Myths, Mistakes & Outright Lifes / PCI 101 – November 28, 2007

Topic: Myths, Mistakes and Outright Lies Speaker: Kellman Meghu A lighthearted look at common pitfalls to building out a network security architecture, this presentation does not intend to be all encompassing, but to encourage people to reconsider and re-evaluate the responsibilities of network security. Open discussion on techniques, tricks and tips is encouraged. Using a […]

Securing the Network from Inside and Out – Thursday, October 25, 2007

Technical Level: Intermediate Technical Speaker: Andy Gallacher, Senior Technology Consultant, HP ProCurve As IT networks evolve and expand, defending against multiplying and varied attacks is becoming increasingly complex. Who is on the network? What are they doing? Where are they doing it from? These are all critical issues that need to be addressed and controlled. […]

Proactive Security and The Insider Threat – September 26, 2007

Topic: Proactive Security, Lessons from Star Trek Speaker: Brian O’Higgins, CTO, Third Brigade Proactive security, self-defending networks, self-healing computers…they sound more than a little like science fiction. However, we are getting closer to that dream. This talk will discuss the role that host intrusion prevention technology (HIPS) is playing in proactive security today, and where […]

Blackhat 2007 and Defcon 15 Review! – August 29, 2007

Speakers: Various Conference Attendees In this presentation, we’ll cover the highlights of each conference. The new exploits and tool releases, new research and make sure you know what you missed out on! This is the MUST ATTEND TASK event of the year. If there is any specific topic you’d like covered, be sure to contact […]

Understanding Heuristics for Virus Detection / An Objective Look at Vista Security – July 25, 2007

Topic: The Catahoula Leopard Dog – A Study in Heuristics for Virus Detection Technical Level: Non-Technical Speaker: Randy Abrams, Director of Technical Education at ESET This presentation explains what heuristics are in manner that is easily understood by non-technical users while providing information that is often new to experienced professionals as well. Users who already […]

Card Crimes – June 27, 2007

Topic: Payment Card (Skimming) Compromises and Trends. Technical Level: Non-Technical to Intermediate Speaker: Kelly Anderson, Detective Sergeant, OPP, e-Crime Section The advent of the payment card reduced complaints of NSF Cheque frauds. However the payment card system is under attack from criminals who find that the technology yields a greater payoff than cheque fraud ever […]

Securing Against Web Application Attacks – May 30, 2007

Location: Health Sciences Building, 155 College St., Auditorium Technical Level: Highly Technical Speaker: Nish Bhalla and Rohit Sethi, Security Compass Web application security continues to be one of the most pressing issues facing enterprises today. While many security experts understand the need for application threat modeling, few have actually implemented them successfully in practice. In […]

Penetration Testing Tools – April 25, 2007

Topic: Recon 2 Root Speaker: Jeremy Richards Jeremy will demonstrate the usage of BackTrack 2.0 (a live linux penetration testing distribution) to perform a staged penetration test from initial recon and knowledge gathering, to identification of logical and software vulnerabilities and, finally, the tools used to exploit these vulnerabilities. Jeremy has been performing network and […]

15min Speed Talks – Tuesday March 27, 2007

Technical Level: All Levels (Mostly technical) Topic: Introductions Presentation: Click here for PPT Speaker: Fred Hopper Topic: PCI DSS 101 An introduction to the Payment Card Industry (PCI) Security Standards Council’s Data Security Standard – what it is, where it came from and why your shop may find it useful, even if you do not […]