MiSec Meetup December 2012

OWASP Detroit. MiSec hosts OWASP on the last month of every quarter: March, June, September, and … December! OWASP Detroit returns December 13th at 7 pm.

Securing the Software Development Life Cycle. Adding security into your SDLC can be an intimidating task for a development team that is asking, “Where do we start?”

This talk will introduce some of the most beneficial security practices that can be added to an SDLC, how they can be implemented within a large or small development team, and describe their time footprint within a development schedule.

Kevin Poniatowski began his information technology career by working for over eleven years as an application developer in the defense industry. Focusing on safety of flight issues for pilots and navigators within our armed forces led him into the application security field where he has spent the last five years teaching application security to developers, testers, and project managers from some of the largest organizations in the world. Kevin is currently the Director of Instructor led Services for Safelight Security.

For details and location, please either contact us through email (info@michsec.org) or log into our IRC channel (Freenode/#MiSec). This month’s meeting will also be streamed via Gotomeeting, Meeting ID: 591-159-086.

Lessons Learned from the Galactic Empire Encore

Star Wars. Kellman Meghu. Lessons Learned from the Galactic Empire was one of the most memorable talks from BSides Detroit. Kellman was great. So great, in fact, that a speaker who saw Kellman gave up his GrrCon time-slot just to see it again. Kellman’s insights into security in Star Wars brought the house down at GrrCon, at BSides Detroit, and now we are bringing him back.

Kellman is returning to Michigan for an encore performance. One night only, co-sponsored by MiSec and Oakland Community College in Royal Oak. Tickets are free but limited. We hope you can join us for this amazing event.

Did you miss the talk at BSides Detroit? Check out the Galactic Empire flyer!

When:
Monday, November 26th, 2012
7 pm to 9 pm

Where:
Oakland Community College
739 South Washington Ave
Royal Oak, Michigan 48067

Tickets:
http://www.eventbrite.com/event/4536839810

 

Melissa Marshall: Talk nerdy to me

Wondering what makes a great #misec talk? Securelexicon sends us this video.

MiSec November Meetup

November’s MiSec meetup will be on Thursday, November 8th, at 7 pm. Keith Dixon (@tazdrumm3r) is giving a talk on honeypots in the cloud.

For details and location, please either contact us through email (info@michsec.org) or log into our IRC channel (Freenode/#MiSec). This month’s meeting will also be streamed via Gotomeeting, Meeting ID: 913-366-262, Meeting Password: misec.

A sneak peak at what is to come:

  • OWASP Detroit returns in December with Kevin Poniatowski covering SDLC
  • In January, Raymond Lilly (@37point2) is presenting Intel Analysis – Twitter, Python, Data Mining
  • Rapid7 presents on March 2013

Security Awareness Event @ Walsh

The Dangers of Sharing Social Data, presented by Steven Fox
Social media offers a medium by which we connect with others quickly, regardless of distance. We disclose freely information, creating a sense of connection in a virtual community. This session explores the dark alleys of this world; where data is used my miscreants to deceive their targets. Attendees will learn first hand the tools used to collect social data, analyze it for patterns, and employ it nefariously. They will also learn how to negotiate the shadows of an open world while protecting their privacy online.

Event Details
Wednesday, October 17, 7:30 – 9:30 a.m.
Troy Campus
Cost: $10 includes refreshments and admission to the hands-on session
Register online.

 

Talk – Digital Forensics and Incident Response

Jack Crook designed the DFIR challenge for GrrCon 2012. Digital Forensics and Incident Response, a #misec presentation by Jack Crook, explores how to solve the challenge. This talk was given at a #misec meetup on October 11, 2012.

The files for this challenge are available:

MiSec Meetup October 2012

October’s MiSec meeting will be on Thursday, October 11th, at 7 pm. Jack Crook is presenting a talk on forensics. Bring your own computer to follow along as Jack takes us into the details.

Abstract. Everyone has heard of targeted attacks. Detecting these can be challenging, responding to these can be even more challenging. This presentation will walk the participants through responding to this type of attack. By analyzing key points such as file times, memory and network traffic we will be able to answer the what, where, when and how of this compromised host. A Live image with all the tools and evidence files will be provided. The only thing you need to bring is a computer and some l337 S4uc3!

Bio. Jack Crook has been in the information security field for the past 12 years. He currently works as an Incident Handler performing incident response for one of the worlds largest companies. When Jack is not catching bad guys, he enjoys thinking of additional ways to catch bad guys.

For details and location, please either contact us through email (info@michsec.org) or log into our IRC channel (Freenode/#MiSec). This month’s meeting will also be streamed via Gotomeeting, Meeting ID: 557-536-470, Meeting Password: misec.

A sneak peak at what is to come:

  • In November, Keith Dixon (@Tazdrumm3r) is presenting on honeypots
  • OWASP Detroit returns in December with Kevin Poniatowski covering SDLC
  • In January, Raymond Lilly (@37point2) is presenting Intel Analysis – Twitter, Python, Data Mining
  • Rapid7 presents on March 2013

 

Talk – Covert Channels and Controls in .NET

Covert Channels and Controls in .NET, a OWASP Detroit presentation by J Wolfgang Goerlich. This talk was given at a #misec meetup on September 13, 2012.

MiSec Meetup September 2012

September’s MiSec meeting will be an OWASP Detroit event on Thursday, September 13th, at 7 pm.  J Wolfgang Goerlich (@jwgoerlich) is giving a talk on Covert Channels and Controls in the Microsoft .Net Framework.

For details and location, please either contact us through email (info@michsec.org) or log into our IRC channel (Freenode/#MiSec). This month’s meeting will also be streamed via Gotomeeting, Meeting ID: 253-829-318, Meeting Password: misec.

A sneak peak at what is to come:

  • September 27-28, the GrrCon conference (http://grrcon.org)
  • In October, Jack Crook is presenting on forensics and incident response
  • In November, Keith Dixon is presenting on honeypots
  • OWASP Detroit returns in December with Kevin Poniatowski covering SDLC
  • Rapid7 presents on March 2013

 

CSAW 2012 Sign-up

Join some of the #misec crew as we take on New York Poly’s CSAW CTF Prelims. #misec did this event last year and had a great time doing the challenges.

This event is a virtual event, however a few members will be in Grand Rapids for most of the challenge. We will coordinate via IRC for discussions and draids for information sharing. If you plan on being in the Grand Rapids area, please let Matt Johnson know.

Please grab a ticket if you want to be on the notification list of all activites related to the event.

If you have any questions, please contact Matt Johnson (@mwjcomputing).

You can register at http://misecsaw2012.eventbrite.com/. Note: This ticket is just to help coordinate participants.

Return top

About MichSec.org

We are a collective of Michigan based information security professionals (or maybe just people interested in security) looking to share knowledge and make the world a safer place.

Newsletter

Hey, we have a monthly newsletter. Click here to subscribe to a monthly dose of Michigan InfoSec.