CiNPA / CiNPA Security SIG History
•Download as ODP, PDF•
0 likes•131 views
This presentation covers the history of one of Cincinnati's longest running technology meetup groups. The Cincinnati Networking Professionals Association (CiNPA) has roots going back to the heyday of Novell Netware and is still running strong today. This is a retrospective look back at the origins of CiNPA and the CiNPA Security Special Interest Group (CiNPA Security SIG). This slide deck also touches on the first CiNPA Hacker's Night meetings and concludes with places where the CiNPA Security SIG has met and presented to date.
Report
Share
Report
Share
Recommended
7.токиоMartin tom petersen
Martin Tom-Petersen is a specialized consultancy focused on smart cities that has published several reports on cybersecurity issues facing smart cities. The presentation discusses the major cyber threat landscape facing smart cities, including malware, DDoS attacks, and data breaches. It notes that securing smart cities is challenging due to limited funding, manpower, and political and technical competency issues. The presentation argues that securing smart cities requires a multifaceted approach including legal frameworks, governance, and technology testing, as well as shifting responsibility and data sharing. It questions whether current standards are sufficient given the evolving nature of cyber threats.
ION Durban - MANRS Introduction
This document discusses the Mutually Agreed Norms for Routing Security (MANRS) initiative, which aims to improve routing security and resilience on the global internet. The document outlines key issues with the current routing system like route leaks and prefix hijacking. It then describes the four concrete actions that MANRS defines for network operators to implement, including filtering, anti-spoofing, coordination, and validation. The document notes that while MANRS participation has grown, overall deployment remains low, especially in Africa. It discusses strategies for bridging this gap, like developing better guidance, training programs, and bringing new types of members on board.
Athens IoT meetup and TTN-Athens at AIOTI Open Day
This document summarizes the history and future of the Internet of Things (IoT) community. It discusses several historical IoT milestones from the 1990s to present like GNU/Linux, Arduino, and Raspberry Pi. It also notes that by 2018, nearly 50% of IoT solutions will come from startups less than 3 years old. The document then describes the Athens IoT Meetup group, which it founded in 2015, and discusses some of the IoT technologies and local startups/projects that have been featured at its events. Finally, it introduces TheThingsNetwork - Athens, a decentralized open IoT network run by its users.
Michael Yakushev - ICANN accountability and IANA transition - ArmIGF2015
ICANN is a nonprofit organization dedicated to ensuring a secure and stable internet. It uses a multistakeholder model where internet stakeholders from around the world work together through consensus to make policy decisions. ICANN helps define how the domain name system functions by contracting with domain name registries and registrars.
African Union Ministerial 2015: Update on Internet Governance
The document discusses several upcoming events that could shape the future of internet governance in 2015. It summarizes the key topics as:
1) The WSIS+10 Review in December 2015 where governments will set the agenda for internet governance beyond 2015 on issues like development, security, and the role of the multistakeholder approach.
2) The IGF meeting in November 2015 in Brazil and the renewal of the IGF's five-year mandate which will be discussed as part of the WSIS Review.
3) The IANA stewardship transition which aims to transition U.S. government oversight of domain names and addresses to a global multistakeholder model by September 2016. There is ongoing discussion on
Affordable housing: Y-Foundation, Finland
Y-Foundation is a non-profit social housing provider in Finland that owns over 16,000 affordable rental apartments. It was founded in 1985 by several large cities and organizations to provide affordable housing options. Y-Foundation operates apartments in scattered housing, real estate properties, and supported housing units. It also operates over 10,000 state-subsidized rental apartments under the brand M2 Homes. M2 Homes aims to provide tenants with generous living spaces near services at affordable rents. Y-Foundation works to make housing affordable from both the tenant and landlord perspective by keeping rents low while controlling costs through things like land acquisition and construction materials.
Cybersecurity nexus vision
ISACA's Cybersecurity Nexus (CSX) is a global association serving over 140,000 cybersecurity professionals. It was launched in 2014 to address the growing cybersecurity skills crisis and develop a skilled cyber workforce. CSX provides skills-based training, performance-based certifications, and career resources for cybersecurity practitioners, specialists, and experts at various levels of experience. It offers credentials like the CISA, CISM, CGEIT and CRISC certifications to validate skills in areas like incident response, risk management, and IT governance.
Cybersecurity governance existing frameworks (nov 2015)
Marc Vael is an expert in information security management, business continuity/disaster recovery, privacy & data protection, enterprise & IT risk management, IT audit & assurance, and cloud computing. He has extensive experience as Chief Audit Executive, board member of several organizations, and lecturer. As a visiting lecturer for ITME, Marc aims to share practical insights from his experiences to provide perspectives on problems and solutions in domains where he has expertise. He presents different lectures each time to incorporate new insights from the evolving fields of IT and the world.
Recommended
7.токиоMartin tom petersen
Martin Tom-Petersen is a specialized consultancy focused on smart cities that has published several reports on cybersecurity issues facing smart cities. The presentation discusses the major cyber threat landscape facing smart cities, including malware, DDoS attacks, and data breaches. It notes that securing smart cities is challenging due to limited funding, manpower, and political and technical competency issues. The presentation argues that securing smart cities requires a multifaceted approach including legal frameworks, governance, and technology testing, as well as shifting responsibility and data sharing. It questions whether current standards are sufficient given the evolving nature of cyber threats.
ION Durban - MANRS Introduction
This document discusses the Mutually Agreed Norms for Routing Security (MANRS) initiative, which aims to improve routing security and resilience on the global internet. The document outlines key issues with the current routing system like route leaks and prefix hijacking. It then describes the four concrete actions that MANRS defines for network operators to implement, including filtering, anti-spoofing, coordination, and validation. The document notes that while MANRS participation has grown, overall deployment remains low, especially in Africa. It discusses strategies for bridging this gap, like developing better guidance, training programs, and bringing new types of members on board.
Athens IoT meetup and TTN-Athens at AIOTI Open Day
This document summarizes the history and future of the Internet of Things (IoT) community. It discusses several historical IoT milestones from the 1990s to present like GNU/Linux, Arduino, and Raspberry Pi. It also notes that by 2018, nearly 50% of IoT solutions will come from startups less than 3 years old. The document then describes the Athens IoT Meetup group, which it founded in 2015, and discusses some of the IoT technologies and local startups/projects that have been featured at its events. Finally, it introduces TheThingsNetwork - Athens, a decentralized open IoT network run by its users.
Michael Yakushev - ICANN accountability and IANA transition - ArmIGF2015
ICANN is a nonprofit organization dedicated to ensuring a secure and stable internet. It uses a multistakeholder model where internet stakeholders from around the world work together through consensus to make policy decisions. ICANN helps define how the domain name system functions by contracting with domain name registries and registrars.
African Union Ministerial 2015: Update on Internet Governance
The document discusses several upcoming events that could shape the future of internet governance in 2015. It summarizes the key topics as:
1) The WSIS+10 Review in December 2015 where governments will set the agenda for internet governance beyond 2015 on issues like development, security, and the role of the multistakeholder approach.
2) The IGF meeting in November 2015 in Brazil and the renewal of the IGF's five-year mandate which will be discussed as part of the WSIS Review.
3) The IANA stewardship transition which aims to transition U.S. government oversight of domain names and addresses to a global multistakeholder model by September 2016. There is ongoing discussion on
Affordable housing: Y-Foundation, Finland
Y-Foundation is a non-profit social housing provider in Finland that owns over 16,000 affordable rental apartments. It was founded in 1985 by several large cities and organizations to provide affordable housing options. Y-Foundation operates apartments in scattered housing, real estate properties, and supported housing units. It also operates over 10,000 state-subsidized rental apartments under the brand M2 Homes. M2 Homes aims to provide tenants with generous living spaces near services at affordable rents. Y-Foundation works to make housing affordable from both the tenant and landlord perspective by keeping rents low while controlling costs through things like land acquisition and construction materials.
