May 10, 2024
Navigating the Evolving Threats in Emails
Cybercriminals are using ChatGPT and similar AI technologies to automate phishing and ransomware attacks against Microsoft 365 with losses surpassing $43 billion1 globally. These alarming attack volumes necessitate a unique approach to protecting the inbox.
Check Point challenges businesses to get their email security in better health. We'll showcase where Microsoft 365 leaves you exposed and how Check Point catches 99.2% of phishing attacks.
Presentation by Christian Crawford Check Point
Registration: https://www.eventbrite.com/e/issa-kentuckiana-2024-may-tickets-811962189767?aff=oddtdtcreator
Registration is Required to attend!
Location:
12501 Lakefront Place Louisville, KY 40299
(Farm Credit Mid-America Building - Schoolhouse East (132); Schoolhouse West (130))
June 7, 2024
TBD
Presentation by TBD
Registration: TBD
Pre-registration is Required to attend!
Location:
12501 Lakefront Place Louisville, KY 40299
(Farm Credit Mid-America Building - Schoolhouse East (132); Schoolhouse West (130))
April 5, 2024
Layer 7 - Why WAFs and Gateways Won't Save You
Come learn more about API security and why updating your security protections is important in the next generation of application attacks
Presentation by Tyler Shields,Traceable Product VP
Registration: https://www.eventbrite.com/e/811960605027?aff=oddtdtcreator
Registration is Required to attend!
Location:
12501 Lakefront Place Louisville, KY 40299
(Farm Credit Mid-America Building - Schoolhouse East (132); Schoolhouse West (130))
March 1, 2024
Identity Security: Much more than just successfully completing a SOX audit
In the early 2000’s, organizations scrambled to deploy governance controls to pass their SOX audits.
In those early days, "automation" for Identity Governance meant sending spreadsheets via email, to review user access to financially significant systems.
Completing SOX audits remains a priority to this day.
However, at the C-level, organizations are prioritizing Identity Security. It’s viewed as not only a means to improve governance and perform SOX reviews, but also as a way to reduce risk, remove security blind-spots, gain business insight and increase operational efficiency for all types of workers.
SailPoint Technologies will share an update on the current state of Identity Security – the market trends, risks faced by organizations and ways through which technology, including Artificial Intelligence, can help organizations to deploy an effective, comprehensive and efficient Identity Security program which delivers value to the business
Presentation by Dave Smith
Sponsor: Sailpoint
Registration: https://www.eventbrite.com/e/811953012317?aff=oddtdtcreator
Registration is Required!
We will be giving away 2 $50 gift cards at the meeting!
Eligibility requirements:
- Attend the ISSA Kentuckiana chapter meeting in-person
- Be a member of the ISSA Kentuckiana chapter
Location:
12501 Lakefront Place Louisville, KY 40299
(Farm Credit Mid-America Building - Schoolhouse East (132); Schoolhouse West (130))
February 9, 2024
Cloud Security Capabilities
Cloud security solutions continue to emerge, evolve, and mature to where it may be unclear how they work together or differentiate form one another. Cloud Security acronyms such as Cloud Security Posture Management (CSPM), Cloud Workload Protection Platforms (CWPP), Cloud Infrastructure Entitlement Management (CIEM), and Cloud-Native Application Protection Platform (CNAPP) are being associated with many products and services making it difficult to understand which of these best meets your organizations needs. Please join us as we have an open discussion on cloud security capabilities:
· What are the main difference between CSPM, CWPP, CIEM, and CIEM?
· Where is there common functionality of these capabilities?
· What are some use cases for the various capabilities?
· Where are all these capabilities headed?
Presentation by Joe Buhr
Registration is Required!
Location:
12501 Lakefront Place Louisville, KY 40299
(Farm Credit Mid-America Building - Schoolhouse East (132); Schoolhouse West (130))
Registration ISSA Kentuckiana - February Meeting Registration
Training - Application Security Testing Workshop
Application Security Testing Workshop
The Kentucky ISSA Chapter in partnership with Ellipsis Information Security LLC is hosting an information security workshop. This day-long event covers the basics of testing web applications for security vulnerabilities plus DevSecOps and Automation. It includes methods to test for vulnerabilities plus guidance on remediating issues. This course will be taught by a globally recognized expert in application security with more than a decade of experience teaching all skill levels. Whether you are just beginning or advanced, there will be information for you. Seating is limited and the event is expected to sell out.
