About our September meeting:
It will be held at the FARM LANE Branch of the MSU Federal Credit Union:
4825 E. Mt. Hope Road
East Lansing, MI 48824
Please join us for our special, two hour September chapter meeting which is joint with WM-ISACA. It’s a good opportunity to network with a variety of security professionals! Two Topics: “Bypassing Exploit Preventions” and “Big Data and Information Complexity- What You Need to Know.”
Two talks will be presented:
Topic:“Big Data and Information Complexity- What You Need to Know”
Presenter: Paul Groll, Security Architect, Michigan D.T.M.B.
As we wade into the growing hype of Data Lakes, Data Swamps, Flumes, Kafkas and Zookeepers, let’s take a breath and look at some of the science behind the complexity we are trying to tame. Are we expending our time, efforts and dollars on the correct problems? How can we leverage some of the new technologies (or any of the old!) to “design away” some of the complexity in our solutions? What are the limits? In this session we will explore the fundamental mathematics behind the complexity, and discuss some of the ways we can discover it, contain it, and where possible, reduce it.
Paul Groll is a washed-ashore marine biologist and ecosystem modeler (M.S., University of Hawaii) in his 20th year of a quest to find the perfect job at the state of Michigan. Currently, as enterprise integration and security architect, he specializes in crafting best-practice approaches to transform legacy systems and integrate disparate solutions across the enterprise. Mr. Groll shapes the use of API, ESB, messaging and related technologies to design interoperable solutions, to ensure that security, privacy and compliance are preserved, and that cost and complexity are reduced. His recent focus is real-world data management and governance, guiding the delivery and security of integrated data sharing among agencies, states and federal and 3rd-party partners. Current trends in big data and the Internet of everything have pushed his work into the realm of Hadoop and related emerging tools. Mr. Groll also holds a B.S. (Michigan State University), CISSP (ISC2), CISSO (Michigan CyberRange Mile2) and CSM (ScrumAlliance).
Topic: “Bypassing Exploit Preventions“
Presenter:Jared DeMott PhD
You’ve heard about DEP, ASLR, stack cookies, and more. These are the generic exploit mitigations from years ago. But have you heard about the latest? EMET, Isolated Heap, Deferred Free, and Control Flow Guard? Dr. DeMott will briefly describe the latest in-application protections, and talk about their strengths and weaknesses. Finally, he will describe security through isolation, and talk about why it’s an important new step forward for security.
Jared DeMott is a seasoned security researcher who has spoken at many conferences such as DerbyCon, Blackhat, DefCon, and ToorCon. Notable research relates to helping stop an exploit technique (ROP), by placing as a finalist in Microsoft’s BlueHat prize contest, and by more recently showing how to bypass Microsoft’s EMET protection tool. Jared teaches his AppSec course, has co-authored a book on Fuzzing, has been on three winning Defcon CTF teams, has been an invited lecturer at prestigious institutions such as the United States Military Academy, previously worked for the National Security Agency, and holds a PhD from Michigan State University.
We are very happy to be meeting with our colleagues from the Western Michigan chapter of ISACA (formerly known as the Information Systems Audit and Control Association)!
The meeting doors will be opened at 7:45 AM for sign-in and networking, followed at 8:00 with our speaker’s presentation. Attending this meeting earns you 2 CPE credits
Also note our fee schedule for attending this meeting:
–Current members of ISSA International: $10
–Friends and guests of the Lansing ISSA chapter: $20
–Students interested in I.T. security issues: $5