Cybersecurity nexus vision
ISACA's Cybersecurity Nexus (CSX) is a global association serving over 140,000 cybersecurity professionals. It was launched in 2014 to address the growing cybersecurity skills crisis and develop a skilled cyber workforce. CSX provides skills-based training, performance-based certifications, and career resources for cybersecurity practitioners, specialists, and experts at various levels of experience. It offers credentials like the CISA, CISM, CGEIT and CRISC certifications to validate skills in areas like incident response, risk management, and IT governance.
Cybersecurity governance existing frameworks (nov 2015)
Marc Vael is an expert in information security management, business continuity/disaster recovery, privacy & data protection, enterprise & IT risk management, IT audit & assurance, and cloud computing. He has extensive experience as Chief Audit Executive, board member of several organizations, and lecturer. As a visiting lecturer for ITME, Marc aims to share practical insights from his experiences to provide perspectives on problems and solutions in domains where he has expertise. He presents different lectures each time to incorporate new insights from the evolving fields of IT and the world.
CNCERT Conference 2017: Capacity development in the Asia Pacific
APNIC Security Specialist Adli Wahid presented on APNIC's security outreach and capacity development activities at the CNCERT Conference 2017 in Qingdao, China from 22 to 24 May 2017.
GIP-November-2016-briefing-final.ppt, Internet governance
This document summarizes internet governance events that took place in November 2016. The top 5 trends discussed were: 1) The role of internet platforms in the US elections and regulating misinformation. 2) Increased focus on data localization policies. 3) Efforts to improve security of internet-connected devices. 4) Debate around the practice of zero-rating internet access. 5) The second session of the UN Group of Governmental Experts on cybersecurity that took place at the end of November. Main upcoming events highlighted include the 11th Internet Governance Forum in December.
Enhancing security incident response capabilities in the AP
APNIC Security Specialist Adli Wahid highlights APNIC’s contribution to improving incident response capabilities in the region through training and capacity development, engagement with LEAs and CERTs, and collaboration with partners such as APCERT.
BoF Intro and Product Update
APNIC is gathering data and input from its community to develop new products and services. It conducted surveys in 2016 and 2018 that found interest in trend and benchmarking information about network security threats, infrastructure and usage. APNIC is leveraging engagement opportunities to conduct more surveys, focus groups, and interviews to understand community needs. It provided updates on its Routing Information, Network Security, and More Than Stats products and is seeking additional input from attendees.
Data Science Milan: A year in a review of our community
Summary of the first year of the community, vision, roadmap, sponsorship options and call for volunteers.
Event page: https://www.meetup.com/Data-Science-Milan/events/238117427/
Isoc bishkek 2015 11-25
The Internet Society is an international non-profit organization dedicated to promoting an open, globally-connected and secure Internet. It works to ensure the Internet remains a force for good by advocating for open standards, addressing issues like security and privacy, and expanding infrastructure to underserved communities. It has over 100 chapters worldwide that undertake activities like educational events, policy advocacy, and networking to advance these goals locally. Membership in chapters and the global organization provides a way for individuals and organizations to support an open and accessible Internet.
Newcomers welcome
This document summarizes an agenda for a newcomers session at the APNIC46 conference in Noumea, New Caledonia from September 6-13, 2018. The agenda includes introductions, an overview of APNIC and its structure and role, the conference program, how to connect and network at the event, a discussion of important APNIC policies that have impacted the internet, and a mock Policy SIG session. The goal is to introduce newcomers to APNIC, its policy development process, and how to get involved.
ION Costa Rica Opening Slides
3 July 2017 - Opening slides from ION Costa Rica, introducing the Internet Society, the Deploy360 program, and our work in IPv6, DNSSEC, TLS, routing security, and the IETF
The Dark Side of Digital Preservation: Distributed Digital Preservation
Presentation on distributed digital preservation networks by Sibyl Schaefer, Mary Molinaro, Katherine Skinner, Chip German, David Pcolar, Sam Meister
IGF2015 Update
IGF2015 Update, by Izumi Okutani.
A presentation given at APRICOT 2016’s Cooperation SIG session on 23 February 2016.
Cybersecurity response in the Pacific
Presented by Elly Tawhai at the 21s Pacific Islands Telecommunications Association AGM (PITA 21) held in Raratonga, Cook Islands, 3 to 4 April.
NTXISSACSC3 - HELP! My Vulnerability Management Program is Failing! by Kevin ...
NTXISSACSC3 - HELP! My Vulnerability Management Program is Failing! by Kevin ...North Texas Chapter of the ISSA
The document summarizes Kevin Dunn's presentation on improving vulnerability management programs. It discusses common gaps that allow penetration tests to succeed, such as things an organization does not know about, has forgotten, or has de-prioritized. It provides recommendations to address these gaps, such as improving inventory discovery and prioritizing the security of all networked devices. Finally, it suggests moving beyond compliance-based approaches to innovating security design based on the assumption that attackers have compromised the network. The goal is to contain breaches and make attacks more difficult.HDI Capital Area Slides August 17, 2018
This document provides information about an upcoming HDI Capital Area event. It includes details about the event such as date, location, speakers, agenda, and registration information. It also lists the chapter officers and provides announcements about upcoming HDI events, training opportunities, and programs. The main presentation will be on a simple approach to security and how to assess security risks and implement basic protections.
Women in IT at SC
This document summarizes the Women in IT Networking at SC (WINS) program. WINS is a 3-year National Science Foundation funded program that enables 5-8 women per year to volunteer with SCinet and gain hands-on networking experience at the Supercomputing Conference. The goals of WINS are to expand participants' skills and networks, provide applicable technical training, increase diversity in SCinet volunteers, and raise awareness of gender diversity issues in IT fields. For SC18, WINS received 34 applicants from 19 states and selected finalists with a range of educational and professional backgrounds to participate in SCinet. Past participants reported boosted confidence and valuable mentoring experiences from the program.
Internet Society Regional Update
This document summarizes the work of the Internet Society in 2017. It discusses the Society's goals of increasing trust in the Internet, connecting the unconnected, strengthening itself and the IETF. It provides an overview of activities in Asia-Pacific including events in Pakistan, Papua New Guinea, Sri Lanka, Vanuatu and more. It also discusses support for network operator groups and internet exchanges. The Society's 25th anniversary is highlighted along with plans for events, campaigns and recognizing young Internet leaders.
inSIG 2021: APNIC and APrIGF
APNIC Senior Advisor - Strategic Engagement, Joyce Chen, gives an update on APNIC and APrIGF at inSIG 2021, held online from 19 to 21 November 2021.
IPTC AGM 2018 Welcome
Welcome to IPTC's 2018 Annual General Meeting.
Three day face-to-face conference, discussing news metadata standards for photo, video, text and more, including news companies discuss their approaches for news search.
https://iptc.org/events/autumn-meeting-2018/
IETF Outreach Program
The document discusses The Internet Society and its role in supporting open Internet standards development through organizations like the Internet Engineering Task Force (IETF). It provides information on the history and purpose of the IETF, how it develops standards through working groups and publishes RFCs, and programs offered by The Internet Society like IETF Fellowships to support participation from developing regions in IETF activities.
IETF Outreach in Bangladesh
The document discusses The Internet Society and its role in supporting open Internet standards development through organizations like the Internet Engineering Task Force (IETF). It provides information on the history and purpose of the IETF, how it develops standards through working groups and publishes RFCs, and programs offered by The Internet Society like IETF Fellowships to support participation from developing regions in IETF activities.
IoT in Public Sector
The document discusses how Internet of Everything (IoE) and Internet of Things (IoT) technologies can be applied in the public sector. It provides examples of how cities like Chicago, Copenhagen, and San Antonio are using sensors and real-time data to improve services across different departments in a more efficient and cost-effective way compared to operating in silos previously. Challenges around data integration, privacy, and vendor lock-in are also addressed. Real-world use cases demonstrate billions in potential economic value from asset utilization, supply chain optimization, and improved citizen experiences through an IoE approach.
