Join us on April 16 @ 6 PM for Who's Security Meme is it Anyway?

Presented by Tim De Block

In the evolving landscape of cybersecurity, the power of humor has emerged as an unexpected tool in spreading awareness and fostering community engagement. The upcoming ColaSec meetup takes an innovative twist on traditional security discussions by spotlighting security-related memes.

This session, titled "Who's Meme is it Anyway?" aims to explore the complex world of cybersecurity through the lens of humor and creativity. Join us for an evening where we dissect the impact of memes in communicating critical security concepts, the balance between humor and information, and how these seemingly trivial pieces of internet culture can enhance our understanding of security threats, practices, and culture.

The meetup will feature a curated collection of popular security memes, followed by discussions on their underlying messages, effectiveness in awareness, and their role in the cybersecurity community.
Highlights of the Meetup:

• Meme Showcase: A presentation of selected security-related memes, ranging from the hilariously accurate to the thought-provokingly absurd.

• Discussion Panels: Engage with cybersecurity experts and meme creators in lively panels discussing the interplay between humor and security, meme-making as a form of cybersecurity education, and the potential of memes in shaping public perception of security threats.

Whether you're a seasoned security expert, a meme enthusiast, or simply curious about the intersection of cybersecurity and popular culture, this meetup offers a unique platform to explore the serious world of security in a light-hearted manner. Join us at the ColaSec meetup to delve into the amusing yet insightful world of security-related memes, and discover how humor can be a powerful ally in the ongoing battle for cybersecurity.

Join us on March 19, 2024 @ 6 PM for Narrative Defense: User Stories in InfoSec

Presented by David Burkett

One of the most significant challenges in cybersecurity today is its approach to problem-solving. Technical forums, such as various subreddits, Slack channels, and other social media platforms, are awash with queries like "Which should I choose, CrowdStrike or S1?", "Do I need a SIEM, an XDR provider, or both?", and "What's better, Splunk or LogRhythm?".

This method of seeking solutions is fundamentally flawed for identifying the best fit for an organization, as it overlooks the unique needs of each entity. It often results in allowing sales pitches to guide decisions, leading to the acquisition of the latest flashy tool rather than a solution that genuinely addresses the problem at hand.

In this presentation, we'll explore:

1. Problem Identification: Unpacking the real issue at hand, which is often not as straightforward or quantifiable as it might seem.

2. Crafting User Stories: A guide to developing user stories that capture the essence of the challenges faced.

3. Translating User Stories into Solutions: How to turn these narratives into actionable cybersecurity strategies.

4. Case Studies on Common Pitfalls: Real-world examples demonstrating why a comparative approach to selecting EDR vendors falls short and how it can lead to costly errors.

By the conclusion of this presentation, participants will be armed with a strategy that emphasizes the importance of understanding and tackling specific security challenges over succumbing to the latest trends. This approach not only fosters more effective cybersecurity tactics but also ensures that investments in security technology are both prudent and closely aligned with the organization's objectives.

When: Tuesday, November 21st at 6:30pm

Where: USC Technology Incubator and streaming online

Who: Dr. Jessica Butel

Synopsis: In May 2021, the United States government issued Executive Order (EO) 14028 for “Improving the Nation's Cybersecurity.” Several of the included initiatives are progressing but still face significant challenges that must be addressed prior to being mandated. On November 16, 2023, CISA released an updated draft Secure Software Development Attestation Common Form and opened the 30-day request for comment period. This attestation has grown from EO 14028 and lists the requirement for software producers to maintain Software Bills of Materials (SBOMs) for their code. Will this approach and these required artifacts really help to improve the nation’s cybersecurity? Or will meaningful improvements fall by the wayside as organizations settle for checking the cybersecurity boxes in their rush to meet fast approaching deadlines? Time may be the only way to tell as we work to navigate the “security road” towards “Emerald City” side-stepping attestation forms, SBOM formats, and federal guidance trying to get to a better security landscape for all. Let’s break down these components, see how these pieces fit together and make predictions for the future.

When: Tuesday, October 17th at 6:30pm

Where: USC Technology Incubator and streaming online

Who: spooky members!

What: Sharing Scary Information Security Stories

About: ‍Ever had a near miss with a cybersecurity incident that sent shivers down your spine? Or perhaps a project that just won't end, haunting your workdays? How about dealing with end-of-life software that refuses to rest in peace? We've all been there!This month, we're turning off the recording lights to create a safe space for you to share your scariest Information Security stories. Join us in person for an evening of spine-tingling tales, lessons learned, and maybe a few laughs.

No Recordings: To encourage open and candid sharing, we won't be recording this meetup. So, feel free to unmask your most terrifying experiences without fear of haunting the internet forever.This is your chance to connect with fellow InfoSec enthusiasts, share your hair-raising encounters, and maybe even pick up a few tricks to ward off future cyber ghouls. RSVP now and dare to share your scariest stories!

When: Tuesday, September 19th at 6:30pm

Where: USC Technology Incubator and streaming online

Who: David Burkett

About: Signalblur CTI, an esteemed consulting firm founded by the visionary David Burkett, collaboratively supports organizations in enhancing their security operations practices. Their tailored services range from cultivating robust threat hunting programs, honing detection engineering capabilities, to streamlining security through automation.

Synopsis: The Cyber Kill Chain, a critical framework in the realm of cyber threat intelligence, is often perceived as an academic concept rather than a practical tool. In this engaging presentation, we will dismantle this misconception by revealing the true potential of the Kill Chain and demonstrating how it can be effectively employed by SOC Managers, Detection Engineers, and Security Analysts alike.

We will begin by exploring the foundational aspects of the Cyber Kill Chain, addressing its inherent weaknesses, such as the naming of its phases. We will then debunk the myth that the Kill Chain is a linear sequence of seven phases, emphasizing its tactical circular nature. As we delve into each phase, we will outline how defenders can adopt a proactive mindset to overcome common misconceptions.

Following this, we will showcase the versatility of the Kill Chain by illustrating its applications across various security roles, drawing on firsthand experiences. We will first demonstrate how Security Analysts can utilize the Kill Chain to streamline their investigations and optimize their decision-making. Next, we will explore the benefits of incorporating the Kill Chain into the workflow of Detection Engineers, highlighting its practical advantages.

Finally, we will discuss the strategic value of the Cyber Kill Chain for SOC Managers, emphasizing its capacity to generate data-driven metrics that can bolster budget requests and facilitate informed decision-making. By the end of this dynamic presentation, attendees will be equipped with the knowledge and tools to transform the Cyber Kill Chain from an abstract concept into an actionable, invaluable resource.

Who: Ben Francis, President of the Columbia Linux Users Group

What: Super Containers: Unikernels in LightVMs

When: Tuesday, August 15th at 6:30pm

Where: USC Technology Incubator and streaming on YouTube

Synopsis: Containerized workloads have made application deployment so much easier, but what if I could show you a technology that:

• Is 1400 times more secure than a well-configured Docker container

• Boots 37 times faster than that Docker container

• Can run 10 times more microservices on the same physical hardware

• Can be managed by Kubernetes

Who: Tim De Block

What: ColaSec Jeopardy

When: Tuesday, July 18th at 6:30pm

Where: USC Technology Incubator and streaming on YouTube

Synopsis: Welcome to the thrilling world of InfoSec Jeopardy! Join us for an interactive and educational session designed to challenge your security knowledge and engage in a friendly competition.

The InfoSec Jeopardy session is a unique twist on traditional presentations, combining learning with an exciting game format. Participants will form teams and compete against each other by answering questions across different categories, such as Security Operations, Security Engineering, Governance Risk and Compliance, Security Best Practices, and Current Threats. The game's objective is to promote knowledge sharing, foster collaboration, and strengthen the overall security awareness of the participants.

Join us in person or heckle our teams online.

Game Structure:

Teams: Participants will be divided into teams to encouraging camaraderie and teamwork throughout the session.

Categories and Questions: The Jeopardy board will consist of various categories, each containing questions of different difficulty levels. The questions will cover a broad range of information security topics, catering to participants with varying levels of expertise.

Point System: Points will be awarded based on the difficulty level of the chosen question. The team that buzzes in first and provides the correct answer will earn the corresponding points.

Benefits:

Enhanced Learning: InfoSec Jeopardy provides an enjoyable and effective learning environment, allowing participants to expand their knowledge on crucial security concepts, technologies, and best practices.

Team Building: By forming teams, participants will collaborate, communicate, and pool their collective knowledge, fostering a sense of unity and teamwork among attendees.

Networking Opportunities: The game breaks the ice, encouraging participants to interact and connect with fellow security enthusiasts, fostering valuable professional relationships within the local security community.

Conclusion:
InfoSec Jeopardy offers an engaging and informative experience that goes beyond traditional presentations. By participating in this game, you will sharpen your security skills, expand your knowledge, and connect with like-minded professionals. Join us for an exhilarating session that combines education, fun, and friendly competition. Are you ready to put your InfoSec expertise to the test?

When: Tuesday, May 16th at 6:30pm

Where: USC Technology Incubator and live stream on Google Meet

Who: ColaSec Organizers

What: The Wonderful World of ChatGPT

• What is ChatGPT

• Signing up for ChatGPT

• The competition

• History of AI

• The future of AI

• Demo

When: Tuesday, April 18th at 6:30pm

Where: USC Technology Incubator and live stream on Google Meet

Who: Adam Twitty
Senior Application Security Engineer – Premise Health
Dada, Runner???, Sick on Lug Nut Day at Tire College
Amateur sawdust maker, Tabletop games, Stellaris, Factorio
15 years working in and around IT & Security

What: I gave a presentation on Threat Modeling last year which included some bad advice, clunky tools, and general uncertainty amplified by impostor syndrome. In the time it takes for a fast zombie outbreak to boil into a global apocalypse, I've found new tools and refined my process to turn crayon scribble into value for your App Sec program.
Strap into a clipshow device and get ready for recycled memes, thrilling data flow diagrams, and instructions on how you too can make spreadsheets at home!

