Topic: If These Doors Could Talk

Description: An introduction to lock picking and physical security.

Presentation by: Brad Eadens

Sponsor: Trend Micro

Registration: https://www.eventbrite.com/e/issa-kentuckiana-2024-november-tickets-920818953277

Location

We would like to thank Farm Credit Mid-America for hosting our event!

12501 Lakefront Place Louisville, KY 40299

(Farm Credit Mid-America Building - Schoolhouse East (132); Schoolhouse West (130))

Time

The meeting will be from 11:30 AM - 1:00 PM Eastern. Lunch will be provided.

RSVP required!

Preregistration is required for building access!

CPE Credit

ISSA Kentuckiana members with Confirmed attendance of this event are eligible for 1 CPE credit

Louisville Metro InfoSec Conference 2024

More Details:

https://www.issa-kentuckiana.org/louisville-infosec-conference-1

Registration:

https://www.eventbrite.com/e/2024-louisville-metro-infosec-conference-tickets-928063401617?aff=oddtdtcreator

Topic: Rapid Risk Analysis utilizing LLM/AI

Description: Jeff will walk through practical applications for risk analysis utilitize LLM/AI tools. This will be a talk you can walk away from with another tool in your belt as a security practitioner.

Presentation by: Jeff Jareki - Cheif Information Security Officer - Volta

Sponsor: Volta

Registration: https://www.eventbrite.com/e/issa-kentuckiana-2024-september-tickets-839238323417?aff=oddtdtcreator

Location

We would like to thank Farm Credit Mid-America for hosting our event!

12501 Lakefront Place Louisville, KY 40299

(Farm Credit Mid-America Building - Schoolhouse East (132); Schoolhouse West (130))

Time

The meeting will be from 11:30 AM - 1:00 PM Eastern. Lunch will be provided.

RSVP required!

Preregistration is required for building access!

CPE Credits

ISSA Kentuckiana members with Confirmed attendance of this event are eligible for 1 CPE credit

ISSA Kentuckiana Members Social Event sponsored by Volta

Social Event at Blind Squirrel sponsored by Volta

We’re gathering local leaders for an evening at Blind Squirrel! Join Volta, ISSA Kentuckiana, and your peers for a fun night of cocktails and networking.

Members and Invite only

Registration Required

Blind Squirrel

Date: Thursday, September 5th

Time: 5:00-7:00pm

Location: Blind Squirrel | 592 N English Station Rd, Louisville, KY 40223

Digital Privacy Workshop

The Kentucky ISSA Chapter in partnership with Ellipsis Information Security LLC is hosting an information security workshop. This day-long event covers the basics of Digital Privacy. This course will be taught by a globally recognized expert in application security with more than a decade of experience teaching all skill levels. Whether you are just beginning or advanced, there will be information for you. Seating is limited and the event is expected to sell out.

The class will contain interactive lectures, frequent demonstrations, and opportunities for hands-on practice. Attendees should bring a laptop to participate. Several exercises will be provided. Don't let the price fool you. The KY ISSA is offering this enterprise quality class at a deeply discounted rate.

Topics

• VPNs

• Web Privacy

• Search Engines and Privacy

• Email Privacy

• Mobile Device Protection

• DNS Privacy

• Multifactor Authentication

• Email and Password Leaks

• Privacy and Generative AI

Meeting Date/Time:

8:00am - 5:00pm

Meeting Agenda:

8:00am – 11:30am | Training

11:30am - 1:00pm | Lunch and Sponsor Presentation by Palo Alto

The Modernized SOC: Enjoy lunch and enter to win a raffle while hearing how Palo Alto simplifies security operations and accelerates incident remediation with a platform built to stop the threats of today — and the threats of the future.

Ferdinand Soto - https://www.linkedin.com/in/ferdinandsoto/

1:00pm – 5:00pm | Training

Cost

Normally $500.00

Special ISSA Price $150.00

ISSA Kentuckiana Chapter Members $100! ($50 off w/ use of member discount code!)

Info on ISSA Kentuckiana Chapter membership benefits available here: https://www.issa-kentuckiana.org/membership

Costs are subsidized by the ISSA Kentuckiana Chapter to make high quality training available for everyone!

Registration - https://www.eventbrite.com/e/digital-privacy-workshop-tickets-937073882207?aff=oddtdtcreator

Location:

Farm Credit Mid-America Building

12501 Lakefront Pl, Jeffersontown, KY 40299

Trainer Info:

Jeremy Druin

Certified Security Penetration Tester & Cloud Security Architect

Google PCSE|OSCP|GPCS|GCLD|GXPN-GOLD|GPEN-GOLD|GWAPT-GOLD|GCIH-GOLD|GMOB|GSEC|GISF|Sec+

Jeremy is the Distinguished Cybersecurity Architect for the largest multi-national transportation logistics company in the world. Jeremy is also the owner of Ellipsis Information Security and teaches courses for Ellipsis and SANS Institute. As a Director of Education for the Kentucky ISSA chapter, Jeremy presents on application security, penetration testing and defense along with operating the "webpwnized" YouTube video channel. Additionally, Jeremy develops the open-source OWASP Mutillidae II training environment. Jeremy has a Bachelor of Science in Computer Science from Indiana University, a Graduate Certificate in Cybersecurity and Master of Computer Science and Engineering from the University of Louisville and is a GIAC-certified Web, API, Mobile and Network Security Penetration Tester, and Cloud Security Architect.