CONHESI 2021 - Exploiting Web APIs
Topic: Exploiting Web APIs
Speaker: Matt Scheurer
https://twitter.com/c3rkah
Abstract:
This talk features live demos of Web API exploits against the “Tiredful API”, which is an intentionally broken web app. The objectives are to teach developers, QA, or security professionals about flaws present in a Web Services (REST API) due to insecure coding practices. Examples include: Information Disclosure, Insecure Direct Object Reference (IDOR), Access Control, Throttling, SQL Injection (SQLi), and Cross Site Scripting (XSS). Many of these vulnerabilities are found in the OWASP Top 10 list.
Bio:
Matt Scheurer works on a Computer Security Incident Response Team (CSIRT) performing Digital Forensics and Incident Response (DFIR). Matt has more than twenty years of combined experience in Information Technology and Information Security. He is the Security Director for the Cincinnati Networking Professionals Association (CiNPA) and a 2019 comSpark “Rising Tech Stars Award” winner. He has presented on numerous Information Security topics at many local area technology groups and large Information Security conferences across the country. Matt maintains active memberships in several professional organizations including the Association for Computing Machinery (ACM), Cincinnati Networking Professionals Association (CiNPA), Information Systems Security Association (ISSA), and InfraGard.
SecureWV: Exploiting Web APIs
Topic: Exploiting Web APIs
Speaker: Matt Scheurer
https://twitter.com/c3rkah
Abstract:
This talk features live demos of Web API exploits against the “Tiredful API”, which is an intentionally broken web app. The objectives are to teach developers, QA, or security professionals about flaws present in a Web Services (REST API) due to insecure coding practices. Examples include: Information Disclosure, Insecure Direct Object Reference (IDOR), Access Control, Throttling, SQL Injection (SQLite), and Cross Site Scripting (XSS). Many of these vulnerabilities are contained in the OWASP Top 10 list.
Bio:
Matt Scheurer works on a Computer Security Incident Response Team (CSIRT) performing Digital Forensics and Incident Response (DFIR). Matt has more than twenty years of combined experience in Information Technology and Information Security. He is the Security Director for the Cincinnati Networking Professionals Association (CiNPA) and a 2019 comSpark “Rising Tech Stars Award” winner. He has presented on numerous Information Security topics at many local area technology groups and large Information Security conferences across the country. Matt maintains active memberships in several professional organizations including the Association for Computing Machinery (ACM), Cincinnati Networking Professionals Association (CiNPA), Financial Services - Information Sharing and Analysis Center (FS-ISAC), Information Systems Security Association (ISSA), and InfraGard.
More Related Content
Similar to CiNPA / CiNPA Security SIG History
CNCERT Conference 2017: Capacity development in the Asia Pacific
APNIC Security Specialist Adli Wahid presented on APNIC's security outreach and capacity development activities at the CNCERT Conference 2017 in Qingdao, China from 22 to 24 May 2017.
GIP-November-2016-briefing-final.ppt, Internet governance
This document summarizes internet governance events that took place in November 2016. The top 5 trends discussed were: 1) The role of internet platforms in the US elections and regulating misinformation. 2) Increased focus on data localization policies. 3) Efforts to improve security of internet-connected devices. 4) Debate around the practice of zero-rating internet access. 5) The second session of the UN Group of Governmental Experts on cybersecurity that took place at the end of November. Main upcoming events highlighted include the 11th Internet Governance Forum in December.
Enhancing security incident response capabilities in the AP
APNIC Security Specialist Adli Wahid highlights APNIC’s contribution to improving incident response capabilities in the region through training and capacity development, engagement with LEAs and CERTs, and collaboration with partners such as APCERT.
BoF Intro and Product Update
APNIC is gathering data and input from its community to develop new products and services. It conducted surveys in 2016 and 2018 that found interest in trend and benchmarking information about network security threats, infrastructure and usage. APNIC is leveraging engagement opportunities to conduct more surveys, focus groups, and interviews to understand community needs. It provided updates on its Routing Information, Network Security, and More Than Stats products and is seeking additional input from attendees.
Data Science Milan: A year in a review of our community
Summary of the first year of the community, vision, roadmap, sponsorship options and call for volunteers.
Event page: https://www.meetup.com/Data-Science-Milan/events/238117427/
Isoc bishkek 2015 11-25
The Internet Society is an international non-profit organization dedicated to promoting an open, globally-connected and secure Internet. It works to ensure the Internet remains a force for good by advocating for open standards, addressing issues like security and privacy, and expanding infrastructure to underserved communities. It has over 100 chapters worldwide that undertake activities like educational events, policy advocacy, and networking to advance these goals locally. Membership in chapters and the global organization provides a way for individuals and organizations to support an open and accessible Internet.
Newcomers welcome
This document summarizes an agenda for a newcomers session at the APNIC46 conference in Noumea, New Caledonia from September 6-13, 2018. The agenda includes introductions, an overview of APNIC and its structure and role, the conference program, how to connect and network at the event, a discussion of important APNIC policies that have impacted the internet, and a mock Policy SIG session. The goal is to introduce newcomers to APNIC, its policy development process, and how to get involved.
ION Costa Rica Opening Slides
3 July 2017 - Opening slides from ION Costa Rica, introducing the Internet Society, the Deploy360 program, and our work in IPv6, DNSSEC, TLS, routing security, and the IETF
The Dark Side of Digital Preservation: Distributed Digital Preservation
Presentation on distributed digital preservation networks by Sibyl Schaefer, Mary Molinaro, Katherine Skinner, Chip German, David Pcolar, Sam Meister
IGF2015 Update
IGF2015 Update, by Izumi Okutani.
A presentation given at APRICOT 2016’s Cooperation SIG session on 23 February 2016.
Cybersecurity response in the Pacific
Presented by Elly Tawhai at the 21s Pacific Islands Telecommunications Association AGM (PITA 21) held in Raratonga, Cook Islands, 3 to 4 April.
NTXISSACSC3 - HELP! My Vulnerability Management Program is Failing! by Kevin ...
NTXISSACSC3 - HELP! My Vulnerability Management Program is Failing! by Kevin ...North Texas Chapter of the ISSA
The document summarizes Kevin Dunn's presentation on improving vulnerability management programs. It discusses common gaps that allow penetration tests to succeed, such as things an organization does not know about, has forgotten, or has de-prioritized. It provides recommendations to address these gaps, such as improving inventory discovery and prioritizing the security of all networked devices. Finally, it suggests moving beyond compliance-based approaches to innovating security design based on the assumption that attackers have compromised the network. The goal is to contain breaches and make attacks more difficult.HDI Capital Area Slides August 17, 2018
This document provides information about an upcoming HDI Capital Area event. It includes details about the event such as date, location, speakers, agenda, and registration information. It also lists the chapter officers and provides announcements about upcoming HDI events, training opportunities, and programs. The main presentation will be on a simple approach to security and how to assess security risks and implement basic protections.
Women in IT at SC
This document summarizes the Women in IT Networking at SC (WINS) program. WINS is a 3-year National Science Foundation funded program that enables 5-8 women per year to volunteer with SCinet and gain hands-on networking experience at the Supercomputing Conference. The goals of WINS are to expand participants' skills and networks, provide applicable technical training, increase diversity in SCinet volunteers, and raise awareness of gender diversity issues in IT fields. For SC18, WINS received 34 applicants from 19 states and selected finalists with a range of educational and professional backgrounds to participate in SCinet. Past participants reported boosted confidence and valuable mentoring experiences from the program.
Internet Society Regional Update
This document summarizes the work of the Internet Society in 2017. It discusses the Society's goals of increasing trust in the Internet, connecting the unconnected, strengthening itself and the IETF. It provides an overview of activities in Asia-Pacific including events in Pakistan, Papua New Guinea, Sri Lanka, Vanuatu and more. It also discusses support for network operator groups and internet exchanges. The Society's 25th anniversary is highlighted along with plans for events, campaigns and recognizing young Internet leaders.
inSIG 2021: APNIC and APrIGF
APNIC Senior Advisor - Strategic Engagement, Joyce Chen, gives an update on APNIC and APrIGF at inSIG 2021, held online from 19 to 21 November 2021.
