Northeast Ohio Information Security Forum

—< NORTHEAST OHIO INFORMATION SECURITY FORUM MEETING
—< Wednesday February 15, 2017
—< 6:30 PM – 8:00 PM
—< Pizza and social start 6:00 PM
—< Location: OEC at 4205 Highlander Pkwy Richfield, OH 44286
—< Open to everyone and free as always

The Northeast Ohio Information Security Forum will hold our monthly meeting at the above date and time.

Agenda:

Open Mic & Social

Don’t forget to come early, starting at 6:00 PM, for food and soda, sponsored by TrustedSec.

Another great meeting from NEO Info Sec Forum – we hope to see you there!

– NEOISF Board –

—< NORTHEAST OHIO INFORMATION SECURITY FORUM MEETING
—< Wednesday January 18, 2017
—< 6:30 PM – 8:00 PM
—< Pizza and social start 6:00 PM
—< Location: OEC at 4205 Highlander Pkwy Richfield, OH 44286
—< Open to everyone and free as always

The Northeast Ohio Information Security Forum will hold our monthly meeting at the above date and time.

Agenda:

What to Expect When Your Applications Are Being Pentested
by: Mike Woolard

This will be an open discussion on the top steps to prepare your organization for a third-party pentest of your applications. What are some of the pitfalls companies fall into when scoping the engagement, what to do while the test is going on, and preparing your company to respond to the results in a timely manner.

• Mike is a security analyst who has worked in the IT field for 16+ years.  14 of those years were spent in various IT roles including SysAdmin, SysEngineer, DBA, and NetEngineer.  That experience has helped him in his current role, where Michael plays an integral part in all areas of the organization to help secure the processes and procedures.  Michael manages risk assessments and pentests of the various web applications OEC builds, and leads the security awareness & education program where he designed many workshops and puts on many events.  Mike has worked towards various certifications including the CISSP and CEH and is a contributing member of many local security organizations including Infragard, NEOISF, Clevesec and the Information Security Summit.

How to Win at Compliance, and Influence Auditors
by: Tom Kopchak

If you’re here, your organization inevitably is responsible for managing and conforming to numerous regulatory and compliance requirements.  All too often, you will find yourself at the mercy of an individual auditor’s interpretation of these compliance requirements. As security professionals, helping our customers meet compliance requirements through the use of security reporting tools, we can definitely relate to this scenario.

This presentation will focus on various interpretations of compliance requirements that we have seen from different customers working with different auditors across a wide range of industries.  Our intent will be to draw attention to these differences, and seek to ultimately encourage compliance efforts to be less subjectively and more objectively focused.

• Tom Kopchak is the Director of Technical Operations at Hurricane Labs, where he pretends to manage a team of network and system engineers, but is still an engineer and technology geek at heart. He holds a Master’s degree in Computing Security from the Rochester Institute of Technology, and has spoken at numerous infosec conferences around the country. When he is not working with computers, Tom enjoys composing, music improvisation (Acts of Music), and playing both the piano and organ.

Don’t forget to come early, starting at 6:00 PM, for food and soda, sponsored by TrustedSec.

Another great meeting from NEO Info Sec Forum – we hope to see you there!

– NEOISF Board –

—< NORTHEAST OHIO INFORMATION SECURITY FORUM MEETING
—< Wednesday November 16, 2016
—< 6:30 PM – 8:00 PM
—< Pizza and social start 6:00 PM
—< Location: OEC at 4205 Highlander Pkwy Richfield, OH 44286
—< Open to everyone and free as always

The Northeast Ohio Information Security Forum will hold our monthly meeting at the above date and time.

Agenda:

RottenPotato: A Quick Review
by: Chris Mallz

Chris will be discussing a technique based on the Potato exploit that allows for elevation from many Windows service accounts (such as those used by IIS and SQL Server) to SYSTEM in default configurations on all Windows versions.

• Chris really doesn’t want to write a bio he prefers researching, writing code, and popping boxes.

Don’t forget to come early, starting at 6:00 PM, for food and soda, sponsored by TrustedSec.

Another great meeting from NEO Info Sec Forum – we hope to see you there!

– NEOISF Board –

—< NORTHEAST OHIO INFORMATION SECURITY FORUM MEETING
—< Wednesday October 19, 2016
—< 6:30 PM – 8:00 PM
—< Pizza and social start 6:00 PM
—< Location: OEC at 4205 Highlander Pkwy Richfield, OH 44286
—< Open to everyone and free as always

The Northeast Ohio Information Security Forum will hold our monthly meeting at the above date and time.

Agenda:

Security Automation in your Continuous Integration Pipeline
by: Jimmy Byrd of Binary Defense Systems

Jimmy Byrd @jimmy_byrd develops use unit tests and acceptances tests in continuous integration (CI) to find bugs early and often in a repeatable way. Security is an important part of any software development life cycle. So why not add security analysis tools to this pipeline? This talk will cover adding and using OWASP/pipeline, a framework made for running security analysis tools in CI.

• Jimmy Byrd is currently a Security Developer at Binary Defense Systems. He has worked as a developer for 8 years in a collection of fields such as manufacturing, education, medical, and SCADA. After being the victim of a SQL Injection attack in 2011, Jimmy started learning more about security as a software developer and how it can be applied to his field to stop attacks before they even happen.

Ransomware overview and trends
by: Jamie Murdock of Binary Defense Systems

This talk will cover the most common ransomware and a synopsis of how they operate and what the current trends are.

• For over 15 years, Jamie has specialized defending, securing, and protecting corporate networks. During this time, he has built security operation centers for Fortune 500 companies, providing expert guidance in all areas of security operations. He has built incident response and threat intelligence programs, including assisting federal agencies on cyber-crime investigations. Jamie has presented at regional and national conferences on the topics of security operations centers and threat intelligence.

Don’t forget to come early, starting at 6:00 PM, for food and soda, sponsored by TrustedSec.

Another great meeting from NEO Info Sec Forum – we hope to see you there!

– NEOISF Board –