NEbraskaCERT's Cyber Security Forum
CSF Meetings are held on the third Wednesday of each month.
|
E-mail Announce List
sign up for the new csf-announce list by sending an e-mail to
csf-announce-subscribe@nebraskacert.org
July 2010 Meeting Information |
| WHAT: | Omaha's Cyber Security Forum |
| TOPIC: |
Studying Software Vulnerabilities
|
| BY: |
Dr. Robin Gandhi
UNO/NUCIA
|
| WHO: | All Nebraska/Iowa Information Security Professionals |
| WHEN: | Wednesday - July 21,
11:30 am - 1:00 pm |
| WHERE: | Johnny's Cafe
4702 South 27th Street, Omaha, NE |
| WHY: | To share information with like-minded professionals (and to share a FREE meal provided you RSVP!) |
| HOW: | Please RSVP to csfrsvp "at" NEbraskaCERT.org and provide name, company, phone and email address by Close Of Business Monday, July 19th. |
| DESCRIPTION: |
Those who do not learn from past vulnerabilities are bound to repeat it. Consequently, there have been several research efforts to enumerate and categorize software weakness that lead to vulnerabilities. To consolidate these efforts, the Common Weakness Enumeration (CWE) is a community developed dictionary of software weakness types and their relationships. Yet, using the CWE to study and prevent vulnerabilities in specific software projects is difficult. Information about a discovered vulnerability exists in multiple sources such as log of code changes, source code differences, developer mailing list discussions around bugs, bug tracking databases, vulnerability databases and public media releases. This talk introduces a novel approach for using the CWE to organize and integrate the vulnerability information recorded in large project repositories.
|
| | |
| | |
The NEbraskaCERT operates a Certificate Authority for use by Information Security professionals.
Certificates are available for Non-Profit SSL webservers. Call for information |
|
Notes:
-
If you aren't on the csf-announce list and would like to be you can sign up for the new csf-announce list by sending an e-mail to
csf-announce-subscribe@nebraskacert.org
-
If you need a CPE form for attending the talk please let us know in your reseveration. So we can make sure to bring enough printouts.
|
| Previous Meetings |
July 2010 Meeting - Standards in reporting software flaws: SCAP, CVE and CWE - Part 2
Discussion Host - Dr. Robin Gandhi
UNO/NUCIA
Download July 2010 Slides .pdf format
|
June 2010 Meeting - Web Attacks and How to Stop Them
Discussion Host - John M. Rogers
Lincoln Financial Group
Download June 2010 Slides .pdf format
|
May 2010 Meeting - Standards in reporting software flaws: SCAP, CVE and CWE - Part 1
Discussion Host - Dr. Robin Gandhi
NUCIA
Download May 2010 Slides .pdf format
|
March 2010 Meeting - EasyHook: Down & Dirty with Microsoft Windows
Discussion Host - Aaron Grothe
NEbraskaCERT
Download March 2010 Slides .pdf format
|
February 2010 Meeting - Risk, Security, Control.
Discussion Host - Dr. Vasant Raval
Creighton University
Download February 2010 Slides .pdf format
Download February 2010 Slides .ppt format
|
January 2010 Meeting - Internet Safety Evangelism
Discussion Host - Kevin Russell, CISSP
Infogroup
Download January 2010 Slides .pdf format
Download January 2010 Slides .ppt format
|
October 2009 Meeting - Prudent Patching
Discussion Host - Bob McCoy, MCSE, CISSP/ISSAP
Microsoft Services
Download October 2009 Slides
|
July 2009 Meeting - Attack and Penetration Testing 101
Discussion Host - Paul Petefish, Solutionary
Download July 2009 Slides
|
|
|
May 2009 Meeting - A Discussion of Breach Reports
Discussion Host - Ron Woerner, CISSP
Download May 2009 Slides
|
|
|
March 2009 Meeting - Linux Virus Writing a Howto
Discussion Host - Aaron Grothe/NEbraskaCERT
Download March 2009 Slides
|
|
|
February 2009 Meeting - NUCIA & Capture The Flag (CTF)
Discussion Host - Jonathan Bender - UNO/NUCIA
Download February 2009 Slides
Download UCSB iCTF Scores
Download UCSB iCTF Charts
|
January 2009 Meeting - The Underground Economy - Where does the Money go?