Topic: What is SASE, why do we need it, and how does it work?

Description: Review best practices and benefits of having a comprehensive strategy related to hybrid workforces, connecting & securing branch/retail locations, and supporting cloud and digital initiatives.

Speaker: Barry Mersmann - https://www.linkedin.com/in/barry-mersmann-5a404117/details/experience/

Sponsored by Palo Alto

Registration: https://www.eventbrite.com/e/issa-kentuckiana-2024-august-tickets-816008442217?aff=oddtdtcreator

Moving Toward a Zero Trust Mindset

Traditional security strategies are no longer adequate to safeguard organizations from today’s complex and changing cyber threats. In a world where attacks may emerge from both internal and external sources, the perimeter-based security approach is no longer viable. A Zero Trust approach is ideal for organizations because it can significantly aid in fostering a security-first culture by increasing productivity, transparency and data authenticity.

Presentation by Jeremy Kissell / Cloudflare

Registration: https://www.eventbrite.com/e/issa-kentuckiana-2024-june-tickets-816005132317

Registration is Required to attend!

Location:

12501 Lakefront Place Louisville, KY 40299

(Farm Credit Mid-America Building - Schoolhouse East (132); Schoolhouse West (130))

Navigating the Evolving Threats in Emails

Cybercriminals are using ChatGPT and similar AI technologies to automate phishing and ransomware attacks against Microsoft 365 with losses surpassing $43 billion1 globally. These alarming attack volumes necessitate a unique approach to protecting the inbox.

Check Point challenges businesses to get their email security in better health. We'll showcase where Microsoft 365 leaves you exposed and how Check Point catches 99.2% of phishing attacks.

Presentation by Christian Crawford Check Point

Registration: https://www.eventbrite.com/e/issa-kentuckiana-2024-may-tickets-811962189767?aff=oddtdtcreator

Registration is Required to attend!

Location:

12501 Lakefront Place Louisville, KY 40299

(Farm Credit Mid-America Building - Schoolhouse East (132); Schoolhouse West (130))

Layer 7 - Why WAFs and Gateways Won't Save You
Come learn more about API security and why updating your security protections is important in the next generation of application attacks

Presentation by Tyler Shields,Traceable Product VP

Registration: https://www.eventbrite.com/e/811960605027?aff=oddtdtcreator

Registration is Required to attend!

Location:

12501 Lakefront Place Louisville, KY 40299

(Farm Credit Mid-America Building - Schoolhouse East (132); Schoolhouse West (130))

Identity Security: Much more than just successfully completing a SOX audit

In the early 2000’s, organizations scrambled to deploy governance controls to pass their SOX audits.

In those early days, "automation" for Identity Governance meant sending spreadsheets via email, to review user access to financially significant systems.

Completing SOX audits remains a priority to this day.

However, at the C-level, organizations are prioritizing Identity Security. It’s viewed as not only a means to improve governance and perform SOX reviews, but also as a way to reduce risk, remove security blind-spots, gain business insight and increase operational efficiency for all types of workers.

SailPoint Technologies will share an update on the current state of Identity Security – the market trends, risks faced by organizations and ways through which technology, including Artificial Intelligence, can help organizations to deploy an effective, comprehensive and efficient Identity Security program which delivers value to the business

Presentation by Dave Smith

Sponsor: Sailpoint

Registration: https://www.eventbrite.com/e/811953012317?aff=oddtdtcreator

Registration is Required!

We will be giving away 2 $50 gift cards at the meeting!

Eligibility requirements:

- Attend the ISSA Kentuckiana chapter meeting in-person

- Be a member of the ISSA Kentuckiana chapter

Location:

12501 Lakefront Place Louisville, KY 40299

(Farm Credit Mid-America Building - Schoolhouse East (132); Schoolhouse West (130))

Cloud Security Capabilities

Cloud security solutions continue to emerge, evolve, and mature to where it may be unclear how they work together or differentiate form one another. Cloud Security acronyms such as Cloud Security Posture Management (CSPM), Cloud Workload Protection Platforms (CWPP), Cloud Infrastructure Entitlement Management (CIEM), and Cloud-Native Application Protection Platform (CNAPP) are being associated with many products and services making it difficult to understand which of these best meets your organizations needs. Please join us as we have an open discussion on cloud security capabilities:

· What are the main difference between CSPM, CWPP, CIEM, and CIEM?

· Where is there common functionality of these capabilities?

· What are some use cases for the various capabilities?

· Where are all these capabilities headed?

Presentation by Joe Buhr

Registration is Required!