IPTC AGM 2018 Welcome
Welcome to IPTC's 2018 Annual General Meeting.
Three day face-to-face conference, discussing news metadata standards for photo, video, text and more, including news companies discuss their approaches for news search.
https://iptc.org/events/autumn-meeting-2018/
IETF Outreach Program
The document discusses The Internet Society and its role in supporting open Internet standards development through organizations like the Internet Engineering Task Force (IETF). It provides information on the history and purpose of the IETF, how it develops standards through working groups and publishes RFCs, and programs offered by The Internet Society like IETF Fellowships to support participation from developing regions in IETF activities.
IETF Outreach in Bangladesh
The document discusses The Internet Society and its role in supporting open Internet standards development through organizations like the Internet Engineering Task Force (IETF). It provides information on the history and purpose of the IETF, how it develops standards through working groups and publishes RFCs, and programs offered by The Internet Society like IETF Fellowships to support participation from developing regions in IETF activities.
IoT in Public Sector
The document discusses how Internet of Everything (IoE) and Internet of Things (IoT) technologies can be applied in the public sector. It provides examples of how cities like Chicago, Copenhagen, and San Antonio are using sensors and real-time data to improve services across different departments in a more efficient and cost-effective way compared to operating in silos previously. Challenges around data integration, privacy, and vendor lock-in are also addressed. Real-world use cases demonstrate billions in potential economic value from asset utilization, supply chain optimization, and improved citizen experiences through an IoE approach.
Similar to CiNPA / CiNPA Security SIG History (20)
CNCERT Conference 2017: Capacity development in the Asia Pacific
CNCERT Conference 2017: Capacity development in the Asia Pacific
GIP-November-2016-briefing-final.ppt, Internet governance
GIP-November-2016-briefing-final.ppt, Internet governance
Enhancing security incident response capabilities in the AP
Enhancing security incident response capabilities in the AP
Data Science Milan: A year in a review of our community
Data Science Milan: A year in a review of our community
The Dark Side of Digital Preservation: Distributed Digital Preservation
The Dark Side of Digital Preservation: Distributed Digital Preservation
NTXISSACSC3 - HELP! My Vulnerability Management Program is Failing! by Kevin ...
NTXISSACSC3 - HELP! My Vulnerability Management Program is Failing! by Kevin ...
More from ThreatReel Podcast
CONHESI 2021 - Exploiting Web APIs
Topic: Exploiting Web APIs
Speaker: Matt Scheurer
https://twitter.com/c3rkah
Abstract:
This talk features live demos of Web API exploits against the “Tiredful API”, which is an intentionally broken web app. The objectives are to teach developers, QA, or security professionals about flaws present in a Web Services (REST API) due to insecure coding practices. Examples include: Information Disclosure, Insecure Direct Object Reference (IDOR), Access Control, Throttling, SQL Injection (SQLi), and Cross Site Scripting (XSS). Many of these vulnerabilities are found in the OWASP Top 10 list.
Bio:
Matt Scheurer works on a Computer Security Incident Response Team (CSIRT) performing Digital Forensics and Incident Response (DFIR). Matt has more than twenty years of combined experience in Information Technology and Information Security. He is the Security Director for the Cincinnati Networking Professionals Association (CiNPA) and a 2019 comSpark “Rising Tech Stars Award” winner. He has presented on numerous Information Security topics at many local area technology groups and large Information Security conferences across the country. Matt maintains active memberships in several professional organizations including the Association for Computing Machinery (ACM), Cincinnati Networking Professionals Association (CiNPA), Information Systems Security Association (ISSA), and InfraGard.
SecureWV: Exploiting Web APIs
Topic: Exploiting Web APIs
Speaker: Matt Scheurer
https://twitter.com/c3rkah
Abstract:
This talk features live demos of Web API exploits against the “Tiredful API”, which is an intentionally broken web app. The objectives are to teach developers, QA, or security professionals about flaws present in a Web Services (REST API) due to insecure coding practices. Examples include: Information Disclosure, Insecure Direct Object Reference (IDOR), Access Control, Throttling, SQL Injection (SQLite), and Cross Site Scripting (XSS). Many of these vulnerabilities are contained in the OWASP Top 10 list.
Bio:
Matt Scheurer works on a Computer Security Incident Response Team (CSIRT) performing Digital Forensics and Incident Response (DFIR). Matt has more than twenty years of combined experience in Information Technology and Information Security. He is the Security Director for the Cincinnati Networking Professionals Association (CiNPA) and a 2019 comSpark “Rising Tech Stars Award” winner. He has presented on numerous Information Security topics at many local area technology groups and large Information Security conferences across the country. Matt maintains active memberships in several professional organizations including the Association for Computing Machinery (ACM), Cincinnati Networking Professionals Association (CiNPA), Financial Services - Information Sharing and Analysis Center (FS-ISAC), Information Systems Security Association (ISSA), and InfraGard.
BSides Columbus - Lend me your IR's!
Lend me your IR's!
-Matt Scheurer
BSides Columbus
August 21, 2020
Abstract:
Have you ever felt compelled to tip your cap to a malicious threat actor? Protecting systems and networks as a tech defender means withstanding a constant barrage of unsophisticated attacks from automated tools, botnets, crawlers, exploit kits, phish kits, and script kiddies; oh my! Once in a while we encounter attacks worthy of style points for creativity or new twists on old attack techniques. This talk features live demo reenactments from some advanced attacks investigated by the presenter. The live demos showcase technical deep dives of the underpinnings from both the attacker and investigator sides of these attacks. Attendee key takeaways are strategies, freely available tools, and techniques helpful during incident response investigations.
Bio:
Matt Scheurer serves as Chair of the Cincinnati Networking Professionals Association Security Special Interest Group (CiNPA Security SIG), a former Ambassador for Bugcrowd, and works as a Systems Security Engineer in the Financial Services industry. He holds a CompTIA Security+ Certification and possesses multiple Microsoft Certifications including MCP, MCPS, MCTS, MCSA, and MCITP. He has presented on numerous Information Security topics as a featured speaker at many local area technology groups and large Information Security conferences. Matt maintains active memberships in a number of professional organizations including the Association for Computing Machinery (ACM), Cincinnati Networking Professionals Association (CiNPA), Financial Services - Information Sharing and Analysis Center (FS-ISAC), Information Systems Security Association (ISSA), and InfraGard.
PwnSchool: Exploiting Web APIs
Meeting Topic: Exploiting Web APIs
Speaker: Matt Scheurer
https://twitter.com/c3rkah
Abstract:
This talk features live demos of Web API exploits against the “Tiredful API”, which is an intentionally broken web app. The objectives are to teach developers, QA, or security professionals about flaws present in a Web Services (REST API) due to insecure coding practices. Examples include: Information Disclosure, Insecure Direct Object Reference, Access Control, Throttling, SQL Injection (SQLite), and Cross Site Scripting (XSS). Many of these vulnerabilities are contained in the OWASP Top 10.
Bio:
Matt Scheurer works on a Computer Security Incident Response Team (CSIRT) performing Digital Forensics and Incident Response (DFIR). Matt has more than twenty years of combined experience in Information Technology and Information Security. He is the Security Director for the Cincinnati Networking Professionals Association (CiNPA) and a 2019 comSpark “Rising Tech Stars Award” winner. He has presented on numerous Information Security topics at many local area technology groups and large Information Security conferences across the country. Matt maintains active memberships in several professional organizations including the Association for Computing Machinery (ACM), Cincinnati Networking Professionals Association (CiNPA), Financial Services - Information Sharing and Analysis Center (FS-ISAC), Information Systems Security Association (ISSA), and InfraGard.
CiNPA Security SIG - Exploiting the Tiredful API
Exploiting the Tiredful API
Matt Scheurer
https://twitter.com/c3rkah
Abstract:
The "Tiredful API" is an intentionally designed broken app. The aim of this web app is to teach developers, QA, or security professionals about flaws present in a Web Services (REST API) due to insecure coding practices. This presentation features live demos exploiting some of the known vulnerabilities including: Information Disclosure, Insecure Direct Object Reference, Access Control, Throttling, SQL Injection (SQLite), and Cross Site Scripting (XSS).
