SecDSM, a monthly meetup providing the opportunity to network with other InfoSec pros and listen to short tech talks presented by your fellow members (or give a presentation yourself!) while enjoying some beer/drinks/food. No sales pitches. The idea is to provide you actionable knowledge for you to take back to your $dayjob while building a top tier InfoSec community in the Des Moines area. If you have the desire to learn about real world InfoSec scenarios - get out of your comfort zone - and join us in a relaxed vendor neutral environment. No registration is required.
Schedule
We meet monthly on the 3rd Thursday of every month starting at 6pm at The Forge By Pillar Technology in Downtown Des Moines.
SecDSM 101 6:00 PM
A brief introduction to the group along with any announcements and general communication.
James Beal - SecDSM News 6:05 PM
Quick Review of the Month's InfoSec news.
Capture The Flag Event6:30 PM
SecDSM will be hosting a Capture the Flag (CTF) event created by ProCircular. If you've never participated in a CTF, or even if you're a pro, bring your laptop to participate in this educational hands on event.
This month’s meeting will be a CTF involving a fictitious windows/linux corporate network. There will be an ESXi host that will have all of the VMs on it. Teams will physically connect to a switch to play, wireless will also be available. Teams of 3-5 would be ideal. A scoreboard will be projected on a screen to watch team’s progress. A challenge coin will be awarded to the first team to complete the challenge.Challenge scenario:
Damien Sploit, CEO of Sploit Market Research, framed my brother for a financial crime he committed in 2014. My brother is currently living out his days in jail thanks to being wrongfully charged. My team and I know he is innocent, and to prove it, we need to find the evidence of Mr. Sploit committing the crime. To do this, we must infiltrate Sploit's network, steal the evidence, and get out unnoticed in the next two hours.
**Disclaimer**: This is a game to teach attacker/defender skills. SecDSM/Procircular in no way support or encourage illegal activities of any kind.
Des Moines Locksport
A side room will be dedicated to locksport.
SecDSM 101 6:00 PM
A brief introduction to the group along with any announcements and general communication.
James Beal - SecDSM News 6:05 PM
Quick Review of the Month's InfoSec news.
Jason Williams Filleting da Phish6:30 PM
There is a lot more under the surface than Phishing 101 and best practices would have you believe. Let's talk about phishing backends, obfuscations, encryptions, web sockets, and get in it. This is not a 101 talk, you know what phishing is. We're going to dive in and look at examples of how things work and look at some Emerging Threats IDS rules that can show how we can better detect these jerks
Jason Williams is a Senior Threat Analyst on the Emerging Threats Research team at Proofpoint and a Trainer/Core Team member at the OISF.
Des Moines Locksport
A side room will be dedicated to locksport.
Sponsored by CDW
SecDSM 101 6:00 PM
A brief introduction to the group along with any announcements and general communication.
James Beal - SecDSM News 6:05 PM
Quick Review of the Month's InfoSec news.
Des Moines Locksport
A side room will be dedicated to locksport.
Sponsored by Check Point Software Technologies
Merchandise and Donations
Shirts (and other items) are for sale at each meeting and online.
Upcoming Events
The following events might be of interest to the SecDSM community.
Be sure to check out Des Moines Web Collective for updated list of local user groups
If you'd like to see an event listed, please email us at events@secdsm.org
Please reach out via our Slack channel or email us at events@secdsm.org if you have an idea for a presentation you would like to give.
August ISSA meetingAugust 28, 2017 11:30AM-1:00PM
FBL Financial, 5400 University Ave, West Des Moines, IA.Upcoming cons
Some members are anticipating attending the following conferences, reach out on slack to cordinate travel.
CornCon
CornCon III: The Courne Ultimatum
Cost:
Friday Professional Development Workshop tickets $125 (both days $175)
Adult CornCon tickets $75
Kids Hacker Camp $35
BroCon
BroCon ’17 offers the Bro community a chance to meet face-to-face, share new ideas, and better understand and secure our networks. The conference is composed of presentations from members of the community and the Bro Development team.
