Welcome to our chapter website!

Established in 1991, the mission of the Ottawa Chapter of the Information Systems Security Association (ISSA) is to provide a friendly, interactive environment for those with an interest in information security. Through meetings, guest speakers, discussion forums, this website and the concerted efforts of our members, we strive to accomplish this goal. These local Chapter level benefits are augmented by the advantages of membership in ISSA International which provides an e-newsletter, educational online webinars, and partnerships with other IT security organizations many of whom offer discounts to ISSA members.

All of this is aimed towards helping members be more effective in their work both technically and personally, and towards providing professional development opportunities.

 

ISSA Ottawa will be following the recommendations and guidelines from health officials during the current COVID-19 outbreak.

As a result, all gatherings including meetings and events have been suspended.
We are considering holding virtual meetings until further notice.

We will provide updates in future, so please check again.

* * *

 

 

NEXT CHAPTER MEETING

2020-11-26 Web Meeting

November 26, 2020
5:45 PM - 8:30 PM

 Add to Calendar

Web meeting

ATTENTION  !!

Given our current "stay at home" isolation due to the COVID-19 outbreak,
our November meeting will consist of a web meeting from the comfort of your own home.

Please refer to the Notes section below for instructions to register for the web meeting.
Registration will close at 17:00 hrs on November 26, 2020.

 

 

Presentation -

This is one of a series of talks RKSec is giving on attack scenarios your VMP might not immediately alert you to, though their indicators are present in the results in the form of multiple lower-risk findings. In this talk we show how name resolution, in combination with attacking authentication protocols with some lack of session integrity can lead to domain compromise from either an insider with a domain account or even from a non-domain joined computer. The talk will discuss the relevant detects to look for in vulnerability scan results and how we piece them together in an attack demo.

 

 

Presenter - Mike Sues

Mr. Sues, co-CEO/Senior Ethical Hack Specialist with Rigel Kent Security, CEO/Vulnerability Researcher with Cryptid Labs and co-CEO of Invariant Security is an experienced Penetration Tester, Red Teamer, Vulnerability Researcher and Security Trainer with an extensive background in Cyber Exercises as well as operational Red Teaming/Penetration Testing and the identification of new vulnerabilities in applications and operating systems. Mr. Sues develops tools and exploits, specializing in the development buffer overflow technology for use in assessing client systems. In doing so, he has reverse engineered many commercial and custom UNIX and Windows-based and mobile applications as well as protocols and Operating System components to locate and analyze vulnerabilities or understand the software’s operation. As well, he has evaluated many vendor products, commercial and proprietary encryption algorithms, operating systems, network services, SANs, routers, and firewalls such as Checkpoint and CISCO PIX/ASA firewalls and has performed local host vulnerability assessments of firewalls, routers/switches, Windows Servers and Solaris/UNIX/Linux systems. Mr. Sues is also co-founder of the COUNTERMEASURE series of security conferences and training events held in Ottawa, Canada with the most recent held in October of 2020.

 


Agenda

5:45 pm - Waiting Room open for check-in / Networking
6:00 pm - Brief welcome
6:15 pm - Presentation
(followed by Q & A)
8:30 pm – End of the event

 

NOTES

 

 

  • CPE points can be recorded for attending, according to the relevant certification guidelines for CPE reporting.  A certificate of attendance will be sent via e-mail.