Discussion Host - Jeff Guilfoyle - Symantec
Download January 2009 Slides
|
November 2008 Meeting - Free Forensic Tools
Discussion Host - Matt Churchill - Continuum Worldwide
Download November 2008 Slides
|
October 2008 Meeting - Incident Response
Discussion Host - Bill Hayes
Download October 2008 Slides
Download IR Procedure Example
|
September 2008 Meeting - User Account Control (UAC): Under the Covers
Discussion Host - Bob McCoy/Microsoft
Download September 2008
|
June 2008 Meeting - 45 Tools that Every Security Professional Should Know About
Discussion Host - Aaron Grothe/NEbraskaCERT
Download June 2008
|
May 2008 Meeting - Vulnerability tracking in 3rd party software
Discussion Hosts - Charlie Collins & Sid Sidner, ACI Worldwide
Download May 2008
|
March 2008 Meeting - NUCIA's & the UCSB Capture the Flag competition
Discussion Hosts - Steve Nugen, Luke Wentz, Jonathan Bender and Brian Wachter
Download March 2008
|
February 2008 Meeting - Truly Paranoid Shopping
Discussion Host - Aaron Grothe, NEbraskaCERT
Download February 2008
|
January 2008 Meeting - Changes in Forensics with Windows Vista
Discussion Host - Daniel Cotton
Download January 2008
|
November 2007 Meeting - Botnets and Beyond
Discussion Host - Bill Hayes
Download November 2007
|
October 2007 Meeting - My Love-Hate Relationship with U3 devices
Discussion Host - A.J. Newmaster
Download October 2007
|
September 2007 Meeting - Metasploit 3.0
Discussion Host - Aaron Grothe
Download September 2007
|
|
|
July 2007 Meeting - Microsoft Windows Powershell
Discussion Host - Bob McCoy, Microsoft
Download July 2007
|
|
|
May 2007 Meeting - Securing the new Web 2.0 Frontier
Discussion Host - Ron Woerner, ConAgra Foods
Download May 2007 - PDF format
Download May 2007 - Powerpoint format
|
|
|
March 2007 Meeting - Is Your Network a Sitting Duck for Attackers?
Discussion Host - Matt Harkrider, Alert Logic
Website Alert Logic Homepage
Download March 2007
|
February 2007 Meeting - SSH Hardening for the Enterprise
Discussion Host - Matt Payne, CISSP
Website Most recent version
Download February 2007
|
November 2006 Meeting - Hacker Profiling Project: Looking into the Hackers Mind
Discussion Host - Aaron Grothe, CISSP
Download November 2006
|
October 2006 Meeting - Hardening Microsoft Windows XP - Part 2
Discussion Host - Steve Nugen, CISSP
Download October 2006
|
September 2006 Meeting - Hardening Microsoft Windows XP - Part 1
Discussion Host - Steve Nugen, CISSP
Download September 2006
|
July 2006 Meeting - J2EE Security - JEE (gee2) Security
Discussion Host - Matt Payne, CISSP
Download July 2006
|
June 2006 Meeting - Non Admin Today on Windows XP
Discussion Host - Bob McCoy, CISSP/ISSAP, MCSE
Download June 2006
|
May 2006 Meeting - Know/Nmap Your Network
Discussion Host - Aaron Grothe, CISSP
Download May 2006
|
Mar 2006 Meeting - Select Issues from the Microsoft CSO Summit 2006
Discussion Host - Mick Atteberry, CISSP
Download March 2006
|
|
|
Feb 2006 Meeting - Certified Ethical Hacker (CEH)
Discussion Host - Ron Woerner, CISSP/CEH
Download February 2006
|
Jan 2006 Meeting - AJAX Securely
Discussion Host - Matt Payne, CISSP
Download January 2006
|
|
|
Nov 2005 Meeting - 35 or So Tools/Sites Every Computer Security Professional should know about
Discussion Host - Aaron Grothe
Download November 2005
|
Oct 2005 Meeting - Spyware Countermeasures in the Enterprise