The class will contain interactive lectures, frequent demonstrations, and lots of lab time. Students will be provided with a customized virtual machine with the professional version of Mutillidae web security training environment pre-installed. The virtual machine is completely self-contained with all tools, files, targets, and labs set up in advance! The labs are guided, and the course includes a lab assistant to help. Join us to learn new skills, better understand web application security and hang out with others from the InfoSec community. Don't let the price fool you. The KY ISSA is offering this enterprise quality class at a deeply discounted rate.
Topics:
Tools, such as Burp-Suite, several vulnerability scanners, DevOps automation, and others used to test web application security
Impactful, risky web application vulnerabilities like Cross-site Scripting and SQL Injection
Labs using real, vulnerable web pages (no fake stuff here)
Practical skills
When:
Saturday, January 20th, 2024
8:30 AM - 4:30 PM
Where:
12501 Lakefront Place Louisville, KY 40299
(Farm Credit Mid-America Building - Schoolhouse East (132); Schoolhouse West (130))
Cost: $150
ISSA Kentuckiana Members Cost: $100 ($50 off w/ member discount code)
Costs are subsidized by the ISSA Kentuckiana Chapter to make high quality training available for everyone! One way we are able to do this is our sponsors.
Sponsor, Lunch, and Lunch Presentation provided by Stack Hawk!
Certified Security Penetration Tester & Cloud Security Architect
Google PCSE|OSCP|GPCS|GCLD|GXPN-GOLD|GPEN-GOLD|GWAPT-GOLD|GCIH-GOLD|GMOB|GSEC|GISF|Sec+
Jeremy is the Distinguished Cybersecurity Architect for the largest multi-national transportation logistics company in the world. Jeremy is also the owner of Ellipsis Information Security and teaches courses for Ellipsis and SANS Institute. As a Director of Education for the Kentucky ISSA chapter, Jeremy presents on application security, penetration testing and defense along with operating the "webpwnized" YouTube video channel. Additionally, Jeremy develops the open-source OWASP Mutillidae II training environment. Jeremy has a Bachelor of Science in Computer Science from Indiana University, a Graduate Certificate in Cybersecurity and Master of Computer Science and Engineering from the University of Louisville and is a GIAC-certified Web, API, Mobile and Network Security Penetration Tester, and Cloud Security Architect.
January 19, 2024
Shift Left - People, Process, and Technology
Presentation by Scott Gerlach CSO @ Stack Hawk
Registration is Required!
Location:
12501 Lakefront Place Louisville, KY 40299
(Farm Credit Mid-America Building - Schoolhouse East (132); Schoolhouse West (130))
Registration: ISSA Kentuckiana - Janurary Meeting Registration
Social Event - TopGolf - Sponsored by StackHawk!
StackHawk will be sponsoring a social event for ISSA Kentuckiana members on 1/18!
StackHawk is also sponsoring and speaking at our regular monthly meeting on 1/19, and sponsoring our Application Security Testing training on 1/20!
Registration details sent to registered attendees of Janurary meeting/training and to members
Holiday Dinner 2023
2023 Holiday Dinner - Members only social event.
Location: Captain’s Quarters
Dinner event for Members and a guest
Members will directly receive registration details.
December 1 2023
Intro to Flipper Zero
Presentation by Erich Jackson
Registration: ISSA Kentuckiana - December Meeting Registration
November 3 2023
Building Security Programs for the Common Folk
Brad Barrett - Optiv
Sponsored by Optiv
October 6 2023
AI & Security: The Good, The Bad, and The Hallucinatory
How AI can help and hurt secure software development
AI is advancing at a stunning rate, with new tools and use cases being discovered each week. Recent developments in LLM-based engines have turned skeptics into believers as AI’s abilities and outputs are tangible and can even seem magical. As with all technology, AI raises both opportunities and challenges for security and development teams looking to boost productivity while managing risk.
In this talk, Clinton Herget, Field CTO at Snyk, will highlight some of the potential and some of the potential pitfalls AI can bring to secure development, and provide guidance on how security teams can think about both within the context of their programs. It's not just about deploying AI for the sake of it; instead, we're dedicated to the strategic use of AI that meaningfully enhances our product offerings and empowers our users to secure their software effectively.
Cliton Herget, Field CTO, Snyk
Sponsored by Snyk
October 5 2023
Social Event - Top Golf
We’re gathering local leaders for an evening at Top Golf! Join Snyk, ISSA, and your peers for a fun night of golf games suitable for all skill levels.
Space is limited!
Users registered for the October meeting will receive info on this event
Hack Red Con - ISSA Kentuckiana Sponsoring
ISSA Kentuckiana is a proud sponsor of Hack Red Con 2023