ReginaSANS Institute - Upcoming Security Presentations
The SANS Institute is proud to host a special evening of security featuring presentations by Larry Pesce, SANS Instructor and host of pauldotcom Security Weekly and Rick Wanner, SaskTel Corporate Security and Incident Handler, Internet Storm Center.Location: Regina Inn
Date: Wednesday March 25th,
Time:
6:00 to 7:00 PM - Meet and Greet. Appetizers and beverages will be served.
7:00 to approximately 9:00 PM. Presentations.
This event is free, but you must RSVP to coins@sans.org if you would like to attend.
More information can be found at https://www.sans.org/saskatchewan09_cs/special.php
----
Presentations:
Document Metadata, the Silent Killer
- Larry Pesce
This presentation looks at tools and methods for auditing metadata available via the internet in common file types. We'll show examples of the tools, how to acquire the electronic documents (and the associated risks), and how to analyze the data. We'll use a real world scenarios using some of the tools to conduct reconnaissance, and how we can utilize the information we've gathered to deliver a specific, targeted client side attack with high confidence that it will be successful. Larry will show how often forgotten document metadata can lead to getting you owned
Essentials of Penetration Testing
-Rick Wanner
Why should you do penetration testing? Because if you aren't testing your network assets...the bad guys will! Who would you prefer find the problems? This presentation takes a practical look at why every organization should utilize penetration testing as one of the tools in its security arsenal. It looks at the basics of penetration testing by outlining the steps involved as well as the open-source and commercial tools that can be utilized to complete your penetration test. This session is ideal for IT personnel who are interested in and/or responsible for security and who would like to know more about the art of penetration testing.
Bios:
Larry Pesce's BIO:
PaulDotCom Enterprises
Larry Pesce is the Manager for Information Services Security and Disaster Recovery at a mid-sized healthcare organization in New England. In the last 13 years in the computer industry, Larry has become a jack of all trades; PC repair, Network Engineering, Web Design, Non-Linear Audio and Video production and Computer Security. Larry is also gainfully employed as a Penetration Tester / Ethical Hacker with PaulDotCom Enterprises, and leads the research efforts in many areas, including projects such as "Evil" USB thumb drives, hiding rogue access points, and tinkering with wireless, RFID and metadata. A graduate of Roger Williams University in Computer Information Systems, Larry is currently exploring his options for graduate education. In addition to his industry experience, Larry is also a Security Evangelist and co-host for the PaulDotCom Security Weekly podcast at http://pauldotcom.com. More of Larry's writing, guides and rants can be found on the PaulDotCom blog and the SANS Reading Room.
Rick Wanner BIO:
Corporate Security SaskTel
In his 20+ years in IT Rick has worked in most aspects of security from firewall analyst, security architect, security integration specialist, security consultant, business continuity planning, policy development, compliance assessment, and penetration tester. Rick is currently employed as a security manager in Corporate Security at SaskTel. Rick is also active in numerous other aspects of the information security community. He volunteers as an incident hander with the Internet Storm Center (isc.sans.org), participates in numerous projects with SANS and GIAC including the annual Top 20 vulnerabilities list, courseware development and revision, GIAC Gold advisor, SANS Advisory Board, and as a Director in Training for the SANS Technical Institute. Rick also participates in the ethics side of IT and information security as one of the founding members, and past chair of the GIAC Ethics Council and as a founding member of the CIPS Saskatchewan Professional Conduct Committee. Rick holds GIAC GSEC, GCFW, GCIH, GSNA, GCIA, GHTQ, and GREM and is currently completing his MSISE with SANS Technology Institute. Rick also publishes a blog at http://rwanner.blogspot.com/ and has a number of papers published at http://infosecwriters.com/ and in the SANS Reading Room.