BSides RedRocks 2025 - Gears, Grit, and Gaps

A Mechanical Engineering Mindset for Cybersecurity

I had the amazing opportunity to drive down and give my first conference talk at BSides Redrocks in St. George, UT. Coming in from mechanical engineering, I show my problem solving process that I use in class and use it to build a framework that can apply to solving various cybersecurity problems.

Overview

I presented 2 entirely different problems, one engineering, the other cybersecurity. The engineering problem came out of my Solid Mechanics textbook, and the cybersecurity problem was inspired by a recent CTF challenge that I had done the week before. Comparing the 2 problems, I walk through breaking them both down into solvable pieces.

Once the video is posted, I’ll put that here!

The Framework

  1. Write down your givens and finds
  2. Visualize and understand the problem
  3. Understand your tools and when to use them
  4. Solve the problem
  5. Repeat and Reiterate
  6. Verify results
  7. Document everything

Givens / Finds / Research

  • What information does the problem give us?
    • Write it all down
  • What are we actually looking for?
    • It’s easy to go down rabbit holes
  • What things do we need to know?
    • What tools should we expect to use?

Visualize the Problem

  • Understand what applies
    • You want to be able to remove the useless information
  • Know how the given information affects the problems
    • Make assumptions as needed
  • Roadmap / gameplan to get from A to B

Understand the Equations (Tools)

  • Many equations with the same variables
  • Need to know which tools to use when you need them
  • Toolbox - You won’t need every tool all the time
  • Experience - The more the better

Solve

  • Plug and Chug
  • It’s okay to guess for unknowns
    • As long as you have reasoning and can come back to verify later

Repeat and Reiterate

  • Oftentimes you’ll have multiple steps to a problem
    • If you can script it, please do
  • New information can reveal new methods
  • Unknowns that we guessed can be converged on

Verify Results

  • Check against another tool
  • Check with a peer
    • Solve separately, then come together
  • This step often leads to step 6.5 - Troubleshooting

Troubleshooting

  • Check the math (inputs)
    • Break it down
    • Do it part by part if possible
    • Skipped steps can cost you time in the long run
  • Check the method (Tools)
    • Some tools just suck
  • Fail fast and fail hard

Documentation

  • Should be easy if you’ve been taking notes during steps 1-6
  • Something visual to represent what was done
    • The easier to follow, the better
  • Keep in mind your audience

Final Thoughts

I had such a good time down in St. George for this conference, and I’m super grateful for the opportunity I had to give this talk. Shoutout to the event organizers for everything that they did for this event! I look forward to having everyone back up on my turf for BSides Cache!

Presentations 

See also