December 14, 2010


      NEOISF Meeting December 15th, 2010

—< NORTHEAST OHIO INFORMATION SECURITY FORUM MEETING ---< Wednesday December 15, 2010 ---< 6:30 PM - 8:00 PM ---< Pizza and social start 6:00 PM ---< Location: Park Center Plaza #1, 6100 Oak Tree Blvd, off Rockside Road, Independence, Ohio ---< Open to everyone and free as always The Northeast Ohio Information Security Forum will meet for its monthly meeting on Wednesday December 15, 2010 starting at 6:30 PM. It will be held in the lower level of the Park Center Plaza #1 building (in the large room on lower level) off of Rockside Road in Independence. I've included links to maps and directions in this email. We have two talks planned... +++ Rooting Out the Bad Actors - Dan Walters, Sr. Systems Engineer at FireEye (www.fireeye.com). +++ Offensive-Security: A roadmap to penetration testing - David Kennedy See bottom of email for talk abstracts. PRIZES! Did we get your attention? We plan to have some prize giveaways as well. We have some NEOISF swag (shirts, mugs, etc) and other items we'll be giving away. Don't forget to come early, starting at 6:00 PM, for pizza and pop. Another great meeting from NEO Info Sec Forum - we hope to see you there! -- NEOISF Board -- ============================================================ [Location] Park Center Plaza 1 6100 Oak Tree Blvd Google maps link: TinyURL link http://tinyurl.com/neoisfmtg [Directions] 1. I-77 2. Rockside Road exit 3. West on Rockside Road 4. 2nd light go South onto Oak Tree Blvd 5. Pull into the 3rd driveway on the right 6. Go to lower level Signs will be posted on the building. ============================================================ TALK ABSTRACTS Rooting Out the Bad Actors - Dan Walters, Sr. Systems Engineer at FireEye (www.fireeye.com) Botnets have been around for some time now and don¹t seem to be going away ­ in fact they are becoming more prevalent and dangerous with the involvement of organized crime. Botnet zombies are resource thieves and potentially leave you and your network open to blacklisting and/or legal action. How can you keep track of new Botnet threats, how do you know you have been ³botted², how did you get ³botted², and what are the impacts or ramifications of the new bots? In our presentation, we look at several aspects of the current Botnet threats and give some help in answering these questions and more. Offensive-Security: A road-map to penetration testing - David Kennedy Offensive-Security offers several high end courses that is aimed at teaching the student the ability to effectively perform penetration tests and learn advanced techniques in the art of exploitation. Dave recently completed the Offensive-Security Certified Expert (OSCE) which is the hardest certification offered by Offensive-Security. This presentation will dive into all of the different courses, the expertise needed to pass the tests, and talk about a road-map to building you as a penetration tester.



del.icio.us|Digg|Furl|ma.gnolia|RawSugar|reddit|Spurl|Google|StumbleUpon



November 13, 2010


      November 17th Meeting Updates

Our next meeting is WEDNESDAY November 17, 2010. Pizza and networking start at 6:00 PM. Talks start at 6:30 PM. Location: Park Center Plaza #1, 6100 Oak Tree Blvd, off Rockside Road, Independence, Ohio. Click here for a Google Map! Open to everyone and free as always!

Here are the list of talks and agenda items for this months meeting:

The Enemy Within: How Cross-Site Request Forgery Can Turn Your Employees Into Unwitting Internal Hackers
Chris Bush, Sr. Security Consultant, Accuvant LABS

Web applications have for years now been increasingly the focus of attention for hackers. After all, vulnerabilities like SQL Injection have provided hackers a simple way to bypass firewalls and other network and host security controls to gain easy access to company data and internal resources. As a result, many companies have placed an increasing focus on securing their external web applications from these vulnerabilities, providing another layer of security and further hardening their perimeter. Meanwhile, corporate intranet applications have often not received this kind of attention to security, so they may still be vulnerable. And hackers still have a way to reach them – through your employees, and the web browser – using a technique known as Cross-Site Request Forgery. This talk will provide a technical overview of Cross-Site Request Forgery (CSRF). We’ll discuss how and why CSRF works, and how hackers can leverage it to turn your employees into unwitting accomplices to attack your internal applications. We’ll also cover some protection strategies that can be used to help mitigate the threat.

OSSIM Open Source SIEM
Kyle Capatosto, Hurricane Labs

OSSIM is an open source SIEM, developed by Alienvault LLC. It is a heterogeneous mixture of over 200 different open source projects, featuring a strong correlation engine, incident management tools, customizable reporting, and various cross-platform agents all tied into a simple, easy to-use web interface. Today’s talk will be covering installation styles, best practices, OSSIM innerworkings, as well as tips and tricks to get the most out of your OSSIM deployment.

Speaker Bios:

Chris Bush

Chris is a Certified Information Systems Security Professional (CISSP) and holds a Masters Degree in Computer Science from Binghamton University, Binghamton, New York and a Bachelors Degree in Computer Science from University at Buffalo, Buffalo, New York.

Kyle Capatosto

Kyle Capatosto has been a network security engineer at Hurricane Labs for over 2 years, currently consulting fortune 500 companies on secure network design, intrusion prevention, incident response, and SIEM. Kyle has performed multiple implementations of OSSIM on complex networks providing clients valuable insight into the interworkings of their network, as well as helping them to implement a better incident response program.



del.icio.us|Digg|Furl|ma.gnolia|RawSugar|reddit|Spurl|Google|StumbleUpon



« Newer Posts

Local Security Jobs @ our LinkedIn Group!


Support our Sponsors:


Visit our friends: