We are teaming up with Palmetto Cyber Pros in Columbia to have a joint happy hour event!

Where: Steel Hands Brewery, 2350 Foreman St, Cayce, SC

When: Wednesday, July 13th from 5:30-8:30pm

What: free food and drinks!

Date: June 21st, 6:30pm at USC Technology Incubator and YouTube live.

Presenter: Garrett Poorbaugh

About: My name is Garrett Poorbaugh. I am a "fresh" contender in the cybersecurity space, however, I have seen this to be advantageous at times since I challenge many of the "already established" practices we have in cybersecurity! I work as the Principal Architect at Sittadel, and author articles on my new website Security-Connections to help raise the bar of understanding for more complex cybersecurity concepts. Outside of work, I like to break and fix all sorts of things (Actually, sounds like work and hobby aren't too different......) such as electric bikes, electric skateboards, cars, and more. If it's expensive to break and time-consuming to fix, I am all in on that.

Synopsis: In my presentation on Zero Trust, we will focus on breaking down what Zero Trust actually is. Outside of tool resellers using it as a buzzword, we will dive in to understand what it is at a fundamental level. By the end, you should be able to distinguish what really is "Zero Trust" for yourself and identify it in places you may not have originally expected.

Presented at ColaSEC on May 17th, 2022 by Gustavo Coronel

View a PDF of the presentation:

Presenter: Gustavo Coronel

When: Tuesday, May 17 at the USC Incubator.

About: Check Point Software Technologies Ltd. (www.checkpoint.com) is a leading provider of cyber security solutions to governments and corporate enterprises globally. Its solutions protect customers from 5th generation cyber-attacks with an industry leading catch rate of malware, ransomware and other types of attacks. Check Point offers multilevel security architecture, “Infinity” Total Protection with Gen V advanced threat prevention, which defends enterprises’ cloud, network and mobile device held information. Check Point provides the most comprehensive and intuitive one point of control security management system. Check Point protects over 100,000 organizations of all sizes.

Synopsis: My grandmother used to say, "Mussolini may have been a dictator, but he made the trains run on time". That was my grandmother, she baked some delicious cookies, but she was a bit of a fascist.
Democracies grow stronger with free exchange of information, but they make poor role models for network security. Networks in general are most secure when we apply authoritarian/autocratic models.
Secure networks crave draconian enforcement, extensive surveillance, active censorship, and bare bones privacy.
This presentation will show how we can map dictatorship style controls to public cloud deployments in order to eliminate troublemakers.
Like Col. Nathan Jessep said in a Few Good Men "You want me on that wall... You need me on that wall".
We will all sleep better at night with Nathan Jessep keeping an eye on our cloud deployments.

Presenter: Timothy De Block

When: Tuesday, April 19th 2022 at 6:30

Synopsis: The Russia and Ukraine conflict is a very interesting war because of the advancement of technology. Social media and other technologies are making a huge impact. Misinformation and propaganda are playing a huge part in this war. Intelligence sharing from the US and other countries is also playing a part and may have some interesting ramifications. Ransomware groups are joining the war in an effort to disrupt infrastructure for ground troops. This presentation will cover all these topics and more.

Social Media: 

https://twitter.com/TimothyDeBlock 

https://www.linkedin.com/in/timothy-de-block-60a4a937/

Presented by Corey Grant at ColaSEC on March 15th, 2022.

This presentation is my journey and recommendations for getting into cybersecurity. While my journey was a more "traditional" one we will discuss the pros/cons of other paths into the field. I'll also provide my recommendations on what training and certifications are best. There are many ways to get into cybersecurity so there isn't a "one size fits all" approach. I have been a cybersecurity professional for about 6 years. I love the challenge that comes with the day to day. The added challenge of making a solution work securely is adds the extra zing that I was looking for over traditional IT work.

Presenter: Corey Grant

When: Tuesday, March 15 at the USC Incubator.

About: I have been a cybersecurity professional for about 6 years. I love the challenge that comes with the day to day. The added challenge of making a solution work securely is adds the extra zing that I was looking for over traditional IT work.

Synopsis: My Journey and Recommendations.

This presentation is my journey and recommendations for getting into cybersecurity. While my journey was a more "traditional" one we will discuss the pros/cons of other paths into the field. I'll also provide my recommendations on what training and certifications are best. There are many ways to get into cybersecurity so there isn't a "one size fits all" approach.

Presented at ColaSEC on Feb 15th 2022 by Mackenize Morris

Presentation Synopsis: Risk Management is one of the most difficult aspects of industrial cyber security. The variables that contribute to calculating risk can be hard to quantify and fully understand. The Crown Jewel Analysis (CJA) is a tool for key stakeholders to assess their organization’s environment from an interdependency and impact perspective; however, it can be extended to include threat mapping in order to build a threat profile for the organization. Following the CJA and understanding each tranche and associated attributes from an adversary point of view is necessary for prioritizing and aligning required resources to prevent and mitigate potential attacks. To enable critical infrastructure defenders, there must be a framework in place for the ingestion of threat intelligence and corresponding critical functions/components of the organization. This mapping enables organizations to improve their security programs.

Date: Tuesday, February 15th at 6:30pm

Presenter: Mackenize Morris

About: Mackenize Morris is a Senior Industrial Consultant at the industrial cybersecurity company Dragos, Inc. where he assists the professional services teams in conducting network and vulnerability assessments.

Prior to joining Dragos, Mackenize worked as a process controls engineer and system architect for a DOE contractor. In addition to his responsibilities he became the system administrator of the DCS system until fully switching over to an ICS cybersecurity position within the DOE complex.

Mackenize received his B.S. in Chemical Engineering and MBA from the University of South Carolina and is currently working on a Masters in Information Security Engineering from the SANS Technology Institute. He currently holds the following certifications: GCPM, GCIP, GSEC, GDSA, GREM, GCCC, GRID, GCIA, GISCP, GPEN, GMON, GCIH, and CISSP.

Mackenize lives in Aiken, South Carolina down the street from his brother’s horse farm where he keeps his horse, Riley. Besides riding horses, Mackenize fences as part of the Augusta Fencers Club and coaches the University of South Carolina Aiken’s League of Legends and Overwatch teams. Mackenize’s name is pronounced like Mackenzie; the IZE spelling was a result of a spelling error on his birth certificate.

Presentation Synopsis: Risk Management is one of the most difficult aspects of industrial cyber security. The variables that contribute to calculating risk can be hard to quantify and fully understand. The Crown Jewel Analysis (CJA) is a tool for key stakeholders to assess their organization’s environment from an interdependency and impact perspective; however, it can be extended to include threat mapping in order to build a threat profile for the organization. Following the CJA and understanding each tranche and associated attributes from an adversary point of view is necessary for prioritizing and aligning required resources to prevent and mitigate potential attacks. To enable critical infrastructure defenders, there must be a framework in place for the ingestion of threat intelligence and corresponding critical functions/components of the organization. This mapping enables organizations to improve their security programs.

Social Media Links: https://www.linkedin.com/in/mackenizemorris/
https://twitter.com/zeroaltruism

Presented at ColaSEC on January 2022 with Eric Anderson

Tips and ideas to help deal with internal cybersecurity barriers and pushback. We'll discuss where some of those barriers come from, and how to effectively deal with them to move initiatives forward.

We’ve gotten through another year, and are ready for another party!

If you are willing to brave it, please bring yourself and a friend/partner to Bar None!

Where: Bar None, 620 Harden St., Columbia, SC 29205

When: Tuesday, December 21st, 6pm

What: Smoked wings and beer!

Presenter: Sahil Dudani

About: Ph.D. Candidate, IT Security Office and Lab, Virginia Tech.

Title: The Current State For Cryptocurrency Forensics

Synopsis: This talk will examine the current state of cryptocurrency forensics focusing on digital forensics investigation supporting law enforcement activities. The talk will begin with a brief overview of cryptocurrency and blockchain technologies. With that understanding, we explore criminal and malicious activities enabled by this technology which drives the need for cryptocurrency forensics. Followed by this, the presentation will explore current cryptocurrency forensics techniques and challenges pertaining to digital forensics. Current research and practicing investigators indicate that cryptocurrency forensics seems to be lagging and needs improved inter-agency coordination along with forensic techniques to counter the existing and emerging threats.

Presenter: Brandon Poole

Title: Cyber Doomsday Prepping: How to Prepare and Survive an Incident Response Engagement

Synopsis: In recent years, the media has flooded us with stories of ransomware, DDoS, and other cyber attacks in large and small organizations. Experts agree it's not a matter of if you have an incident. The question is, are you and your organization prepared?

This talk will cover what you and your organization can do to prep for an incident, including the Doomsday ones such as ransomware, DDoS, and exfiltration of highly sensitive data. Participants should leave with a game plan on what they and their organizations need to do not just to survive their next incident but thrive in a post-incident world.

Sponsored by:

How do your developers respond to you when security issues are brought to them? Mine often drop what they're doing to get them resolved. Often I'm having to reign them in and make them follow our current process. This isn't because I'm using role power or they see me as a technical expert. This is because I've built a strong relationship with the developers using the same social engineering techniques you'd use to break into a building. The techniques include authenticity, reciprocity, empathy, what we wear, and how we communicate. I will share the program that I've built and how I went about it using social engineering. I'll also provide activities that get developers thinking about security while they're writing code. This talk will help you improve your interactions with developers and help your company become more secure.

timothy.deblock@gmail.com @TimothyDeBlock

Presented at ColaSEC on May 18th, 2021 by David Burkett

David is the Security Operations Center (SOC) Manager for the company Corvid Cyberdefense, an MSSP based out of Mooresville NC. David has a background in building SOCs, performing technical assessments as a consultant for other SOCs, and working as a SOAR Architect helping over 3 dozen fortune 500 and major Federal Government agencies create playbooks and automate manual security tasks.

Does your SOC rely on dashboards, low-fidelity OOTB detection logic, and 3rd party threat intel feeds to detect and alert on activity? If so you are not alone. Through my background of working with various Security Operations Centers, the differences I've seen the large and more tech forward companies doing compared to your more average company are staggering. This isn't due to large budgets and being able to buy the most expensive equipment.

Unfortunately for us as defenders, there isn't a lot of great information out there on what these sort of organizations are doing from a process and procedures perspective as blue teams are commonly hesitant to share what they are doing, and a lot of the "Guide to Building a SOC!" blogs on the internet are written by consultants who have never worked in a SOC.

In this talk, my aim is to bring to light, what a modern security program looks like and ways to help you get there using free and open source tools.

Social Media Links: @signalblur / https://www.linkedin.com/in/david-burkett / https://github.com/david-burkett

Presented at ColaSEC on August 17th, 2021 by Timothy De Block

Presentation Synopsis: The Colonial Pipeline hack has brought ransomware into the limelight for the general population. In this presentation we'll go over the anatomy of a ransomware attack. Why it's so effective and prevalent. How do attackers get in to install the ransomware, and what we can do to avoid a ransomware attack.

Social Media Links: @TimothyDeBlock

Presented at ColaSEC on April 20th, 2021 by Timothy De Block

Presentation Synopsis: The first big hack of 2021 has already occurred and it's not over yet. At the end of 2020 new vulnerabilities were discovered that have impacted tens of thousands of organizations worldwide. In this edition of the lunch and learn we'll walk through what the vulnerabilities are, the timeline of reporting, and eventual exploitation. We'll unravel all the different players involved and what could be coming in the future.

Social Media Links: https://twitter.com/TimothyDeBlock

Presentation Date: August 17th, 2021 at 6:30pm

Presenter Name(s): Timothy De Block and Jeff Lang

Tell us about you or your group: ColaSec is the shiznit

What is the title of your presentation? Breaking down ransomware

Presentation Synopsis: The Colonial Pipeline hack has brought ransomware into the limelight for the general population. In this presentation we'll go over the anatomy of a ransomware attack. Why it's so effective and prevalent. How do attackers get in to install the ransomware, and what we can do to avoid a ransomware attack.

Which month would you like to present? August

Social Media Links: @TimothyDeBlock

Presentation Synopsis:: This is a panel that includes several of our ColaSec organizers and a former recruiter talking about hiring and interviewing. We'll talk about relationships and networking. We'll demo some resumes and review them. We'll also talk about interviewing do's and don'ts. Finally we'll get into some resources for resumes and interview.

Social Media Links: @Cola_Sec

Presented at ColaSEC on Tuesday, March 16th, 2021 at 6:30pm by Amanda Berlin. Presentation Synopsis: Why mental health is important in the workplace, what we can do to help fix it, and what MHH is and what we've accomplished. Social Media Links: @infosystir, @hackershealth (www.mentalhealthhackers.org), @blumirasec (www.blumira.com)