Location:

12501 Lakefront Place Louisville, KY 40299

(Farm Credit Mid-America Building - Schoolhouse East (132); Schoolhouse West (130))

Registration ISSA Kentuckiana - February Meeting Registration

Application Security Testing Workshop

The Kentucky ISSA Chapter in partnership with Ellipsis Information Security LLC is hosting an information security workshop. This day-long event covers the basics of testing web applications for security vulnerabilities plus DevSecOps and Automation. It includes methods to test for vulnerabilities plus guidance on remediating issues. This course will be taught by a globally recognized expert in application security with more than a decade of experience teaching all skill levels. Whether you are just beginning or advanced, there will be information for you. Seating is limited and the event is expected to sell out.

The class will contain interactive lectures, frequent demonstrations, and lots of lab time. Students will be provided with a customized virtual machine with the professional version of Mutillidae web security training environment pre-installed. The virtual machine is completely self-contained with all tools, files, targets, and labs set up in advance! The labs are guided, and the course includes a lab assistant to help. Join us to learn new skills, better understand web application security and hang out with others from the InfoSec community. Don't let the price fool you. The KY ISSA is offering this enterprise quality class at a deeply discounted rate.

Topics:

• Tools, such as Burp-Suite, several vulnerability scanners, DevOps automation, and others used to test web application security

• Impactful, risky web application vulnerabilities like Cross-site Scripting and SQL Injection

• Labs using real, vulnerable web pages (no fake stuff here)

• Practical skills

When:

Saturday, January 20th, 2024

8:30 AM - 4:30 PM

Where:

12501 Lakefront Place Louisville, KY 40299

(Farm Credit Mid-America Building - Schoolhouse East (132); Schoolhouse West (130))

Cost: $150

ISSA Kentuckiana Members Cost: $100 ($50 off w/ member discount code)

Costs are subsidized by the ISSA Kentuckiana Chapter to make high quality training available for everyone! One way we are able to do this is our sponsors.

Sponsor, Lunch, and Lunch Presentation provided by Stack Hawk!

Registration: Application Security Testing Workshop Registration

Who:

Jeremy Druin

Certified Security Penetration Tester & Cloud Security Architect

Google PCSE|OSCP|GPCS|GCLD|GXPN-GOLD|GPEN-GOLD|GWAPT-GOLD|GCIH-GOLD|GMOB|GSEC|GISF|Sec+

Jeremy is the Distinguished Cybersecurity Architect for the largest multi-national transportation logistics company in the world. Jeremy is also the owner of Ellipsis Information Security and teaches courses for Ellipsis and SANS Institute. As a Director of Education for the Kentucky ISSA chapter, Jeremy presents on application security, penetration testing and defense along with operating the "webpwnized" YouTube video channel. Additionally, Jeremy develops the open-source OWASP Mutillidae II training environment. Jeremy has a Bachelor of Science in Computer Science from Indiana University, a Graduate Certificate in Cybersecurity and Master of Computer Science and Engineering from the University of Louisville and is a GIAC-certified Web, API, Mobile and Network Security Penetration Tester, and Cloud Security Architect.

Shift Left - People, Process, and Technology

Presentation by Scott Gerlach CSO @ Stack Hawk

Registration is Required!

Location:

12501 Lakefront Place Louisville, KY 40299

(Farm Credit Mid-America Building - Schoolhouse East (132); Schoolhouse West (130))

Registration: ISSA Kentuckiana - Janurary Meeting Registration

StackHawk will be sponsoring a social event for ISSA Kentuckiana members on 1/18!

StackHawk is also sponsoring and speaking at our regular monthly meeting on 1/19, and sponsoring our Application Security Testing training on 1/20!

Registration details sent to registered attendees of Janurary meeting/training and to members

2023 Holiday Dinner - Members only social event.

Location: Captain’s Quarters

Dinner event for Members and a guest

Members will directly receive registration details.

Intro to Flipper Zero

Presentation by Erich Jackson

Registration: ISSA Kentuckiana - December Meeting Registration

Building Security Programs for the Common Folk

Brad Barrett - Optiv

Sponsored by Optiv

ISSA Kentuckiana - November Meeting Registration

AI & Security: The Good, The Bad, and The Hallucinatory 

How AI can help and hurt secure software development

AI is advancing at a stunning rate, with new tools and use cases being discovered each week. Recent developments in LLM-based engines have turned skeptics into believers as AI’s abilities and outputs are tangible and can even seem magical. As with all technology, AI raises both opportunities and challenges for security and development teams looking to boost productivity while managing risk.

In this talk, Clinton Herget, Field CTO at Snyk, will highlight some of the potential and some of the potential pitfalls AI can bring to secure development, and provide guidance on how security teams can think about both within the context of their programs. It's not just about deploying AI for the sake of it; instead, we're dedicated to the strategic use of AI that meaningfully enhances our product offerings and empowers our users to secure their software effectively.

Cliton Herget, Field CTO, Snyk

Sponsored by Snyk

ISSA Kentuckiana - October Meeting Registration

Social Event - Top Golf

We’re gathering local leaders for an evening at Top Golf! Join Snyk, ISSA, and your peers for a fun night of golf games suitable for all skill levels.

Space is limited!

Users registered for the October meeting will receive info on this event