SecDSM, a monthly meetup providing the opportunity to network with other InfoSec pros and listen to short tech talks presented by your fellow members (or give a presentation yourself!) while enjoying some beer/drinks/food. No sales pitches. The idea is to provide you actionable knowledge for you to take back to your $dayjob while building a top tier InfoSec community in the Des Moines area. If you have the desire to learn about real world InfoSec scenarios - get out of your comfort zone - and join us in a relaxed vendor neutral environment. No registration is required.

Schedule

We meet monthly, on the 3rd Thursday starting at 6pm at The Forge By Pillar Technology in Downtown Des Moines.

SecDSM 101 6:00 PM

A brief introduction to the group along with any announcements and general communication.

James Beal - SecDSM News 6:05 PM

Quick Review of the Month's InfoSec news.

Jared Brees - Tool Talk Cheap Passive Ethernet Taps6:30PM

A built/bought hybrid approach to a passive Ethernet tap for less than $5. Covers overview of other options and potentially a brief demo.

Jared Brees - Just a geek; you can find him on Twitter at @meJaredBrees.

Eric Johnson Continuous Security: Monitoring & Active Defense in the Cloud 7:00PM

Monitoring and feedback loops from production is a critical tenant in DevOps for measuring performance, runtime errors, statistics, and changes. In the SecDevOps world, security teams can take advantage of DevOps monitoring tools to increase security visibility, identify anomalies, and respond swiftly to real time attacks. Cloud providers are offering powerful infrastructure, development, and application continuous monitoring services that generate a wealth of data. But, building continuous security monitoring on top of the data can be challenging. Where are the log files? What is the log file format? What security events are captured? How do we display meaningful metrics? Can we detect and defend in real time? This talk will start by introducing attendees to a realistic AWS environment's monitoring and active defense system. Then, let the war games begin! Attendees will have an opportunity to actively attack and inject failures into the environment. After the exercise is complete, we will hold a postmortem to review the metrics and alerts raised during the incident, determine if there were any surprises, and identify opportunities to improve the system. Attendees will walk away with actionable techniques for building an active defense framework to help protect your organization's cloud resources.


Eric Johnson - Eric Johnson is a Principal Security Consultant at Cypress Data Defense where he leads secure software development lifecycle consulting, web and mobile application penetration testing, secure code review assessments, static source code analysis, security research, and security tools development. He also founded the Puma Scan static analysis open source project, which allows software engineers to run security-focused .NET static analysis rules during development and in continuous integration pipelines. As a Certified Instructor with the SANS Institute, Eric authors application security courses on DevOps, cloud security, secure coding, and defending mobile apps. He serves on the advisory board for the SANS Securing the Human Developer awareness training program, delivers security training around the world, and has presented his security research at conferences including SANS, BlackHat, OWASP, BSides, JavaOne, UberConf, and ISSA. Eric completed a bachelor of science degree in Computer Engineering and a master of science degree in Information Assurance at Iowa State University, and currently holds the CISSP, GWAPT, GSSP-.NET, and GSSP-Java certifications. He is located in West Des Moines, IA and outside the office enjoys spending time with his family, attending Iowa State athletic events, and playing golf.

Des Moines Locksport

A side room will be dedicated to locksport.

Sponsored by

SecDSM 101 6:00 PM

A brief introduction to the group along with any announcements and general communication.

James Beal - SecDSM News 6:05 PM

Quick Review of the Month's InfoSec news.

Des Moines Locksport

A side room will be dedicated to locksport.

Sponsored by

SecDSM 101 6:00 PM

A brief introduction to the group along with any announcements and general communication.

James Beal - SecDSM News 6:05 PM

Quick Review of the Month's InfoSec news.

Des Moines Locksport

A side room will be dedicated to locksport.

Sponsored by

Merchandise and Donations

Shirts (and other items) are for sale at each meeting and online.

T-Shirt

Upcoming Events

The following events might be of interest to the SecDSM community.

Be sure to check out Des Moines Web Collective for updated list of local user groups

If you'd like to see an event listed, please email us at events@secdsm.org

Please reach out via our Slack channel or email us at events@secdsm.org if you have an idea for a presentation you would like to give.

SecKCFeb 13
SecMidwestFeb 13
SSL, 2-Factor Authentication, and More
SecICFeb 20
SecKCMar 13
SecMidwestMar 13
Social Engineering
SecICMar 20
SecICApr 17

Upcoming cons

Some members are anticipating attending the following conferences, reach out on slack to coordinate travel.

Cyphercon

Welcome to CypherCon 3.0. Wisconsin's Hacker Conference! Our conference provides hackers with an outlet to openly demonstrate and experience creativity and ingenuity through hands-on enlightening activities and thought provoking presentations and technical projects. Come listen to over a dozen security speakers, learn at our mind-blowing, but approachable villages (specializations), and relax with friends in a casual environment.

Cost:

$175 - Digital Badge

$125 - Analog Badge

Travel Details
Day Date Time
Depart Wed Apr 11
Return Saturday Apr 14 ???
BSidesIowa
Cost:
??
THOTCON

THOTCON is a hacking conference based in Chicago IL, USA. This is a non-profit, non-commercial event looking to provide the best conference possible on a limited budget.

Cost:
SOLD OUT
Schedule
Day Date Start End
Friday May 4th ?? ??
Saturday May 5th ?? ??
Travel Details
Day Date Time
Depart Thurday May 3rd
Return Sunday May 5th ???
CircleCityCon

Welcome agents to the 5th year of CircleCityCon. This time around our theme is centered around spycraft

Cost:
$100
Schedule
Day Date Start End
Friday June 1 ?? ??
Saturday June 2 ?? ??
Sunday June 3 ?? ??
Travel Details
Day Date Time
Depart Thurday May 31
Return Sunday June 3 ???
ToorCamp

the five day, open air, tech camping event

Venue

We meet in The Forge by Pillar Technology. Enter on the west side of the building and then procede up to the 2nd floor.

More info about Pillar Technology

The Forge by Pillar Technology

1420 Locust St, Des Moines, IA 50309

Sign up for Slack!