Bio:
Matt Scheurer works on a Computer Security Incident Response Team (CSIRT) performing Digital Forensics and Incident Response (DFIR). Matt has more than twenty years of combined experience in Information Technology and Information Security. He is the Security Director for the Cincinnati Networking Professionals Association (CiNPA) and a 2019 comSpark “Rising Tech Stars Award” winner. Matt has presented on numerous Information Security topics at many local area technology groups and large Information Security conferences across the country. He maintains active memberships in several professional organizations including the Association for Computing Machinery (ACM), Cincinnati Networking Professionals Association (CiNPA), Information Systems Security Association (ISSA), and InfraGard.
CCC - Lend me your IR's
Lend me your IR's!
-Matt Scheurer
Circle City Con
CircleCityCon 7.0 Apocalypse
June 13, 2020
Abstract:
Have you ever felt compelled to tip your cap to a malicious threat actor? Protecting systems and networks as a tech defender means withstanding a constant barrage of unsophisticated attacks from automated tools, botnets, crawlers, exploit kits, phish kits, and script kiddies; oh my! Once in a while we encounter attacks worthy of style points for creativity or new twists on old attack techniques. This talk features live demo reenactments from some advanced attacks investigated by the presenter. The live demos showcase technical deep dives of the underpinnings from both the attacker and investigator sides of these attacks. Attendee key takeaways are strategies, freely available tools, and techniques helpful during incident response investigations.
Bio:
Matt Scheurer serves as Chair of the Cincinnati Networking Professionals Association Security Special Interest Group (CiNPA Security SIG), an Ambassador for Bugcrowd, and works as a Systems Security Engineer in the Financial Services industry. He holds a CompTIA Security+ Certification and possesses multiple Microsoft Certifications including MCP, MCPS, MCTS, MCSA, and MCITP. He has presented on numerous Information Security topics as a featured speaker at many local area technology groups and large Information Security conferences. Matt maintains active memberships in a number of professional organizations including the Association for Computing Machinery (ACM), Cincinnati Networking Professionals Association (CiNPA), Financial Services - Information Sharing and Analysis Center (FS-ISAC), Information Systems Security Association (ISSA), and InfraGard.
DMA - Stupid Cyber Criminal Tricks
Dayton Microcomputer Association (DMA):
April 2020 - Online Meeting
Date: April 28, 2020
Topic: Stupid Cyber Criminal Tricks and How to Combat Them
Speaker: Matt Scheurer
This talk covers various techniques used by cyber criminals, and how to spot them. This is the accompanying slide deck for a presentation that covers live demos. Who does not love a good cyber-crime story?
ISC2: AppSec & OWASP Primer
This document provides an overview of application security and the Open Web Application Security Project (OWASP). It discusses what OWASP is, its history and Top 10 list. It also provides resources for learning application development, security testing tools like Nikto and ZAP, and places to learn about application security for free like OWASP itself. The presentation concludes by emphasizing the need for application security practitioners and thanking attendees.
OISF - Continuous Skills Improvement for Everyone
Continuous Skills Improvement for Everyone
Ohio Information Security Forum (OISF)
2019 Anniversary Conference
Saturday July 13, 2019
Matt Scheurer
Twitter: https://twitter.com/c3rkah
This presentation strives to provide some ideas to attendees toward effective career guidance and self-empowerment. Whether attendees are looking for their first Information Security career opportunity, looking to take that next career step, or making impacts to safeguard their own job security. This talk also encourages attendees to help mentor others and offers different examples of how to give back to the InfoSec community. I cover freely available and low cost technical training resources, but also go beyond that to provide other takeaways that touch on goal setting and emotional intelligence. My ultimate objective is to inspire others to find a path leading toward a better and more rewarding future.
Central Ohio InfoSec Summit: Why Script Kiddies Succeed
Title: Why Script Kiddies Succeed
Event: 12th Annual Central Ohio InfoSec Summit
Date: May 23, 2019
Speaker: Matt Scheurer
Abstract:
Some offensive security tools have become so user friendly and simple that the barrier to compromising vulnerable systems has become trivial. We will use Kali Linux, SPARTA, OWASP ZAP, and Armitage to demonstrate just how easy exploiting some vulnerabilities has become. The takeaways will be on vulnerability scanning systems in your environment and Proof-of-Concept those findings to help improve your overall security posture. Eliminating the low hanging fruit of vulnerabilities in an environment will help harden those systems against low-skill attackers and receive more mature and meaningful findings from penetration tests.
Bio:
Some offensive security tools have become so user friendly and simple that the barrier to compromising vulnerable systems has become trivial. We will use Kali Linux, SPARTA, OWASP ZAP, and Armitage to demonstrate just how easy exploiting some vulnerabilities has become. The takeaways will be on vulnerability scanning systems in your environment and Proof-of-Concept those findings to help improve your overall security posture. Eliminating the low hanging fruit of vulnerabilities in an environment will help harden those systems against low-skill attackers and receive more mature and meaningful findings from penetration tests.
AppSec & OWASP Top 10 Primer
AppSec & OWASP Top 10 Primer
By Matt Scheurer (@c3rkah)
Cincinnati, Ohio
Date: 03/21/2019
Momentum Developer Conference
Sharonville Convention Center
#momentumdevcon
Abstract:
Are you testing the security of your web applications, web sites, and web servers? The malicious threat actors on the Internet almost certainly are. We will cover AppSec along with a brief review of the 2017 OWASP Top 10 List. The focus of the presentation is how to get started with AppSec and where to continue learning more. Accompanying the presentation are live demos of Nikto and the OWASP Zed Attack Proxy (ZAP).
Bio:
Matt Scheurer serves as Chair of the Cincinnati Networking Professionals Association Security Special Interest Group (CiNPA Security SIG) and works as a Systems Security Engineer in the Financial Services industry. He holds a CompTIA Security+ Certification and possesses multiple Microsoft Certifications including MCP, MCPS, MCTS, MCSA, and MCITP. He has presented on numerous Information Security topics as a featured speaker at many local area technology groups and large Information Security conferences all over the Ohio, Indiana, and Kentucky Tri-State. Matt maintains active memberships in a number of professional organizations including the Association for Computing Machinery (ACM), Cincinnati Networking Professionals Association (CiNPA), Financial Services - Information Sharing and Analysis Center (FS-ISAC), and Information Systems Security Association (ISSA).
OISC 2019 - The OWASP Top 10 & AppSec Primer
Technology First
16th Annual Ohio Information Security Conference
OISC 2019
#OISC19
The OWASP Top 10 & AppSec Primer
By Matt Scheurer (@c3rkah)
Dayton, Ohio
Date: 03/13/2019
Abstract:
Are you testing the security of your web applications, web sites, and web servers? The malicious threat actors on the Internet almost certainly are. We will cover AppSec along with a brief review of the 2017 OWASP Top 10 List. The focus of the presentation is how to get started with AppSec and where to continue learning more. Accompanying the presentation are live demos of Nikto and the OWASP Zed Attack Proxy (ZAP).
Bio:
Matt Scheurer serves as Chair of the Cincinnati Networking Professionals Association Security Special Interest Group (CiNPA Security SIG) and works as a Systems Security Engineer in the Financial Services industry. He holds a CompTIA Security+ Certification and possesses multiple Microsoft Certifications including MCP, MCPS, MCTS, MCSA, and MCITP. He has presented on numerous Information Security topics as a featured speaker at many local area technology groups and large Information Security conferences all over the Ohio, Indiana, and Kentucky Tri-State. Matt maintains active memberships in a number of professional organizations including the Association for Computing Machinery (ACM), Cincinnati Networking Professionals Association (CiNPA), Financial Services - Information Sharing and Analysis Center (FS-ISAC), and Information Systems Security Association (ISSA).
Butler Tech - Working in IT and InfoSec
Presentation: Working in Information Technology and Cybersecurity: Now and in the Future...
