Northeast Ohio Information Security Forum

—< NORTHEAST OHIO INFORMATION SECURITY FORUM MEETING
—< Wednesday April 16, 2014
—< 6:30 PM – 8:00 PM
—< Pizza and social start 6:00 PM
—< Location: Freedom Square III at 4511 Rockside Rd.,
                       off Rockside Road, Independence, Ohio
—< Open to everyone and free as always

The Northeast Ohio Information Security Forum will hold our monthly
meeting at the above date and time.

Notice the location!!!!

We are at Freedom Square III at 4511 Rockside Rd., off Rockside Road, Independence, Ohio.

Map to the Location

Agenda:

Heartbleed
by Doug Hiwiller

 TBA
by Dave Kennedy

Don’t forget to come early, starting at 6:00 PM, for pizza and pop.
Another great meeting from NEO Info Sec Forum – we hope to see you there!

– NEOISF Board –

—< NORTHEAST OHIO INFORMATION SECURITY FORUM MEETING
—< Wednesday March 19, 2014
—< 6:30 PM – 8:00 PM
—< Pizza and social start 6:00 PM
—< Location: Freedom Square III at 4511 Rockside Rd.,
                       off Rockside Road, Independence, Ohio
—< Open to everyone and free as always

The Northeast Ohio Information Security Forum will hold our monthly
meeting at the above date and time.

Notice this is in a new location!!!!

We are in the amphitheater of Freedom Square III at 4511 Rockside Rd., off Rockside Road, Independence, Ohio. This is not the old building we were in. This is a new building, and is across Rockside Road from the old location.

Map to the Location

Agenda:

Security Omnipresence:  Infiltrating Every Level of a Mature Agile Development Lifecycle
by Márion Z. Nepomuceno and Kris French

It's easy for a security professional to feel like he's alone, 
especially when there are already mature processes in place
designed to function without him. And if he does finally break
into the development lifecycle, he certainly can't be everywhere
at once. Or can he? We'll show you how we infiltrated the
development lifecycle, spread the message of security, and
recruited shadowy agents of change to achieve security omnipresence.

SPEAKER BIO:

Marion Nepomuceno is a security engineer at Hyland Software
in charge of developing training materials, and working closely
with the nearly 200-person development staff on improving their 
secure coding skills and the security of the product. Marion has 
given several presentations and classes to audiences of varying sizes 
on the topic of security concepts and the SDL. He headed up the project 
to re-fit Microsoft's SDL processes to work within Hyland which houses 
several different waterfall-based and agile processes. This project has enjoyed 
significant success that has drawn the attention of the local security community. 

Kris French is a security tester at Hyland Software, and single-handedly created 
the security program for the QA department. Kris is in charge of creating 
training materials, creating and leading classes for his security-focused 
internal education track, managing the QA security champions group, and 
collaborating with development to aid in the creation of an overall 
security direction for the company. Kris is also an active member in his 
local security community and frequent contributor to the proceedings of 
the OWASP Cleveland chapter. Together, Marion and Kris have orchestrated 
the company-wide adoption of security practices and continue to do so. 

They are currently working on refining these methods so that they can 
be more easily implemented elsewhere. Because of these efforts, 
Hyland is now a noted member of the local security community, becoming 
host and sponsor of the OWASP Cleveland meetings.

Second Talk

 TBA

Don’t forget to come early, starting at 6:00 PM, for pizza and pop.
Another great meeting from NEO Info Sec Forum – we hope to see you there!

– NEOISF Board –

—< NORTHEAST OHIO INFORMATION SECURITY FORUM MEETING
—< Wednesday February 19, 2014
—< 6:30 PM – 8:00 PM
—< Pizza and social start 6:00 PM
—< Location:  6000 Freedom Square Drive
—< Open to everyone and free as always

The Northeast Ohio Information Security Forum will hold our monthly
meeting at the above date and time.

Notice this is in a new location!!!!

We are in the amphitheater of 6000 Freedom Square Drive. This is not the old building we were in. This is a new building, and is across Rockside Road from the old location.

Map to the building

Agenda:

An Empirical View of DNS Complexity and Security 
by Mark Allman

The Domain Name System (DNS) is a crucial piece of the Internet's
fabric, charged with mapping human-friendly names into network
addresses.  This talk highlights several recent projects that
aim to explore and understand how the modern DNS ecosystem has
organically developed.  We will first tackle the complexity of
the system and then illustrate how that complexity causes
potential security vulnerabilities.  Finally, we will briefly
sketch several possible mitigations to these security issues 
- which is the subject of ongoing work.

SPEAKER BIO:

Mark Allman is a senior scientist with the International
Computer Science Institute (ICSI).  His current research work
is in the areasnetwork architecture, security, transport
protocols, congestion  control and network measurement.
Prior to his appointment at ICSI, he conducted research on
internet working in satellite networks for BBN Technologies
at NASA's Glenn Research Center.  His professional activities
include chairing and serving on numerous conference steering
and program committees, as well as numerous leadership roles
within the Internet Engineering Task Force.

Second Talk

 Talk / Demo of xboot with Kon-Boot and ophcrack by Dave Lauery

Don’t forget to come early, starting at 6:00 PM, for pizza and pop.
Another great meeting from NEO Info Sec Forum – we hope to see you there!

– NEOISF Board –