Security builder & leader

Presentations, Webcasts and Speaking Engagements

I present at conferences and participate in conversations on cybersecurity topics including security leadership, malware analysis, incident response, and professional communication. Below are some of these talks and discussions.

2025

From Chief Opinion Officer to Action-Taker (Axonius): How can security leaders move past expressing opinions and start driving meaningful change? Watch the video.

How Security and Privacy Teams Break Barriers Together (RSAC Conference): How can security and data privacy teams collaborate to strengthen their respective programs? Co-presented with Edy Glozman. Watch the video. Download slides.

Getting Started with Malware Analysis (SANS Webcast): A practical journey through the four-stage approach to analyzing malicious software, from automated analysis to code reversing. Watch the webcast.

2024

How to Keep Your Cool and Write Powerful Incident Response Reports (RSAC Conference): What frameworks and checklists can help professionals deliver useful, actionable incident reports? Watch the video.

Transforming the Defender’s Dilemma into the Defender’s Advantage (Enterprise Security Weekly): A conversation about evolving from a security advisor into an action taker. Watch the video.

My Story So Far and Your Own Career Journey (Axonius): A three-part career reflection on building a path in cybersecurity, from foundation through adaptation to growth. Watch the videos.

2023

Whoa, You’ve Been the CISO for 3 Years—Now What? (RSAC Conference): What opportunities are available to CISOs who decide to stay in their roles? Co-presented with Yael Nagler. Watch the video.

How Security Can Better Support Software Engineering Teams (Seeding AppSec Podcast): A conversation about how security leaders can help build secure products from the start. Watch the video.

2022

Cybersecurity: No Longer the “Department of No” (Hacker Valley): How can CISOs avoid fighting everyone and become business enablers? Watch the video.

2021

How to Ask the Right Questions to Succeed with Security Projects (RSAC Conference): How can security professionals use constructive inquiry to advance their projects? Watch the video.

Analyzing Windows Malware on Linux (RSAC Conference): Getting started tips and examples for examining Windows malware using REMnux on Linux. Watch the video. Download slides.

2020

Mastering Cyber Asset Management: CISO’s Perspective (TAG Infosphere): A conversation about cybersecurity asset management and the role of a CISO in a technology company. Watch the video.

The Role of a CISO (Hacker Valley): A conversation about the CISO role in today’s enterprise. Listen to the episode.

Writing Effective Threat Reports (SANS CTI Summit): How can security professionals create effective threat reports for a diverse set of stakeholders? Watch the video.

What’s New in REMnux v7 (SANS Webcast): A walkthrough of the new capabilities in REMnux v7, with a live malware analysis demo. Watch the video. Download slides.

2019

Top 10 Cybersecurity Writing Mistakes (SANS Institute): Common writing mistakes in cybersecurity and how to avoid them. Watch the video. Download slides.

Practical Malware Analysis Essentials for Incident Responders (RSAC Conference): Key malware analysis techniques to aid incident responders. Watch the video. Download slides.

Evasion Tactics in Malware from the Inside Out (RSAC Conference): A hands-on lab examining evasion techniques in real-world malware using debuggers. Watch the video. Download slides.

Earlier Presentations

How Attackers Use Social Engineering to Bypass Your Defenses: How attackers use social engineering to compromise defenses, with concrete examples of successful techniques. Download slides.

The Use of the Modern Social Web by Malicious Software: How malicious software thrives in the social web ecosystem of mobile devices, networks, browsers, and sociable users. Download slides.

Learning to Live with Social Networks: Risks and Rewards: Key risks associated with social networking and how policies and technologies can help mitigate them. Download slides.

How to Respond to an Unexpected Security Incident: Key questions an incident responder should ask to gain control of an unexpected situation quickly and assertively. Download slides.

Introduction to Malware Analysis: An overview of the process for reverse-engineering malicious software, covering behavioral and code analysis phases. Read more.

Malware Threats and Defenses That Work: Key characteristics of recently-seen malware and methods for fighting malware threats that stand a chance of being effective. Download slides.

Penetration Testing Beyond Front-Line Exploits: Tools and techniques for going beyond the basic exploits-focused penetration testing methodology. Download slides.

A Perspective on Malware in 2008: A survey of malware characteristics, exemplified by recently-seen bots, downloaders, keyloggers, and malicious scripts. Download slides.

Penetration Testing with Confidence: Ten key issues you need to address for a successful penetration test. Download slides.

Top Five Ways to Keep Users Safe from Today’s Web-Based Threats: How to defend against web-based threats, recognize botnet attacks, and prevent your network from becoming a launching pad for spam. Download slides.

Data Breaches and the Insider Threat: What to Do? A survey of publicly-announced data breaches tied to insider actions and a framework for mitigating the risk of such breaches. Download slides.

Malware Analysis Shortcuts: Techniques and free tools that offer shortcuts for malware analysis to identify key characteristics of malicious files and websites. Download slides.

Browser Threat Landscape: An overview of the web browser threat landscape, reviewing three major categories of browser-oriented attacks. Download slides.

Beyond Vulnerability Assessment: 10 Questions: Ten questions worth asking when establishing a robust IT security program, going beyond traditional vulnerability assessment. Download slides.

Impersonation Attacks: Trends in technology and motivation behind phishing and spyware schemes, with examples of increasing complexity. Download slides.

Phishing and Spyware Threats: Testimony at the California Senate Committee hearing on the dangers of phishing and spyware threats affecting consumers. Co-presented with Toby Kohlenberg. Download slides.

More on
LeadershipTrainingMalwareCommunication
After 6+ years building the security program at Axonius from startup to scale, I'm exploring what's next. As I work on independent projects, I'm open to CISO or security product leadership roles where technical depth enables business growth. To talk, reach out on LinkedIn or email me at my first name at my last name dot com.
4 min to read
Published: January 26, 2011
Updated: March 5, 2026

About the Author

Lenny Zeltser is a cybersecurity executive with deep technical roots, product management experience, and a business mindset. He has built security products and programs from early stage to enterprise scale. He is also a Faculty Fellow at SANS Institute and the creator of REMnux, a popular Linux toolkit for malware analysis. Lenny shares his perspectives on security leadership and technology at zeltser.com.

Learn more →