Date: 11/14/2018
Speaker: Matt Scheurer
Venue: Butler Tech
Location: Cincinnati, Ohio
Abstract: This presentation covers career options working in Information Technology or Information Security. The target audience was High School Juniors at Butler Tech in Cincinnati.
NKU Cybersecurity Symposium: Active Defense - Helping threat actors hack them...
These are the slides from my "Active Defense - Helping threat actors hack themselves!" presentation at the 11th Annual Northern Kentucky University Cybersecurity Symposium on 10/12/2018.
Title: Active Defense - Helping threat actors hack themselves!
Abstract:
Have you ever received one of those data breach notification letters in the mail? The short-term amends provided for having your personal data compromised is typically in the form of free short-term credit monitoring services. An entire Information Security industry segment has sprung up around Data Loss Prevention (DLP) aimed at stopping confidential data from being "leaked" out of an organization's boundaries for unauthorized use. What if the data breach perpetrators got a healthy dose of their own medicine instead of your private data? We cannot "hack back" legally today, but perhaps we can lure these malicious threat actors into actually hacking themselves... This presentation covers "Active Defense" techniques designed to frustrate data bandits attempting to steal and ex-filtrate our data.
The focus of this presentation is on actively defending a live public facing website. We begin by covering methods to shield innocent users by protecting them from our active defenses. We take advantage of malicious visitor’s impulse to evade all the rules by setting traps designed to ensnare those attempting to steal our data. The techniques covered involve faking accidental exposure and baiting traps using fictitious files and data too irresistible for cyber thieves to ignore. I then demonstrate deployable techniques used to fight back without launching a single attack.
CiNPA Security SIG - Physical Security
These are the slides from the physical security presentation at the Cincinnati Networking Professionals Association Security Special Interest Group (CiNPA Security SIG) meeting on 08/16/2018. Topics covered include physical security control types and methods.
OISF Aniversary: Active Defense - Helping threat actors hack themselves!
These are the slides from my "Active Defense - Helping threat actors hack themselves!" presentation at the Ohio Information Security Forum (OISF) Anniversary Conference on 07/14/2018 in Dayton, Ohio.
Title: Active Defense - Helping threat actors hack themselves!
Abstract:
Have you ever received one of those data breach notification letters in the mail? The short-term amends provided for having your personal data compromised is typically in the form of free short-term credit monitoring services. An entire Information Security industry segment has sprung up around Data Loss Prevention (DLP) aimed at stopping confidential data from being "leaked" out of an organization's boundaries for unauthorized use. What if the data breach perpetrators got a healthy dose of their own medicine instead of your private data? We cannot "hack back" legally today, but perhaps we can lure these malicious threat actors into actually hacking themselves... This presentation covers "Active Defense" techniques designed to frustrate data bandits attempting to steal and ex-filtrate our data.
The focus of this presentation is on actively defending a live public facing website. We begin by covering methods to shield innocent users by protecting them from our active defenses. We take advantage of malicious visitor’s impulse to evade all the rules by setting traps designed to ensnare those attempting to steal our data. The techniques covered involve faking accidental exposure and baiting traps using fictitious files and data too irresistible for cyber thieves to ignore. I then demonstrate deployable techniques used to fight back without launching a single attack.
BSides Cleveland: Phishing Forensics - Is it just suspicious or is it malicious?
These are the slides from my "Phishing Forensics - Is it just suspicious or is it malicious?" presentation at the BSides Cleveland Information Security Conference on 06/23/2018 in Cleveland, Ohio.
Title: Phishing Forensics - Is it just suspicious or is it malicious?
Abstract:
What thoughts currently make tech defenders uneasy as they go to bed at night? Despite implementing and properly configuring the latest technological controls and security solutions into our environments, end users typically remain the most vulnerable point of entry into nearly any network. Unfortunately, only one misstep by a single user provides attackers with the foothold they need to begin compromising an entire enterprise network environment. The safety of our inboxes is a key initiative on the battlefront of protecting staff from the scourge of phishing and spear phishing attacks. We will perform a deep-dive look at the latest techniques used by criminals to bypass security products and traditional defense-in-depth strategies. We then focus heavily on conducting a digital forensic investigation on a sample phishing email message. Topics covered include technical analysis of message headers, message source code, message attachments, and malicious landing web pages even when a dedicated sandbox environment is unavailable.
BSides Cleveland: Active Defense - Helping threat actors hack themselves!
These are the slides from my "Active Defense - Helping threat actors hack themselves!" presentation at the BSides Cleveland Information Security Conference on 06/23/2018 in Cleveland, Ohio.
Title: Active Defense - Helping threat actors hack themselves!
Abstract:
Have you ever received one of those data breach notification letters in the mail? The short-term amends provided for having your personal data compromised is typically in the form of free short-term credit monitoring services. An entire Information Security industry segment has sprung up around Data Loss Prevention (DLP) aimed at stopping confidential data from being "leaked" out of an organization's boundaries for unauthorized use. What if the data breach perpetrators got a healthy dose of their own medicine instead of your private data? We cannot "hack back" legally today, but perhaps we can lure these malicious threat actors into actually hacking themselves... This presentation covers "Active Defense" techniques designed to frustrate data bandits attempting to steal and ex-filtrate our data.
The focus of this presentation is on actively defending a live public facing website. We begin by covering methods to shield innocent users by protecting them from our active defenses. We take advantage of malicious visitor’s impulse to evade all the rules by setting traps designed to ensnare those attempting to steal our data. The techniques covered involve faking accidental exposure and baiting traps using fictitious files and data too irresistible for cyber thieves to ignore. I then demonstrate deployable techniques used to fight back without launching a single attack.
Circle City Con: Phishing Forensics - Is it just suspicious or is it malicious?
Circle City Con 5.0
Phishing Forensics - Is it just suspicious or is it malicious?
-Matt Scheurer
Abstract:
What thoughts currently make tech defenders uneasy as they go to bed at night? Despite implementing and properly configuring the latest technological controls and security solutions into our environments, end users typically remain the most vulnerable point of entry into nearly any network. Unfortunately, only one misstep by a single user provides attackers with the foothold they need to begin compromising an entire enterprise network environment. The safety of our inboxes is a key initiative on the battlefront of protecting staff from the scourge of phishing and spear phishing attacks. We will perform a deep-dive look at the latest techniques used by criminals to bypass security products and traditional defense-in-depth strategies. We then focus heavily on conducting a digital forensic investigation on a sample phishing email message. Topics covered include technical analysis of message headers, message source code, message attachments, and malicious landing web pages even when a dedicated sandbox environment is unavailable.
ISSA COISS: : Phishing Forensics - Is it just suspicious or is it malicious?
Matt Scheurer gives a presentation on phishing forensics and analyzing suspicious emails. He discusses viewing email headers and message source to look for clues, using tools like URL expanders and online scanners to inspect links and attachments. Scheurer warns that phishing techniques are evolving, such as using URL shorteners, iFrames and document phishing ("DocuPhish"). Prevention requires user education and reporting to vendors, as technical controls continue working to counter new threats.
More from ThreatReel Podcast (20)
Central Ohio InfoSec Summit: Why Script Kiddies Succeed
Central Ohio InfoSec Summit: Why Script Kiddies Succeed
NKU Cybersecurity Symposium: Active Defense - Helping threat actors hack them...
NKU Cybersecurity Symposium: Active Defense - Helping threat actors hack them...
OISF Aniversary: Active Defense - Helping threat actors hack themselves!
OISF Aniversary: Active Defense - Helping threat actors hack themselves!
BSides Cleveland: Phishing Forensics - Is it just suspicious or is it malicious?
BSides Cleveland: Phishing Forensics - Is it just suspicious or is it malicious?
BSides Cleveland: Active Defense - Helping threat actors hack themselves!
BSides Cleveland: Active Defense - Helping threat actors hack themselves!
Circle City Con: Phishing Forensics - Is it just suspicious or is it malicious?
Circle City Con: Phishing Forensics - Is it just suspicious or is it malicious?
ISSA COISS: : Phishing Forensics - Is it just suspicious or is it malicious?
