Menu

Monthly Meeting - February 26, 2018

Purple Team something something...

Register for Monthly Meeting

Presenters: Brad Beltman & Ben Schmitt

 

Description:

This talk takes a look at several red team techniques, then walks through blue team mitigations to each. The goal is to get teams working together more effectively to strengthen security.

Bios:

Brad Beltman

Brad is a consultant with SecureWorks doing full time web application penetration testing.

He has a masters degree in Information Assurance from Dakota State University. Certifications include OSCP, GWAPT, GPEN, GCIH, GCED, and CISSP. When not on a computer, Brad is usually tormenting his wife, playing with his two kids, or playing guitar.

Ben Schmitt

Ben Schmitt is the VP of Information Security for Dwolla leading the company’s security team and internal IT operations. Prior to this role, Ben held the position of Global Director, IT Security & Compliance at the Danfoss Group responsible for Network and Application security with a focus on ERP systems. Ben started his InfoSec career with TDS Telecom covering ISP and Enterprise security as a Security Architect.

Where:

FBL Financial
5400 University Ave
West Des Moines, IA 50266

Read more...

Monthly Meeting - January 22, 2018

IT Security Investment

Register for Monthly Meeting

Presenter: Casey Decker, CIO at FBL Financial Group, Inc.

 

Description:

Overview of budgeting and expense planning for Information Security. Discussions on expense ratios, prioritization and risk management when making decisions on security investments.

Bio:

Casey Decker was named Chief Information Officer for FBL Financial Group, Inc. in June 2016. Decker joined FBL in 2004 and progressed through various information technology roles, leading to Business Technology Vice President. Since 2014, Decker served as Agency Support Vice President, leading the team that provides strategies and solutions to support agents in growing successful and sustainable businesses.

Prior to joining FBL Financial Group, Decker was the Director of Technology for a not-for-profit organization in Chicago with responsibilities for creating and leading programs that improved information systems capabilities for various social service agencies and public schools. Decker holds a bachelor's degree from Drake University and a master's degree in Management of Information Systems from DePaul University. He serves on the boards of directors of the Food Bank of Iowa, Junior Achievement, the Global Insurance Accelerator and as a member of the Education Cabinet for United Way of Central Iowa.

Where:

FBL Financial
5400 University Ave
West Des Moines, IA 50266

Read more...

Monthly Meeting - August 28, 2017

Security Architecture: How to move projects forward without getting pwned

Register for Monthly Meeting

Presenter: Aaron Tikeepe

 

Description:

When discussing architecture, security professionals tend to focus on the more technical aspects of a project: which firewall to buy, what sort of encryption is in use, etc. These technical considerations are often the easiest part of a project. This presentation will cover the types of projects a security architect may encounter, specific challenges associated with each, and will provide a high level methodology for helping move projects forward.

Bio:

Aaron Tikeepe is an IT Security Architect at Kum & Go, responsible for IT Security and PCI compliance. He is currently dual enrolled in Upper Iowa's MBA program and Iowa State's Masters in Information Assurance program. When he is not studying, Aaron enjoys spending time with his family, participating in CTFs, and playing guitar.

Where:

FBL Financial
5400 University Ave
West Des Moines, IA 50266

Read more...

Monthly Meeting - July 24, 2017

TLS in practice including the road to v1.3

Download Slide Deck

Presenter: Ben Schmitt

 

Description:

Even though TLS remains one of the leading solutions to provide confidentiality and integrity of data moving across networks, it has a dubious past. We will do a quick review of its predecessor (SSL) and discuss TLS in present times including learning from our past mistakes. More specifically, we will discuss the move to v1.2 and what v1.3 has to offer for speed, implementation and perhaps most importantly, confidentiality. Best practices, analysis, evaluation criteria (including what we should expect from solutions) and cryptographic options will be covered.

Bio:

Ben Schmitt is the VP of Information Security for Dwolla leading the company’s security team and internal IT operations. Prior to this role, Ben held the position of Global Director, IT Security & Compliance at the Danfoss Group responsible for Network and Application security with a focus on ERP systems. Ben started his InfoSec career with TDS Telecom covering ISP and Enterprise security as a Security Architect.

Where:

FBL Financial
5400 University Ave
West Des Moines, IA 50266

Read more...

Monthly Meeting - June 26, 2017

Everybody says it.....Why defense in-depth is so important

 Download presentation slides here.

Presenter: Brad Beltman

 

Description:

Everybody recommends "defense in-depth", and for good reason. Many orgs implement this in the form of products: firewalls, WAFs, IPS, SIEMs, etc. These are all great things, but what are often overlooked are the details in securely configuring applications and systems. This presentation is a case study of how lower-severity configuration issues can be combined into one big vulnerability, using a real-life application as an example.

Bio:

Brad is a consultant with SecureWorks doing full time web application penetration testing.

He has a masters degree in Information Assurance from Dakota State University. Certifications include OSCP, GWAPT, GPEN, GCIH, GCED, and CISSP. When not on a computer, Brad is usually tormenting his wife, playing with his two kids, or playing guitar.

Where:

FBL Financial
5400 University Ave
West Des Moines, IA 50266

Read more...