Cost:
$100 - estimated
Schedule
| Day | Date | Start | End |
|---|---|---|---|
| Tuesday | Sept 12 | ?? | ?? |
| Wednesday | Sept 13 | ?? | ?? |
| Thursday | Sept 14 | ?? | ?? |
Travel Details
| Day | Date | Time | |
|---|---|---|---|
| Depart | Monday Or Tuesday | Sept 11 or 22 | |
| Return | Thursday | Sept 14 | ??? |
BSidesAugusta 2017
Each BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of space and time. It creates opportunities for individuals to both present and participate in an intimate atmosphere that encourages collaboration. It is an intense event with discussions, demos, and interaction from participants. It is where conversations for the next-big-thing are happening.
Cost:
$20
Derbycon Training
DerbyCon isn’t just another security conference. We’ve taken the best elements from all of the conferences we’ve ever been to and put them into one. DerbyCon is a place you can call home, where you can meet each other, party, and learn. Our goal is to create a fun environment where the security community can come together to share ideas and concepts. Whether you know Linux, how to program, are established in security, or a hobbyist, the ideal of DerbyCon is to promote learning and strengthen the community.
Cost:
$50 - estimated
Derbycon
DerbyCon isn’t just another security conference. We’ve taken the best elements from all of the conferences we’ve ever been to and put them into one. DerbyCon is a place you can call home, where you can meet each other, party, and learn. Our goal is to create a fun environment where the security community can come together to share ideas and concepts. Whether you know Linux, how to program, are established in security, or a hobbyist, the ideal of DerbyCon is to promote learning and strengthen the community.
Cost:
$175
MISC CONF
The Minnesota Information Security Community understands that the success of security is cross-disciplinary and relies on skills and knowledge from multiple domains of knowledge. The Minnesota Information Security Community is a local group with nationwide contacts in all areas of information security and skill levels from entry level to Vice Presidents and CEOs of major Security firms.
Cost:
$50 - estimated
Schedule
| Day | Date | Start | End |
|---|---|---|---|
| Saturday | Oct 21 | ?? | ?? |
| Sunday | Oct 22 | ?? | ?? |
Travel Details
| Day | Date | Time | |
|---|---|---|---|
| Depart | Friday | Oct 20 | |
| Return | Sunday | Oct 22 | ??? |
GrrCon
GrrCON is an information security and hacking conference that provides the Midwest InfoSec community with a fun atmosphere to come together and engage with like minded people. We keep GrrCON small with around 1,500 attendance to allow us to provide those things other events leave out. Whether you are a Fortune 500 executive, security researcher, industry professional, student, or a hacker of flexible morals you will find something for you at GrrCON.
Cost:
$50 - Student
$90 - Early Bird
$150 - GA
$350 - VIP
Schedule
| Day | Date | Start | End |
|---|---|---|---|
| Thursday | Oct 26 | ?? | ?? |
| Friday | Oct 27 | ?? | ?? |
Travel Details
| Day | Date | Time | |
|---|---|---|---|
| Depart | Wednesday | Oct 25 | |
| Return | Saturday | Oct 28 | ??? |
Wild West Hacking Fest
This conference is going to be about breaking things. Non-standard things. Often, this is called “Stunt hacking”. Or, it can be called hacking of the Internet of Things (IoT). The best example one hears about is hacking a toaster, or a fridge. Each of these exploits teach us all something about the type of testing we should be doing in our own organizations. It is these non-standard devices that are going to lead to the next wave of rampant security vulnerabilities that we’ll need to address and remediate. Unfortunately, we do not have a Patch Tuesday for these devices. Much like the Wild West, the IoT is a new frontier – it’s wild, untamed and full of amazing opportunities! Saddle up, grab your lasso, and join us for this adventure!
Cost:
$100 - Early Bird
$250 - GA
Schedule
| Day | Date | Start | End |
|---|---|---|---|
| Friday | Oct 27 | ?? | ?? |
| Saturday | Oct 29 | ?? | ?? |
Travel Details
| Day | Date | Time | |
|---|---|---|---|
| Depart | Thurday | Oct 26 | |
| Return | Sunday | Oct 29 | ??? |
Venue
We meet in The Forge by Pillar Technology. Enter on the west side of the building and then procede up to the 2nd floor.
More info about Pillar Technology
The Forge by Pillar Technology
1420 Locust St, Des Moines, IA 50309