offers seven key lessons from the deployment of a local large language model–Cisco’s Foundation-sec model — to enhance log analysis within an air-gapped production GovCloud environment. Unlike controlled lab settings, live operations in a federal context must account for unique constraints including FedRAMP compliance, limited compute resources such as no GPU, and potentially sensitive data streams. Our six-month implementation demonstrates that when deployed thoughtfully, AI can act as a significant force multiplier—improving detection capabilities, accelerating response times, and reducing analyst burden without compromising security or compliance. We will detail how we enabled AI access to log streams, optimized processing pipelines for high-volume, low-latency analysis, and integrated AI outputs into existing workflows to ensure analyst adoption and trust. The result: an AI-driven increase in log coverage, a reduced likelihood of false positives, an order-of-magnitude improvement in event response times, and smarter mitigation strategies without adding human burden. As Federal, state and local agencies modernize cybersecurity operations under resource constraints and evolving threats, our experience provides a replicable framework for AI integration in regulated environments. The presentation focuses on actionable insights and a set of practical guidelines for introducing AI into cloud security architectures—highlighting which use cases yield the greatest return, and where human expertise remains in short supply.
William Sinclair	Hacking the Hackers: How to get most out of your penetration test	In today’s cyber security ecosystem penetration tests are a common occurrence, yet many organizations fail to extract their full value. This session explores how to plan, scope, and leverage penetration testing to drive meaningful outcomes. Attendees will learn how to align pentest objectives with business risk, select the correct provider, plan the engagements, and interpret findings beyond the report to maximize security Return On Investment (ROI). Through real-world examples and actionable insights, this talk empowers security leaders and technical teams to transform pentest engagements into catalysts for measurable improvement instead of just checking a box.

Our Sponsors

Become a Sponsor