Skip to content
View koronkowy's full-sized avatar
Block or Report

Block or report koronkowy

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
koronkowy/README.md

Lacey Kasten About Me

OSINT/InfoSec nerd raised in Portland, OR who has historically lived in/around New York, Seattle, Tokyo, Houston, and Dallas/Fort Worth (DFW). Current owner of two smol cats. I study русский (Russian), polski (Polish), español (Spanish), 日本語 (Japanese), and Tiếng Việt (Vietnamese).

About this Page

I really wanted to highlight all the things I am connected with on my Twitter bio but I became involved with too many things!

My lovely Twitter acquaintance, Ch33r10 shared their GitHub readme which includes public mentions of them and their work and I thought it was the perfect idea to house all this stuff.

This is going to be pretty comprehensive and serve organizationally for me as an archive point as well as somewhat of a CV or resume.

I also want to highlight people/projects/conferences/etc. that I am connected with and feel passionate about.

Current Employment / Main Projects

  • LimaCharlie: I’m your friendly technical content strategist over at LimaCharlie, a start up that has created the SecOps Cloud Platform. LimaCharlie delivers the core components needed to secure and monitor any given organization: things like, deploying endpoint capabilities through a single agent regardless of the technology, alerting and correlating from logs regardless of the source, automating analysis and response regardless of the environment.

  • cabal / hatemail.io: Editorial staff and key organizer. Working in an international collective to develop and support projects that advance values of online consent, privacy, equity and liberty. Performing security assessments for at-risk and targeted people (https://cyberabuse.nyc/), creating, curating and supporting community works that progress personal security confidence, and monitoring pervasive threats online and investigating harassment campaigns. Supporting a diverse community in finding and vetting job opportunities, working with candidates to bolster their resumes and CVs, managing relationships with hiring employers to introduce talent, and developing a embedded job hunting platform. Writing, research, and editing support for unique editorials and news on threat intel, cybersecurity, hacking, privacy, tech ethics, tech-based harassment, politics & other relevant topics for hatemail.io.

  • HushCon: I started attending HushCon in 2018 at HushCon West in Seattle, WA. I’ve been back to HushCon West every year since. And now I am helping organize the conference as a sponsorship coordinator. HushCon is a premier security conference with hush rules on all talks that happen. I also attended HushCon East located in NYC in 2022 and 2023 and please reach out if you’d like to talk about sponsorship.

  • MSSN CTRL: This is a yearly conference in the DC metro area that was started by the folks at LimaCharlie. I am in part organizing this conference with my colleagues at LimaCharlie.

  • SeaGL (Seattle GNU/Linux conference): I’m back helping with SeaGL in 2024, assisting the main event coordinator directly in any areas that might make things easier for them / to fill in holes in the org. In 2021 I helped out the fantastic Seattle FLOSS (free/libre/open source software) conference. I served the org as the volunteer coordination committee co-chair and code of conduct co-chair. I also participated in or sat in on the programming, finance, partnerships, and tech committees. During the conference I managed a team of speaker wranglers, troubleshooted live streams run by Streamyard and Restream, helped with the custom Element based Matrix server hosting the conference’s chat platform, assisted speakers/attendees/sponsors with any help requests, and moderated channels throughout the conference.

  • HackBoat: As a former key conference organizer for this conference, I have been participating in getting this back off the ground in 2024. I helped found the initial conference, with social media, speaker organization and assistance throughout. This event went on hold due to COVID-19, but we are bringing it back.

  • stickerlife.org: This is a small archive project that I took on a few years back to digitize and make archived in quality format any and all stickers that are part of the information security world. These are either mailed in or ethically harvested. I also design and make stickers & send them out (sometimes for charity, even)! I have the capacity to do small press runs of stickers, and want to do more.

  • hackroost: (gh repo) Tiny link list project that was a continuation of an old pinned tweet I had where I collected a list of places cybersecurity talks are uploaded on YouTube.

Publications / Public Work

Education Information / Courses

  • Pacific Northwest College of Art (PNCA): Bachelor of Fine Arts (BFA), Communication Design. Dean’s Scholarship recipient. Completed in 2013.

  • School of Science and Technology: High school diploma. Completed in 2009.

