Our next meeting is WEDNESDAY November 17, 2010. Pizza and networking start at 6:00 PM. Talks start at 6:30 PM. Location: Park Center Plaza #1, 6100 Oak Tree Blvd, off Rockside Road, Independence, Ohio. Click here for a Google Map! Open to everyone and free as always!
Here are the list of talks and agenda items for this months meeting:
The Enemy Within: How Cross-Site Request Forgery Can Turn Your Employees Into Unwitting Internal Hackers
Chris Bush, Sr. Security Consultant, Accuvant LABS
Web applications have for years now been increasingly the focus of attention for hackers. After all, vulnerabilities like SQL Injection have provided hackers a simple way to bypass firewalls and other network and host security controls to gain easy access to company data and internal resources. As a result, many companies have placed an increasing focus on securing their external web applications from these vulnerabilities, providing another layer of security and further hardening their perimeter. Meanwhile, corporate intranet applications have often not received this kind of attention to security, so they may still be vulnerable. And hackers still have a way to reach them – through your employees, and the web browser – using a technique known as Cross-Site Request Forgery. This talk will provide a technical overview of Cross-Site Request Forgery (CSRF). We’ll discuss how and why CSRF works, and how hackers can leverage it to turn your employees into unwitting accomplices to attack your internal applications. We’ll also cover some protection strategies that can be used to help mitigate the threat.
OSSIM Open Source SIEM
Kyle Capatosto, Hurricane Labs
OSSIM is an open source SIEM, developed by Alienvault LLC. It is a heterogeneous mixture of over 200 different open source projects, featuring a strong correlation engine, incident management tools, customizable reporting, and various cross-platform agents all tied into a simple, easy to-use web interface. Today’s talk will be covering installation styles, best practices, OSSIM innerworkings, as well as tips and tricks to get the most out of your OSSIM deployment.
Chris is a Certified Information Systems Security Professional (CISSP) and holds a Masters Degree in Computer Science from Binghamton University, Binghamton, New York and a Bachelors Degree in Computer Science from University at Buffalo, Buffalo, New York.
Kyle Capatosto has been a network security engineer at Hurricane Labs for over 2 years, currently consulting fortune 500 companies on secure network design, intrusion prevention, incident response, and SIEM. Kyle has performed multiple implementations of OSSIM on complex networks providing clients valuable insight into the interworkings of their network, as well as helping them to implement a better incident response program.