SecDSM 101 6:00 PM

A brief introduction to the group along with any announcements and general communication.

James Beal - SecDSM News 6:05 PM

Quick Review of the Month's InfoSec news.

Brandon Murphy and anyone else who wants to participate - Tool Talk A Discussion - Phishing Investigation Maturity Model6:30pm

During internal discussions of threat intelligence service offerings we found that many existing maturity models for information security practices indicate that threat intelligence is a service "enhancer" used to increase the maturity of other services, vulnerability management is a good example. However, there wasn't much information regarding a maturity model of the threat intelligence services that enhance those other services.
This open discussion will center around describing the qualities of phishing investigations at different levels of maturity based on the 4 tier model from the NIST Cyber Security Framework.

Andy Robbins and Rohan Vazarkar BloodHound: He Attac, but he also Protec7:00pm

In this talk, we hope to entertain and educate on the basics and advanced usage of BloodHound, whether you are on offense or defense (or both!). We'll explain attack primitives, the graph technology, BloodHound's UI, and some cool stuff you can do outside the UI as well

Andy Robbins and Rohan Vazarkar work together at SpecterOps on the Adversary Resilience team, and both also continue to execute red team engagements and network penetration tests. Along with Will Schroeder, Andy and Rohan created BloodHound, an Active Directory attack map analysis tool released at DEF CON 24

TOOOL Des Moines Locksport

A side room will be dedicated to locksport.