SecDSM, a monthly meetup providing the opportunity to network with other InfoSec pros and listen to short tech talks presented by your fellow members (or give a presentation yourself!) while enjoying some beer/drinks/food. No sales pitches. The idea is to provide you actionable knowledge for you to take back to your $dayjob while building a top tier InfoSec community in the Des Moines area. If you have the desire to learn about real world InfoSec scenarios - get out of your comfort zone - and join us in a relaxed vendor neutral environment. No registration is required.

Schedule

We meet monthly, on the 3rd Thursday starting at 6pm at The Forge By Pillar Technology (now part of Accenture Industry X.0) in Downtown Des Moines.

Permission to record
Permission to stream
Permission to publish recording
SecDSM 101 6:00 PM

A brief introduction to the group along with any announcements and general communication.

James Beal - SecDSM News 6:05 PM

Quick Review of the Month's InfoSec news.

Jay Urban Stop Web Application Version Disclosure in .NET on IIS

IIS and .NET disclose a lot of version number data by default that can be exploited by attackers to wreak havoc upon your web site using known vulnerabilities. Make hackers work harder to penetrate your web applications by utilizing these simple tips on stopping version information disclosure

Richard Marshall Cyber Conflict and Geopolitics: The Impact on Commercial Operations

Cyber operations, the use of software and hardware techniques, to influence government decisions and actions has been ongoing since the 1990s. The purpose has evolved from espionage, and counter-espionage, to disrupting military related activities, to disrupt critical infrastructures, to impacting a nation's economy, to influencing public opinion in a targeted country. The actors have likewise evolved from nation state actors; primarily the US, Russia, China, and Israel, to non-nation state actors; to brigands; to criminals; to hacktivists; and even script kitties. The presentation will review selected cyber operations, assess their impact, and suggest solutions and techniques to reduce their impact on commercial operations.


Richard, as Chairman of the Board of CinturionGroup, brings 20 plus years of broad executive leadership experience in the rivate and public sectors and as CEO of X-SES, an international consulting firm. He currently serves as a Strategic Advisor or on the Board of Advisors to the following corporations: Pattern Computer; Hatha Systems; GidGrid; Secure Cloud Systems; SignaCert; Consulsys; Auroras; INVNT/IP; the National Maritime Law Institute, and the Center for Understanding Change, a non-profit research center.

As the Chairman and Co-Founder of CinturionGroup, he oversees the implementation of the Trans Europe Middle East Asia fiber optic cable system from France to India and future points beyond. As the CEO of X-SES Consultants LLC, he promotes comprehensive and sustainable corporate Information Technology governance programs that create effective software assurance, supply chain risk management, standards compliance, and procurement strategies. Previously the CEO of Secure Exchange Technology Innovations, he focused on implementing international communications standards for emergency management alerting systems.

His broad experience in formulating information and cyber security strategies for the Department of Defense, drafting cyber legislation, and influencing national cyber policy initiatives for 20 plus years lends credence to his being a nationally and internationally recognized thought leader on cyber security and information related policy, legal, and technical issues.

He was the legal and strategic architect of the Nation's first Live Information Warfare Exercise (ER97) and a Contributor to the Comprehensive National Cyber Security Initiative.

He has served as a keynote speaker on cyber security related executive leadership issues at major conferences in Germany, England, India, Moldova, China, Thailand, Switzerland and the United States.

He has been a Cyber commentator on CNN, BBC, Politico; FedScoop; the New York Times and Scientific America. He served with distinction as Special Advisor to the government of Moldova on implementing their E- Gov. program and developing their national cyber security policy; Director of Global Cyber Security Management at the Department of Homeland Security; Legislative Affairs Officer at the National Security Agency; Deputy Director, Critical Infrastructure Assurance Office, Department of Commerce; and Associate General Counsel, Information Assurance, National Security Agency.

Dr. Marshall is a graduate of The Citadel, and the Georgetown University School of Law where he earned his LL.M in International and Comparative Law. Richard has represented the United States before Her Majesty's High Court of Justice in London and is licensed to practice before the Supreme Court of the United States

TOOOL Des Moines Locksport

A side room will be dedicated to locksport.


Sponsored by

SecDSM 101 6:00 PM

A brief introduction to the group along with any announcements and general communication.

James Beal - SecDSM News 6:05 PM

Quick Review of the Month's InfoSec news.

Sampson Chandler An Intro Into SDR part 1

In this presentation I will discuss the basics of SDR, the different types, what to look for when purchasing, and give a brief overview of how to build your own rogue GSM base station. With a part 2 discussing attacking and defending SDR networks.


Senior Analyst at RSA Security

TOOOL Des Moines Locksport

A side room will be dedicated to locksport.


SecDSM 101 6:00 PM

A brief introduction to the group along with any announcements and general communication.

James Beal - SecDSM News 6:05 PM

Quick Review of the Month's InfoSec news.

TOOOL Des Moines Locksport

A side room will be dedicated to locksport.


Merchandise and Donations

Shirts (and other items) are for sale online.

T-Shirt

Upcoming cons

Some members are anticipating attending the following conferences, reach out on slack to coordinate travel.

InfoWarCon

InfoWarCon 18 once again brings together a highly elite group of political, military, academic, DIYer, and commercial cyber-leaders and thinkers from around the world. We examine the current, future, and potential hostile use of cyber and related information technologies including how to neutralize the current ones. Since the initial InfoWarCon in 1994 we have hosted the event in multiple venues across the US and Europe. This year InfoWarCon runs November 1-3 with Training on Oct. 30 and 31 at the National Conference Center, Leesburg, VA.

Cost:
$400

Venue

We meet in The Forge by Pillar Technology (now part of Accenture Industry X.0). Enter on the west side of the building and then proceed up to the 2nd floor.

More info about Pillar Technology (now part of Accenture Industry X.0)

The Forge by Pillar Technology (now part of Accenture Industry X.0)

1420 Locust St, Des Moines, IA 50309

Sign up for Slack!