Northeast Ohio Information Security Forum

—< NORTHEAST OHIO INFORMATION SECURITY FORUM MEETING
—< 6:30 PM – 8:00 PM
—< Pizza and social start 6:00 PM
—< Location: OEC at 4205 Highlander Pkwy Richfield, OH 44286
—< Open to everyone and free as always

The Northeast Ohio Information Security Forum will hold our monthly meeting at the above date and time.

Agenda:

Talk:
An Introduction to API Pentesting
by: Thomas Pieragastini

Increasingly web applications are relying on backend API services in order to query data, write data to databases and perform backend functions. On some levels the shift to API centric applications presents conditions that are very similar to testing traditional web applications, while on other levels the presence of APIs fundamentally changes the methods and tools utilized during testing. This shift in the application space becomes more prevalent everyday, and has changed the face of web application testing.

Lighting Round Talks

• TBA

If you are interested in speaking send an email to board@neoisf.org and we can help you write your talk.

Don’t forget to come early, starting at 6:00 PM, for food and soda.

Another great meeting from NEO Info Sec Forum – we hope to see you there!

– NEOISF Board –

—< NORTHEAST OHIO INFORMATION SECURITY FORUM MEETING
—< 6:30 PM – 8:00 PM
—< Pizza and social start 6:00 PM
—< Location: OEC at 4205 Highlander Pkwy Richfield, OH 44286
—< Open to everyone and free as always

The Northeast Ohio Information Security Forum will hold our monthly meeting at the above date and time.

Agenda:

Talk:

Beneath the Depths of the Windows Event Log
by: Charles Yost

The Windows Event Log is the cornerstone for many Blue Teams and a bane for many Red Teams when dealing with InfoSec on Windows hosts. However, there are many differences between it and the logging in place on Unix/Linux and macOS Systems. Where did it come from? How does it work? Why is it so complex? In this talk I will guide you through the depths beneath the Windows Event Log in an effort to better understand it. We will dive into the Windows API and Infrastructure surrounding the Windows Event Log and discover the whys and wherefores that dictate it’s usage. From the Windows Registry to some C structs we will pull back the cover on just what it is, and how we can better understand it in an Information Security context.

Lighting Round Talks

• TBA

If you are interested in speaking send an email to board@neoisf.org and we can help you write your talk.

Don’t forget to come early, starting at 6:00 PM, for food and soda.

Another great meeting from NEO Info Sec Forum – we hope to see you there!

– NEOISF Board –

—< NORTHEAST OHIO INFORMATION SECURITY FORUM MEETING
—< 6:30 PM – 8:00 PM
—< Pizza and social start 6:00 PM
—< Location: OEC at 4205 Highlander Pkwy Richfield, OH 44286
—< Open to everyone and free as always

The Northeast Ohio Information Security Forum will hold our monthly meeting at the above date and time.

Agenda:

Talk:

Computer Capers – Then and Now
by: Steve Margolis, Luke Margolis

“Computer Capers”, a 1978 book by Thomas Whiteside, re-tells several cases in which
computers were used, or mis-used, in the execution of various crimes. This book is partly
based on earlier research by Donn Parker at SRI and his publication, “Crime by Computer”. This
presentation will tell the stories of those early “capers”, how technology has changed but not
the scams, and how today’s cybersecurity controls and methods can detect and stop them.

Lighting Round Talks

• TBA

If you are interested in speaking send an email to board@neoisf.org and we can help you write your talk.

Don’t forget to come early, starting at 6:00 PM, for food and soda.

Another great meeting from NEO Info Sec Forum – we hope to see you there!

– NEOISF Board –

—< NORTHEAST OHIO INFORMATION SECURITY FORUM MEETING
—< 6:30 PM – 8:00 PM
—< Pizza and social start 6:00 PM
—< Location: OEC at 4205 Highlander Pkwy Richfield, OH 44286
—< Open to everyone and free as always

The Northeast Ohio Information Security Forum will hold our monthly meeting at the above date and time.

Agenda:

Talk:

A Brief on Assassin
by: Nick Moore

Assassin is an internal Palo Alto Networks tool that queries public data sources for a given domain and pulls back a great deal of information about the organization’s security posture. At no point does it actually touch any resources owned by the target organization. Information gathered includes:

• Pivot domains discovered via IP redirects
• Public IPs advertised
• QA/Dev/Test systems exposed to the Internet
• Leaked API keys
• insecure encryption algorithms
• System vulnerabilities
• Systems that would benefit form application ID hardening

The approach is one that an attacker would almost certainly take as a first step for determining possible attack vectors, but is also used by potential business partners, customers and cybersecurity insurance companies. The results are discussed live with customers and often yield a number of quick wins for the organization to dramatically improve their security posture. 

Nick has been in Infosec since 1998 and has worked for McAfee, Nokia, Cisco, Sourcefire (and Cisco again) and Palo Alto Networks. He has extensive experience with threats, malware and SOC methodology. He has spoken at ISSA, CactusCon and numerous local security events. He has been a judge for the College Cyber Defense Competition for 5 years and has a keen interest in helping early in career individuals. 

He loves cooking and bicycling when not at work; these hobbies have not balanced themselves out as well as he would hope. 

Lighting Round Talks

• TBA

If you are interested in speaking send an email to board@neoisf.org and we can help you write your talk.

Don’t forget to come early, starting at 6:00 PM, for food and soda.

Another great meeting from NEO Info Sec Forum – we hope to see you there!

– NEOISF Board –