ISSA COISS: : Phishing Forensics - Is it just suspicious or is it malicious?
Recently uploaded
Programming Foundation Models with DSPy - Meetup Slides
Prompting language models is hard, while programming language models is easy. In this talk, I will discuss the state-of-the-art framework DSPy for programming foundation models with its powerful optimizers and runtime constraint system.
Letter and Document Automation for Bonterra Impact Management (fka Social Sol...
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on automated letter generation for Bonterra Impact Management using Google Workspace or Microsoft 365.
Interested in deploying letter generation automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift
Overview
Dive into the world of anomaly detection on edge devices with our comprehensive hands-on tutorial. This SlideShare presentation will guide you through the entire process, from data collection and model training to edge deployment and real-time monitoring. Perfect for those looking to implement robust anomaly detection systems on resource-constrained IoT/edge devices.
Key Topics Covered
1. Introduction to Anomaly Detection
- Understand the fundamentals of anomaly detection and its importance in identifying unusual behavior or failures in systems.
2. Understanding Edge (IoT)
- Learn about edge computing and IoT, and how they enable real-time data processing and decision-making at the source.
3. What is ArgoCD?
- Discover ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes, and its role in deploying applications on edge devices.
4. Deployment Using ArgoCD for Edge Devices
- Step-by-step guide on deploying anomaly detection models on edge devices using ArgoCD.
5. Introduction to Apache Kafka and S3
- Explore Apache Kafka for real-time data streaming and Amazon S3 for scalable storage solutions.
6. Viewing Kafka Messages in the Data Lake
- Learn how to view and analyze Kafka messages stored in a data lake for better insights.
7. What is Prometheus?
- Get to know Prometheus, an open-source monitoring and alerting toolkit, and its application in monitoring edge devices.
8. Monitoring Application Metrics with Prometheus
- Detailed instructions on setting up Prometheus to monitor the performance and health of your anomaly detection system.
9. What is Camel K?
- Introduction to Camel K, a lightweight integration framework built on Apache Camel, designed for Kubernetes.
10. Configuring Camel K Integrations for Data Pipelines
- Learn how to configure Camel K for seamless data pipeline integrations in your anomaly detection workflow.
11. What is a Jupyter Notebook?
- Overview of Jupyter Notebooks, an open-source web application for creating and sharing documents with live code, equations, visualizations, and narrative text.
12. Jupyter Notebooks with Code Examples
- Hands-on examples and code snippets in Jupyter Notebooks to help you implement and test anomaly detection models.
Trusted Execution Environment for Decentralized Process Mining
Presentation of the paper "Trusted Execution Environment for Decentralized Process Mining" given during the CAiSE 2024 Conference in Cyprus on June 7, 2024.
Finale of the Year: Apply for Next One!
Presentation for the event called "Finale of the Year: Apply for Next One!" organized by GDSC PJATK
Azure API Management to expose backend services securely
How to use Azure API Management to expose backend service securely
Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays, June 2024 with Maria Copot 20
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Discover the seamless integration of RPA (Robotic Process Automation), COMPOSER, and APM with AWS IDP enhanced with Slack notifications. Explore how these technologies converge to streamline workflows, optimize performance, and ensure secure access, all while leveraging the power of AWS IDP and real-time communication via Slack notifications.
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...
Skybuffer AI, built on the robust SAP Business Technology Platform (SAP BTP), is the latest and most advanced version of our AI development, reaffirming our commitment to delivering top-tier AI solutions. Skybuffer AI harnesses all the innovative capabilities of the SAP BTP in the AI domain, from Conversational AI to cutting-edge Generative AI and Retrieval-Augmented Generation (RAG). It also helps SAP customers safeguard their investments into SAP Conversational AI and ensure a seamless, one-click transition to SAP Business AI.
With Skybuffer AI, various AI models can be integrated into a single communication channel such as Microsoft Teams. This integration empowers business users with insights drawn from SAP backend systems, enterprise documents, and the expansive knowledge of Generative AI. And the best part of it is that it is all managed through our intuitive no-code Action Server interface, requiring no extensive coding knowledge and making the advanced AI accessible to more users.
Main news related to the CCS TSI 2023 (2023/1695)
An English 🇬🇧 translation of a presentation to the speech I gave about the main changes brought by CCS TSI 2023 at the biggest Czech conference on Communications and signalling systems on Railways, which was held in Clarion Hotel Olomouc from 7th to 9th November 2023 (konferenceszt.cz). Attended by around 500 participants and 200 on-line followers.
The original Czech 🇨🇿 version of the presentation can be found here: https://www.slideshare.net/slideshow/hlavni-novinky-souvisejici-s-ccs-tsi-2023-2023-1695/269688092 .
The videorecording (in Czech) from the presentation is available here: https://youtu.be/WzjJWm4IyPk?si=SImb06tuXGb30BEH .
Generating privacy-protected synthetic data using Secludy and Milvus
During this demo, the founders of Secludy will demonstrate how their system utilizes Milvus to store and manipulate embeddings for generating privacy-protected synthetic data. Their approach not only maintains the confidentiality of the original data but also enhances the utility and scalability of LLMs under privacy constraints. Attendees, including machine learning engineers, data scientists, and data managers, will witness first-hand how Secludy's integration with Milvus empowers organizations to harness the power of LLMs securely and efficiently.
Digital Marketing Trends in 2024 | Guide for Staying Ahead
https://www.wask.co/ebooks/digital-marketing-trends-in-2024
Feeling lost in the digital marketing whirlwind of 2024? Technology is changing, consumer habits are evolving, and staying ahead of the curve feels like a never-ending pursuit. This e-book is your compass. Dive into actionable insights to handle the complexities of modern marketing. From hyper-personalization to the power of user-generated content, learn how to build long-term relationships with your audience and unlock the secrets to success in the ever-shifting digital landscape.
Presentation of the OECD Artificial Intelligence Review of Germany
Consult the full report at https://www.oecd.org/digital/oecd-artificial-intelligence-review-of-germany-609808d6-en.htm
Operating System Used by Users in day-to-day life.pptx
Dive into the realm of operating systems (OS) with Pravash Chandra Das, a seasoned Digital Forensic Analyst, as your guide. 🚀 This comprehensive presentation illuminates the core concepts, types, and evolution of OS, essential for understanding modern computing landscapes.
Beginning with the foundational definition, Das clarifies the pivotal role of OS as system software orchestrating hardware resources, software applications, and user interactions. Through succinct descriptions, he delineates the diverse types of OS, from single-user, single-task environments like early MS-DOS iterations, to multi-user, multi-tasking systems exemplified by modern Linux distributions.
Crucial components like the kernel and shell are dissected, highlighting their indispensable functions in resource management and user interface interaction. Das elucidates how the kernel acts as the central nervous system, orchestrating process scheduling, memory allocation, and device management. Meanwhile, the shell serves as the gateway for user commands, bridging the gap between human input and machine execution. 💻
The narrative then shifts to a captivating exploration of prominent desktop OSs, Windows, macOS, and Linux. Windows, with its globally ubiquitous presence and user-friendly interface, emerges as a cornerstone in personal computing history. macOS, lauded for its sleek design and seamless integration with Apple's ecosystem, stands as a beacon of stability and creativity. Linux, an open-source marvel, offers unparalleled flexibility and security, revolutionizing the computing landscape. 🖥️
Moving to the realm of mobile devices, Das unravels the dominance of Android and iOS. Android's open-source ethos fosters a vibrant ecosystem of customization and innovation, while iOS boasts a seamless user experience and robust security infrastructure. Meanwhile, discontinued platforms like Symbian and Palm OS evoke nostalgia for their pioneering roles in the smartphone revolution.
