September 2020 Monthly Joint Meeting with South Florida OWASP

South Florida ISSA Chapter
South Florida ISSA Chapter
Public group

Online event

This event has passed


NOTE: This is a virtual meeting due to ongoing COVID-19. You'll get the meeting's URL when you RSVP.

SFISSA & SFOWASP Joint Meeting. Two talks + Networking.

***Talk 1***
Speaker: Rohini Sulatycki, Security Architect at Twilio

Title: Things to Know When Securing Your AWS Cloud

Abstract: If you have applications/services running in AWS or are planning on running applications/services in AWS then understanding the security of your AWS cloud is key. This talk will provide important insights into understanding the differences between on-prem and cloud security, including the shared responsibility model. Then we will review architecting and securing systems in AWS and an explanation of concepts such as accounts, regions, AZs, VPCs, subgroups, NACLs, etc. We will discuss encryption including KMS and HSM. We'll also review AWS-provided security or related tools such as AWS Inspector, GuardDuty, CloudWatch, CloudTrail, etc. Finally, we'll discuss some best practices and recommendations that have been obtained from running large workloads in AWS.

Speaker's Bio: Rohini Sulatycki is an experienced security architect who has setup Application Security programs and is considered an AppSec Innovator. She specializes in architecture, with strong background and skills in multiple areas of security, including cloud security, telecom security, application & mobile penetration testing. Rohini has conducted Secure Development Training classes for clients worldwide. Rohini is a past President of the Kansas City OWASP chapter and is the current Co-chair OWASP the South Florida chapter. She is also an AWS Certified Solutions Architect. She may be reached at

***Talk 2***
Speaker: Stephanie T, Sr ISSO at KratosDefense. Jorge Flores, Security Analyst III at Arthex

Title: Pass Your Security Certification Exam in One Try

Abstract: Information Security certifications have become important in recent times. For one, the right certification serves as a third-party validation of your skills/knowledge. For another, certain organizations require specific certification(s) for employment. However, security certification exams can be difficult and challenging test for many reasons, especially if you are a weak test taker. In this session we discuss our journeys and experiences using CISSP as an example and how we were able to pass it. We'll discuss tips, tools, and training programs that helped us pass the challenging exam.

Speaker’s Bio: Stephanie Thomaston is a military veteran with 10+ years’ service in both the United States Navy & Air Force Reserves. She is currently in the Air Force Reserves as a Cyber System Operation Specialist with the 482nd Cyber Mission Defense Team protecting critical assets. She is also currently at Kratos Defense as a Sr Information System Security Officer for Army Intelligence and Security Command where she is the principal advisor on information systems security, including classified networks maintenance. Stephanie is an active doctoral candidate of the Executive Doctor of Business Administration in Information Security program at St. Thomas University from where she also holds a master’s degree in Cyber Security Management. She may be reached at

Speaker's Bio: Jorge Flores has been in the info sec community since 2012. He is currently the newest Security Analyst III at Arthrex headquartered in Naples, Florida. Prior to joining Arthrex, Jorge worked as a security analyst and consultant alongside Sanjay Deo and Michael Brown at 24by7Security specializing in conducting HIPAA assessments throughout South Florida and nationwide. Jorge Flores lives in Naples and enjoys playing with his two sons. He achieved the CISSP certification in 2019 and holds a master’s degree from FIU in Data Security. He may be reached at

***Virtual Happy Hour***
Virtual Happy Hour open to attendees to discuss any current event or other topical news.