Security Researcher, Pen tester, Hacker, Speaker, Teacher, and IoT abuser.
Joined March 2009
- Tweets 2,609
- Following 870
- Followers 2,949
- Likes 1,884
154 Photos and videos
Apr 3
I will be @CackalackyCon in Raleigh, NC on May 15–17, where I’ll be speaking cackalackycon.org/
Also, a couple of my @rapid7 penetration team members and I will be running hands-on hardware hacking exercise. So join us and learn some fun hardware hacking techniques.
2
146
Apr 3
Excited to share that I’ll be speaking at @HackSpaceCon on May 9 in Cape Canaveral, Florida!
hackspacecon.com/
1
75
Mar 27
So just got back yesterday from #RSAC where i presented "Exploiting Cellular IoT Pathways to Compromise Trusted Access". I had an amazing time. Also, @CarlotaBindner and I released a new white paper on the subject. Please check it out- rapid7.com/blog/post/tr-new-…
1
1
4
167
Make room in your RSAC itinerary for Principal Researcher (IoT) Deral Heiland's session on how hardware hacking techniques exploit cellular IoT to gain trusted access & how organizations can better defend against these risks.
Get the details: r-7.co/3PywfbV | @Percent_X
1
4
1,008
Feb 26
RSAC Conference is less than a month away, and I’m excited to announce that I’ll be speaking on March 24, 2026 at 1:15 PM PDT.
🎤 NCS-T09 – Exploiting Cellular IoT Pathways to Compromise Trusted Access
Session details: lnkd.in/evPytdjx
I hope to see everyone there !
1
1
793
Feb 23
I have starting to prep the @rapid7 hands-on hardware exercise for @defcon @IoTvillage. I have a plan and have started acquiring the needed devices and tools. More detail will be posted as we get closer to #hackersummercamp
2
16
884
Deral Heiland retweeted
Bug in widely used VoIP phones allows stealthy network footholds, call interception (CVE-2026-2329) - helpnetsecurity.com/2026/02/… - @rapid7 @stephenfewer @fulmetalpackets @GrandstreamNet #IPphones #SecurityUpdate #SMBs #VoIP #Vulnerability #Cybersecurity #CybersecurityNews
3
7
456
Feb 13
CyberBay Conference in Tampa Florida is only a month away. Please join me on March 12th for a discussion on building out an IoT embedded device security testing program - cyberbay.org/
3
100
🚨 On 2/6/26, #BeyondTrust disclosed a critical RCE vulnerability affecting its Remote Support (RS) and Privileged Remote Access (PRA) products.
The flaw has been assigned CVE-2026-1731 and a near-maximum CVSSv4 score of 9.9.
More in the Rapid7 blog: r-7.co/4arAjln
9
27
66
10,437
Jan 13
How it started and how it went - check out my CES 2026 review videos:
youtu.be/86CpgYTJfGw
youtu.be/VYEkjckAlWc
#CES2026
193
Jan 7
Attending CES2026 this week and I can now claim officially I have seen it all. A smart vacuum cleaner with its own drone delivery feature. #CES2026
3
2,280
🚨 On 12/19/25, MongoDB Inc. disclosed a critical new vuln. affecting #MongoDB – one of the most popular document-oriented databases.
CVE-2025-14847, or #MongoBleed, is a high-severity unauthenticated memory leak. More in the Rapid7 blog: r-7.co/4piWbER
3
5
25
6,099
16 Dec 2025
Released a new White paper last week "Multifunction Printer (MFP) Security Concerns within the Enterprise Business Environment" You can link to the white paper from the following @rapid7 blog, Please check it out - rapid7.com/blog/post/ve-new-…
3
4
1,070
14 Nov 2025
It was great time chatting with with Joe Pannone at CyberBay on the “Discipline Conversations” podcast. Please check it out: open.spotify.com/episode/27X…
116
24 Oct 2025
I'll be speaking at Queen City Conference 0x3 on Nov 08 , 2025. My talk "So you want to hack on hardware ?" I Hope to see you there!
queencitycon.org/
1
1
140
Deral Heiland retweeted
14 Oct 2025
Want to get your product or service introduced to security teams in the Greater Cincinnati region? Looking to participate in one of the fastest growing cybersecurity conferences in the Midwest? #QueenCityCon0x3 is it! Sponsorship details: queencitycon.org/sponsorship
#QueenCityCon
2
2
189
🚨 Rapid7 has observed increased activity involving a new threat group and #AWS cloud environments.
Self-referred to as ‘Crimson Collective’, the group has claimed responsibility for the recent theft of private repositories from the #RedHat GitLab. More: r-7.co/48ltfqS
40
132
16,180
4 Sep 2025
I will be speaking at a couple conferences in October and hope to see you all there.
First, I will be speaking at this years CyberBay2025 conference Tampa, Florida October 13-15.
cyberbay.org/speakers/
2
4
132
4 Sep 2025
Second, I will be speaking at SecHealth conference Franklin, Tennessee on October 21st
sechealthcon.com/SECHealth
October is looking to be a great month so please join me for some fun cyber security discussions
92
At #DEFCON33, @Percent_X challenged IoT Village participants to extract a smart camera's firmware, manipulate its flash memory, and ultimately gain root access 📸
Today, the full exercise is available in whitepaper form! Find a free download via our blog: r-7.co/462gJcW
1
4
7
2,128