The journey concludes with a reflection on the ever-evolving landscape of OS, underscored by the emergence of real-time operating systems (RTOS) and the persistent quest for innovation and efficiency. As technology continues to shape our world, understanding the foundations and evolution of operating systems remains paramount. Join Pravash Chandra Das on this illuminating journey through the heart of computing. 🌟
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-und-domino-lizenzkostenreduzierung-in-der-welt-von-dlau/
DLAU und die Lizenzen nach dem CCB- und CCX-Modell sind für viele in der HCL-Community seit letztem Jahr ein heißes Thema. Als Notes- oder Domino-Kunde haben Sie vielleicht mit unerwartet hohen Benutzerzahlen und Lizenzgebühren zu kämpfen. Sie fragen sich vielleicht, wie diese neue Art der Lizenzierung funktioniert und welchen Nutzen sie Ihnen bringt. Vor allem wollen Sie sicherlich Ihr Budget einhalten und Kosten sparen, wo immer möglich. Das verstehen wir und wir möchten Ihnen dabei helfen!
Wir erklären Ihnen, wie Sie häufige Konfigurationsprobleme lösen können, die dazu führen können, dass mehr Benutzer gezählt werden als nötig, und wie Sie überflüssige oder ungenutzte Konten identifizieren und entfernen können, um Geld zu sparen. Es gibt auch einige Ansätze, die zu unnötigen Ausgaben führen können, z. B. wenn ein Personendokument anstelle eines Mail-Ins für geteilte Mailboxen verwendet wird. Wir zeigen Ihnen solche Fälle und deren Lösungen. Und natürlich erklären wir Ihnen das neue Lizenzmodell.
Nehmen Sie an diesem Webinar teil, bei dem HCL-Ambassador Marc Thomas und Gastredner Franz Walder Ihnen diese neue Welt näherbringen. Es vermittelt Ihnen die Tools und das Know-how, um den Überblick zu bewahren. Sie werden in der Lage sein, Ihre Kosten durch eine optimierte Domino-Konfiguration zu reduzieren und auch in Zukunft gering zu halten.
Diese Themen werden behandelt
- Reduzierung der Lizenzkosten durch Auffinden und Beheben von Fehlkonfigurationen und überflüssigen Konten
- Wie funktionieren CCB- und CCX-Lizenzen wirklich?
- Verstehen des DLAU-Tools und wie man es am besten nutzt
- Tipps für häufige Problembereiche, wie z. B. Team-Postfächer, Funktions-/Testbenutzer usw.
- Praxisbeispiele und Best Practices zum sofortigen Umsetzen
dbms calicut university B. sc Cs 4th sem.pdf
Its a seminar ppt on database management system using sql
Taking AI to the Next Level in Manufacturing.pdf
Read Taking AI to the Next Level in Manufacturing to gain insights on AI adoption in the manufacturing industry, such as:
1. How quickly AI is being implemented in manufacturing.
2. Which barriers stand in the way of AI adoption.
3. How data quality and governance form the backbone of AI.
4. Organizational processes and structures that may inhibit effective AI adoption.
6. Ideas and approaches to help build your organization's AI strategy.
Recently uploaded (20)
Programming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup Slides
Letter and Document Automation for Bonterra Impact Management (fka Social Sol...
Letter and Document Automation for Bonterra Impact Management (fka Social Sol...
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Trusted Execution Environment for Decentralized Process Mining
Trusted Execution Environment for Decentralized Process Mining
Azure API Management to expose backend services securely
Azure API Management to expose backend services securely
WeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation Techniques
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...
Deep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStr
Deep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStr
Generating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and Milvus
Digital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying Ahead
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
Operating System Used by Users in day-to-day life.pptx
Operating System Used by Users in day-to-day life.pptx
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
CiNPA / CiNPA Security SIG History
- 1. The CiNPA Security SIG Welcomes you! - A Brief history of CiNPA and the Security SIG August 16, 2018
- 2. Who we are / Our Journey...
- 3. CiNPA ● CiNPA is the “Cincinnati Networking Professionals Association” – Web site: http://www.cinpa.org/ ● Meets on the first Wednesday of the month – Cincinnati State Technical & Community College Workforce Development Center at 10100 Reading Road in Evendale – Starting at 7:00 p.m.
- 4. About Us ● We are the “Security” Special Interest Group (SIG) of CiNPA – A.K.A. the “CiNPA Security SIG” for short – We currently meet here in this same room! – On the third Thursday every month – Starting at 6:30 p.m.
- 5. Back in the day A long time ago in a city close, close to us…. ● When Novell NetWare was the preeminent microcomputer network operating system – Two local chapters of network professionals existed ● NetWare Professional Association (NPA) ● Institute for Network Professionals (formerly inpnet.org)
- 6. And so it begins... ● By 1996, the Cincinnati chapters of the NetWare Professional Association (NPA) and the Institute for Network Professionals (formerly inpnet.org) combined forces and merged to form CiNPA – Once known as the “Cincinnati NetWare Professional Association” – Then changing it’s name to the “Cincinnati Network Professional Association” – Before eventually adding the “ing” and “s” finally settling on the “Cincinnati Networking Professionals Association”
- 7. Then there were the “other” guys ● Another group also existed called the “Greater Cincinnati NetWare Users Group” (CincyNUG.org) – RIP, 09/15/2001 ● CincyNUG folded with waning market share for Novell NetWare, declining membership and financial costs, without an adequate cash flow ● “For people looking for similar interests with CincyNUG, the Cincinnati Network Professional Association (http://www.cinpa.org) is an alternative”
- 8. Putting this in perspective... ● CiNPA traces it’s roots all the way back to the very early 1990's ● That’s about as old as the origins of the "World Wide Web"!
- 9. CiNPA Milestones ● CiNPA became a 501(c)3 organization on December 1, 2004 ● CiNPA began charging a $35-per-year membership fee in January of 2005 – Membership is still $35 annually – As a 501(c)3, CiNPA memberships are tax deductible
- 10. CiNPA Security SIG ● Formed 08/26/2004 ● Former Chairs: – 08/26/2004 to 09/16/2005, Andy Kuykendall – 09/16/2005 to 12/01/2006, Rob Michel – 12/01/2006 to 11/05/2017, Brad Stroeh ● Current Chair: – 11/05/2017 – Present, Matt Scheurer
- 11. Hacker’s Night ● CiNPA first focused exclusively on Information Security when they began what became an annual tradition known as the CiNPA “Hacker’s Night” meetings… – Each year the CiNPA Security SIG runs the main CiNPA meeting in December dubbed “Hacker’s Night” – Always the first Wednesday in December ● Hacker’s Night (19) this year falls on 12/05/2018 – CiNPA members attend for free – Guests may attend for $5.00
- 12. More About “Hacker’s Night” ● The first ever CiNPA "Hacker's Night" meeting happened on 12/01/1999 – This event drew about 35 attendees – This was CiNPA's highest attended meeting of the year! ● “Hacker’s Night II” in 2000 drew about 55 attendees – This event was CiNPA's highest attended meeting of 2000 ● “Hacker’s Night III” in 2001 drew about 72 attendees – This event was again CiNPA's highest attended meeting of 2001
- 13. Our Meetings The CiNPA Security SIG's monthly meeting format typically consists of one or two main monthly meeting topics featuring live presentations or demonstrations promoting open and interactive group discussions. Our focus is primarily on the defensive side of information security, but we delve into all other areas of cyber- security as well. Information security news, announcements, and round-table discussions follow our main meeting topics.
- 14. Benefits of Attending ● Attendance qualifies for 2 hours of CPE or CEU credit towards certification renewals – Attendance list maintained by Matt Scheurer – Matt Scheurer is the contact person for CEU or CPE audit requests ● Maintaining awareness of new vulnerabilities and exploits ● Learning about the latest security tools, utilities, products, services, solutions, strategies, techniques, frameworks, and best practices ● Sharing of information regarding trends concerning enterprise systems and technology ● Hearing announcements of upcoming area security conferences and events ● Networking with peers in the local Information Security (InfoSec) community
- 15. Location, location, location... ● The CiNPA Security SIG has met at many locations around the Greater Cincinnati area over the years… ● And sometimes that felt like “Meet with us if you can find us!”
- 16. What does that look like?
- 17. What does that look like?
- 18. What does that look like?
- 19. What does that look like?
- 20. Thank You!