Discussion Host - Bill Hayes
Download October 2005
|
Sep 2005 Meeting - Notes and Observations from RAID 2005
Discussion Host - Steve Nugen, CISSP
Download September 2005
|
July 2005 Meeting - Microsoft Windows XP Shared Computer Toolkit (Beta)
Discussion Host - Bob McCoy, CISSP
Download July 2005
|
June 2005 Meeting - Google Hacking
Discussion Host - Matt Payne, CISSP
Download June 2005
|
May 2005 Meeting - OSSTMM - Open Source Security Testing Methodology Manual
Discussion Host - Aaron Grothe, CISSP
Download May 2005
Download OSSTMM English 2.1 Manual
|
March 2005 Meeting - Open Source Software Development Methodologies
Discussion Host - Matthew Marsh, Chief Scientist/NEbraskaCERT
|
February 2005 Meeting - Your Information Security Silver Bullet
Discussion Host - George McMullin, CISSP
|
January 2005 Meeting - Undergraduate and Graduate Programs in Information Assurance
Discussion Host - UNO/PCI NUCIA (http://nucia.ist.unomaha.edu)
|
December 2004 Meeting - No Meeting
|
November 2004 Meeting - Microsoft Windows SP2: 90 days out and Windows 2003 SP1
Discussion Host - Bob McCoy, CISSP
|
September 2004 Meeting - MetaSploit
Discussion Host - Aaron Grothe, CISSP
Download September 2004
|
August 2004 Meeting - NO MEETING
NEbraskaCERT Conference 2004 - August 3-5, 2004
Conference Website
|
July 2004 Meeting - Patch Management
Discussion Host - Ron Woerner, CISSP
Download July 2004
|
June 2004 Meeting - Portknocking - Stealth Authentication
Discussion Host - Thomas Harrison
Download June 2004
|
May 2004 Meeting - Solaris Security
Discussion Host - Roy Gertig - CISSP, SCSA, IAM, Security+
Download May 2004
|
April 2004 Meeting - CyberPatriot
Discussion Host - Ron Ross, PhD, NIST
Download April 2004
|
March 2004 Meeting - Auditing Linux
Discussion Host - Michael Hoesing, CISA, CISSP
Go to March 2004
|
February 2004 Meeting - Security Credentials
Discussion Hosts - Aaron Grothe, CISSP, and Bob McCoy, CISSP
Download Aaron's PPT and Bob's PPT
|
January 2004 Meeting - Common Sense Auditing
Discussion Host - Rex Baker, CISSP, CISA
|
December 2003 Meeting - Trustworthy Computing
Discussion Host - Bob McCoy, Technical Account Manager Microsoft, CISSP
PDF available here.
|
November 2003 Meeting - Wireless: Good, Bad, Ugly
Discussion Host - Timothy O'Brien, NSA-IAM
PDF available here.
|
October 2003 Meeting - MySQL Security
Discussion Host - Mat Caughron
PDF available here.
|
September 2003 Meeting - Forensic Toolkits
Discussion Host - Aaron Grothe
PDF available here.
|
August 2003 Meeting - Certificate Authorities
Discussion Host - Matthew G. Marsh
PPT available here.
Microsoft MSBlaster Information by Bob McCoy PPT here.
|
July 2003 Meeting - Security Assessment Methodologies
Discussion Host - Stephen M. Nugen
PDF available here.
|
June 2003 Meeting - Computer Forensics
Discussion Host - Bill Kuck
PowerPoint unavailable here.
|
May 2003 Meeting - SSH Tricks
Discussion Host - Matthew G. Marsh
PowerPoint available here.
|
April 2003 Meeting - VoIP & SIP
Discussion Host - Rex Brown
PowerPoint unavailable here.
|
March 2003 Meeting - Web Services
Discussion Host - Matthew G. Marsh
PowerPoint available here.
|
February 2003 Meeting - SQL Injection
Discussion Host - Steven Nugen, CISSP
PowerPoint available here.
|
January 2003 Meeting - Secure Development
Discussion Host - Ron Woerner, CISSP
PowerPoint available here.
|
