SecDSM, a monthly meetup providing the opportunity to network with other InfoSec pros and listen to short tech talks presented by your fellow members (or give a presentation yourself!) while enjoying some beer/drinks/food. No sales pitches. The idea is to provide you actionable knowledge for you to take back to your $dayjob while building a top tier InfoSec community in the Des Moines area. If you have the desire to learn about real world InfoSec scenarios - get out of your comfort zone - and join us in a relaxed vendor neutral environment. No registration is required.
Schedule
We meet monthly, on the 1st Thursday starting at 6pm at Foundry Distilling Company in West Des Moines.
Nicholas Starke Introducing Embedded Linux Audit: A Toolkit for Performing Security Analysis of Embedded Devices7:00 PM
Anyone who has done an embedded device security audit can attest to some of the struggles with doing these types of evaluations: libraries are missing, code has to be statically compiled to run usually - and cross compiled for another CPU architecture. Trying to debug a process is usually a non starter due to these problems and others.
I developed a tool, dubbed "Embedded Linux Audit" (https://github.com/nstarke/embedded_linux_audit) to help alleviate some of these troubles, plus also make it possible to "remotely" audit an embedded device. This talk will cover what the tool is, how it works, and some of my motivations for developing such a tool.
The second part of the talk will focus on how this project was developed using the latest in AI assisted development tools, which allowed me to "punch above my weight" in terms of writing code I probably could have never written myself.
Nick Starke is an embedded device and firmware security researcher. When he isn't hacking, he likes playing with synthesizers