  • Applied Physical Attacks on Embedded Systems, Introductory Version (at Portland OWASP Training Day 2018) by Joe FitzPatrick

  • MEDDPICC sales methodology certified via Andy Whyte’s MEDDPICC training - 2022

  • Microsoft Learning Modules - 2023-2024:

    • Configure SIEM security operations using Microsoft Sentinel: Configure security information and event management (SIEM) security operations using Microsoft Sentinel.

    • Automation in Microsoft Sentinel.

    • Threat detection with Microsoft Sentinel analytics.

    • Connect Windows hosts to Microsoft Sentinel.

    • Connect Microsoft services to Microsoft Sentinel.

    • Create and manage Microsoft Sentinel workspaces.

    • Introduction to Microsoft Sentinel: Get familiar with Microsoft Sentinel, a cloud-native, security information and event management (SIEM) service.

    • Microsoft Azure Well-Architected Framework - Security: Discover the tools that Azure provides to help you design a secure environment throughout your infrastructure, data, network, and applications.

    • Prepare for cloud security using the Cloud Adoption framework: Security is a core consideration for all customers, in every environment. But moving to the cloud is a significant change that requires a shift in your security mindset and approach. The Cloud Adoption Framework provides guidance for this security journey by providing clarity for the processes, best practices, models, and experiences.

    • Utilize threat intelligence in Microsoft Sentinel.

    • Connect data to Microsoft Sentinel using data connectors.

    • Connect threat indicators to Microsoft Sentinel.

  • Email Detection Engineering & Threat Hunting Workshop led by Sublime Security founder/CEO Josh Kamdjou and Alfie Champion, Co-founder of delivr.to. Participated in this workshop ahead of BSides Las Vegas 2023 and DEFCON 31 to offer feedback and test the training labs.

  • The Linux Foundation - Open Source Introduction (LFC202) - Completed Dec 2021.

  • Japanese Conversation: Level 1, (at Portland Community College) by Tsukumo Barrett. CRN: 12499, Winter 2020

  • Japanese Conversation: Level 2, (at Portland Community College) by Miyoko Fuse. Spring, 2021

  • OWASP Amass: Discovering Your Exposure on the Internet (at Portland OWASP Training Day 2019) by Jeff Foley.

Past Employment / Internships / Works / Projects

  • GreyNoise, Intelligence: I was one of the friendly Sales Engineers enabling sales to happen from a engineering perspective including in-depth demos, proof of value (POV) engagements, and creating content that documents and reflects on all the integrations and great things you can do with GreyNoise. I’m was a frequent contributor to marketing content, educational content, product documentation, and participated in/around conference and event coordination.

  • Atredis Partners: At Atredis, an attack research and penetration testing consultancy firm, my day job was being the lovely on-staff tech editor / tech writer. Due to the nature of my work, much of it fell under heavy non-disclosure. But there’s some fun public work that’s listed in the publications section here. My job also involved working as part of the Client Operations team in part of the sales engineering / scoping side of things, social media management including working on blog posts, being passionate about our vulnerability disclosure process, and wearing some other hats.

  • secjuice: secjuice is a non-profit, independent and volunteer lead publication in the information security space where I previously wrote articles, collaborated with other writers and editorial staff, provided critique and peer review of other writers and more.

  • chanscan.com: Created by Jake Creps, ChanScan was an open source knowledge base for language used by online subcultures helping researchers, journalists, open-source intelligence (OSINT) analysts, threat intelligence analysts, and other users with in-line term highlighting and accompanying wiki. I wrote a lot of wiki entries and helped in discussing feature planning and collaboration.

  • Sticker Cabal: This was a loose organization of folks found via Twitter who had large collections or make a prolific amount of stickers in the infosec/hacking world. We had mailings where members receive big parcels of stickers from other members or found at conferences, and team up with attrition.org to do auctions for charities. Some of the work this group does included Diecut Digest and the work that Straithe does there.

  • JuiceDB: Previously I used to moderate and work on the world’s biggest e-juice / vaping database about products. Countless hours spent adding descriptions of products, cross referencing official sites for data integrity, identifying tags to merge, categorizing tags, and user experience (UX) testing of the mobile application pre-release for Apple devices.

  • The Freeman Company: My role at Freeman was as a customer support online content representative. This team was responsible for spinning up websites and participating in the event and trade show event management process handling hundreds of shows yearly. I also worked with Freeman’s Canadian branches to localize bi-lingual documentation for French-Canadian events and provided support in proofing, editing, and collaborating on educational internal and external departmental documentation.

