David M. N. Bryan - Aka VideoMan
David M. N. Bryan is a seasoned hacker and security professional with over 25 years in the information security space. Currently at NetSPI, David specializes in penetration testing across a broad range of technologies, including mainframes, ATMs, storage systems, IoT devices, payment systems, and more.
David’s career spans both offensive and defensive security roles—from securing a top ten bank’s infrastructure to helping protect the DEF CON network. A long-time DEF CON goon, he’s contributed to the community for decades and brings deep expertise in areas such as embedded systems, network and wireless security, web application testing, and physical security.
He has shared his knowledge at major security conferences including Black Hat, DEF CON, ToorCon, LayerOne, ToorCamp, BSides, and AppSecUSA, among others. Most recently, David was part of the NetSPI Mainframe team that took first place in the Capture the Flag competition at the Share 2025 Mainframe Conference in Washington, D.C.
Session
Yes, Mainframes are still around. They make up the core of a suprising number of large fortune 500 companies . I will cover what a Mainframe is at a high level, how they tend to work, and regular security flaws that we see on a daily basis when testing these systems. If you've ever saw a movie and they say 'theyre hacking the mainframe', now you'll know what theyre talking about! By the end of this talk you'll know what a dataset is, how to test Unix (yes, Unix), and what these acronyms mean: JES2, RACF, NJE, TSO, OMVS.