Date: Tuesday, March 21st at 6:30pm at USC Technology Incubator

Presenter Name(s): Timothy De Block

Tell us about you or your group.: Timothy De Block is an Application Security Practice Lead for GuidePoint Security. He cut his teeth in IT as an Electronic Technician for the United States Navy and the State of South Carolina. He jumped to security in 2012 and has done a little of everything with a heavy lean towards application security. He reads because he has a strong passion to learn. One of his most recent reads was a Douglas Adams series that included The Hitchhiker’s Guide to the Galaxy (hence the title). He also enjoys Overwatch and forcing his kids on a 13 mile backpacking camping trip. Fin.

Presentation Synopsis: API security is so hot right now! Organizations don’t fully understand APIs, how to find them, and secure them. This can feel scary. Don’t Panic. Grab your towel and join me on a meme adventure to explore the API galaxy. We’ll cover the history of APIs. Why people now suddenly care about them and why they’re such a hot topic. We’ll go over some ways to identify APIs within an environment. We’ll cover how API security is different and how to start securing them. We’ll review the API security tooling landscape. Finally, we’ll review resources to get your towel wrapped around API security and answer the ultimate API questions.

Social Media Links: @TimothyDeBlock

Where: USC/Columbia Technology Incubator and streaming on YouTube

When: Tuesday, February 21st, 2023 at 6:30pm

Title: Stopping the Bleeding: 10 Steps to turn your SOC Around

Who: David Burkett
Lotus Notes administrator for a Fortune 50 organization

Synopsis: David has built multiple Security Operations Centers and has consulted for multiple large organization's on building out SOC processes and capabilities. This talk is designed for those that either may be currently in the process of building a SOC out or for someone that may have taken over a SOC recently and found that everything is on fire.

Where: USC/Columbia Technology Incubator and streaming on YouTube

When: January 17th, 2023 at 6:30pm

Title: Mobile Forensic Analysis: Manual vs Automated

Who: Sahil Dudani, PhD student, Virginia Tech

Synopsis: This presentation examines the effectiveness of automated techniques over manual forensic techniques to analyze data extracted from a mobile device. The paper begins by explaining the fundamentals of digital and mobile device forensics followed by outlining major challenges in the field and explaining the use of machine learning/data analytics algorithms in analyzing forensic extractions. With that understanding, the paper compares the precision of decision tree analysis with manual forensic analysis using self-created sample data. The analysis leads us to believe that automated analysis can solve various challenges faced by the mobile forensics industry with inputs from experienced examiners.

Presented by: David Burkett at ColaSec on Tuesday, November 15th, 2022

Slides: https://drive.google.com/file/d/1-yxAVG9KR33kJCXKoh0yqKyDJXJzJPx_/view?usp=share_link

Presenter: David Burkett

Date: November 15th, 2022 at 6:30pm

About: David has been a stellar ColaSEC member and presenter, leveling up a broad range of experience in a short time. Activities include: consulting for fortune 100 organizations and large federal agencies on building out their SOAR Playbooks and Automations, managing a Cogswell Award-winning SOC, and has currently working as a Cloud Detection Engineer for a Fortune 50 Company.

Synopsis: This presentation is to show that People and Processes, not Technology are what make a great SOC. Through this, we’ll go over example processes using entirely Open Source tools that will give you a better Security Monitoring program than everyone else!

Social Media: https://signalblur.io || https://infosec.exchange/@signalblur

Presenter: Jonathan Singer

About: Seasoned Infosec Professional, Passionate Community Advocate, Esteemed Public Speaker, DEF CON Security Goon, Epic Troll.

Date: October 18th at 6:30pm

Synopsis: Centralized Logging, SEIM, Big Data, and much more!

Social: https://twitter.com/jonathansinger
https://www.linkedin.com/in/thejonathansinger/

Presenter: Adam Twitty

Date: September 20th, 2022 at 6pm at the USC Technology Incubator

Presentation Synopsis: This presentation is the result of the last year of trial, error, and refinement in my ongoing Threat Modeling journey. I'll cover fundamental concepts, tools, useful techniques and perform a real time demo of a threat model on a fictional application that we'll design and dissect in real time. Through the simple power of asking questions and writing shit down, you too can build threat models for any system in your organization, and systemically analyze threats & mitigations.

About Adam: Though I'm currently employed by Premise Health, I've been a security nerd for over a decade now, and been moonlighting as a ColaSec organizer for most of that time. I am an eternal student of the Power Shell, wielder of the compliance spreadsheet, practitioner of the stupid question, and a mindless consumer of tacos.

Email: adam@colasec.org

Presenter: Jeff Lang

Date: August 16th, 2022 at 6pm at the USC Technology Incubator

Presentation Synopsis:: On July 2, 2021, Virginia Tech experienced a Ransomware incident that involved a Kesaya VSA systems management server used by departments on Campus. This presentation will discuss the methods used by the attackers, Virginia Tech's response, and lessons learned from the incident.