  • AfterAll Studio: In 2012 I was selected as one of AfterAll’s interns. This multi-media design studio is located in Portland, OR. One specific project I had a production assistant role in was shooting Tunde Baiyewu’s Move music video. You can see more of AfterAll’s work at the main website as well as the production side of the house site.

  • Bent Image Lab: In college, I worked at Bent Image Lab to provide client services support during the fall of 2011. Sometimes this meant wrangling coffee but the main goal was to make sure meetings with clients during scoping and review went smoothly.

  • Pacific Northwest College of Art (PNCA) / Museum of Contemporary Craft (MoCC): Throughout the years I had several positions and worked on a ton of projects at PNCA / MoCC that served as foundational experience. We worked to develop and populate events on the web calendar and management platform developed in house, content managment and website redesign for MoCC, and development and support (metadata / media management) on Mimi, the PNCA archive platform. I am probably forgetting some things, I wore a lot of hats here!

  • Oregon Health and Science University (OHSU) / Oregon Graduate Institute School of Science and Engineering (OGI): As a biomedical computer science intern I was nestled in with all the researchers as they did brilliant stuff at the Center for Spoken Language Understanding (CSLU). You can probably find bad ColdFusion code I wrote back then still alive.

Competition Participation

  • Hacktoberfest 2019: Participant. Contributed to open source during October in 2019.

  • Nolacon 2018: CG Silvers 2019 OSINT challenge as a remote member of team Tailpuft. The CG Silvers competition is an OSINT capture the flag (CTF) competition.

  • BSides PDX 2018: Trace Labs 2018 OSINT competition as a member of the team Qult of the Quantum Qows. This CTF involves using OSINT on real missing persons to submit information valuable to their return to law enforcement agencies.

Current Organizations

Past Organizations

  • GreyNoise Queer ERG: GayNoise: Helped in founding of the queer employee resource group (ERG) at GreyNoise, Intelligence.

  • Women’s Society of Cyberjutsu: Previous membership at this org, a 501(c)3 International nonprofit community, focused on empowering women to succeed in the cybersecurity industry.

  • DEF CON Groups: DC Group #dc541, Eugene, OR: My home DEF CON group where we met on the second Saturday of the month. I am still involved online with this group but less so now that I have moved.

  • PDX2600: Formerly attended the Portland chapter of 2600, a historic hacking / phreaking meetup.

  • Portland Area Scientific and Cultural Advancement League (PASCAL): A now defunct Portland hackerspace where I had deep involvement in event organization, hosting, being a member, helping out with the website, showing up to board meetings and more.

  • SeaSec / SeaSec East: I attended SeaSec/SeaSec East, one of Seattle’s local area security meetups.

  • Rainsec: I occasionally still attend the Portland CitySec meetup called Rainsec but I don’t live in Portland anymore :(

  • CTRL-H - PDX Makerspace: I am a former patron of the Portland hackerspace where I participated in and attended regular meetups there such as PDX Exploit Workshop (a security meetup), Dork Bot (a makerspace focused meetup), Open Hack Nights and Open Houses (general meetups). You can sometimes see me attending stuff from abroad in Seattle, :) I keep in touch with the Portland community.

  • WWCode Portland: Previous attendee of Portland’s chapter of WWCode (Women Who Code).

  • Donut.js: Previous attendee of Portland’s Donut.js meetup which occurred monthly to host talks on tech, creativity, community, and the intersection of all of those topics.

  • Freeman Women's Development DFW Chapter: Member of the employee resource group (ERG) for women at The Freeman Company.

  • Pacific Northwest College of Art’s Student Council: During my time at PNCA I participated as a Public Programs Student Liaison to the student council. I would bring information happenings about events and communications to the council and bring information from the council back to the Public Programs / Communications department.

  • Pacific Northwest College of Art’s Center4Design: This small design studio existed within the Communication Design department at PNCA and provided design services to actual clients. I worked on the design and branding work for Maryhill Museum of Art in Goldendale, WA located in the gorgeous Columbia River Gorge.

  • Pacific Northwest College of Art’s Submit Magazine: Participated in the creation of PNCA’s student publication, Submit magazine while I was attending the school.

Events

  • Security BSides - BSides PDX: Previously organizer who wore many hats in this organization, 2018-2021. Lead sponsorship to a level of growth of $100,000+ in sponsorship contributions, built countless relationships new and old with vendors. Sat on the board of directors from 2019-2021, ran for election and ran for chairman seat. There are few parts of this conference that I didn’t have my hands in.

  • THE NET GALA: In March of 2024, several folks came together to host THE NET GALA in New York. I helped in planning (small contribution, really), but I also worked the doors, helped with logistics and with teardown on site.

  • HellaConf: Appsec conference held by the folks behind HellaSecure. I provided support during the virtual conference for information on speakers in chat as well as moderation for chat.

  • DEF CON® Hacking Conference: I have attended DEF CON for the years of DC20, DC21, DC24, DC26, DC27, DC28, DC29, DC30, DC31. Often sponsored by companies, I have also attended as a scholarship recipient from the Women in Security and Privacy (WISP) org. I used to help host parties for Atredis Partners or GreyNoise maybe you saw me getting up to shenanigans like buying the Car Hacking Village Chang Li Tiny car at DC29.

  • AppSecUSA 2018: In San Jose, I was awarded the OWASP Bay Area Diversity Sponsorship to AppSecUSA 2018. This fantastic conference on Application Security is to this date one of the best conferences I have been privileged to attend.

  • The Diana Initiative (TDI): Volunteer as a community manager and InfoBooth volunteer for the 2020 TDI conference including learning how to spot and report abuse, troubleshoot the Hopin platform, and more.

  • ToorCon / ToorCamp: Attended Toorcon in 2021. This conference is fantastic at making opportunities for genuine connection to happen and brings fantastic speakers to San Diego. One day I will make it out to ToorCamp.

  • Security BSides - BSides Las Vegas: As a BSides organizer I attended BSides Las Vegas in 2019 and 2023 which is a fantastic Security BSides but also there’s a meetup within this conference where BSides organizers from all over share knowledge.

  • Security BSides - BSides Boise 2019: I had the pleasure of visiting BSides Boise in 2019, a conference in Idaho that blends several regions of Idaho into one conference. This is now called BSides Idaho.

  • Shmoocon: Attendee in 2022, 2023, 2024, an exclusive and premiere security conference located in Washington, D.C.

  • Splunk .conf 2022: Attendeed as a booth attendee for GreyNoise, Intelligence.

  • ftp://con:2022 and ftp://con:2023: Attended the virtual antifascist hacker conference of ftp://con online.

  • Eyebeam: Attended in 2021, a conference that combines tech folks, artists, scholars and more in an attempt to refigure the future into a better world.

  • Infosec Campout 2021: This magical sleepaway camping experience in the Pacific Northwest pairs infosec talks with the outdoors near Seattle, Washington. A cathartic, educational, and wholesome experience.

  • ShellConLA: Attendee in 2020 and 2021, a local Los Angeles security conference.

  • The AGORA: This was the oldest and largest security conference in the Pacific Northwest hosted at the University of Washington. Invite only and strictly adhering to Chatham House Rules. I attended from 2018-2019 when the conference concluded it’s run.

  • Time Based Arts Festival (TBA:): Attended and volunteered for several years at the TBA festival hosted by the Portland Institute for Contemporary Art (PICA) in Portland, OR. One time I volunteered at Mike Daisey’s ‘All The Hours in the Day’ monologue which lasted for 24 consecutive hours.

& I can guarantee you I have forgotten some stuff on here. I’ve watched many talks / participated virtually at other conferences too.

Credits

  • Ch33r10 for inspiration (You can find her GH above.)

  • Akash1362000 whose README I looked at as an inspiration

  • Canva was used for the opening graphic banner (not sponsored)

Popular repositories

  1. koronkowy koronkowy Public

    1 1

  2. public-pentesting-reports public-pentesting-reports Public

    Forked from juliocesarfort/public-pentesting-reports

    Curated list of public penetration test reports released by several consulting firms and academic security groups

    CSS

  3. bsidespdx.org bsidespdx.org Public

    Forked from BSidesPDX/bsidespdx.org

    https://bsidespdx.org

    SCSS

  4. organization organization Public

    Forked from SeaGL/organization

    Policies, procedures, files, notes, and other things necessary for and related to organizing the Seattle GNU/Linux conference.

  5. seagl.github.io seagl.github.io Public

    Forked from SeaGL/seagl.github.io

    Website for the Seattle GNU/Linux Conference

    HTML

  6. labac labac Public

    Forked from cabalcx/labac

    HTML