• Presentation - Techniques for Manipulating Embedded Systems

    Hilton Garden Inn, Forbes A

    Michael Schroeder, a recent transplant from the metro DC area, will demonstrate a variety of techniques to include performing a manual EEPROM memory dump, identifying / prioritizing circuit components, and sniffing bus traffic with logic analyzers on embedded systems. Mike's background is in OT / ICS security for devices and systems for government healthcare.

  • SCIS January Social - Buckhead Saloon

    Buckhead Saloon

    Come one, come all to the first Steel City Info Sec social meetup of the 2019 year! We will have light appetizers and discounted drinks in our very own VIP Lounge Area. Ample parking is available in the adjacent public garage, less than 100 feet from the Saloon. Hope to see you all there! -SCIS Organizers

  • BSidesPGH Movie Night

    Row House Cinema

    The BSidesPGH organizing team would like to celebrate a successful 2018 with a showing of the classic 1983 Matthew Broderick film, WarGames. Admission includes soft drinks and movie snacks. Following the movie will be a happy hour next door at Bierport. https://www.eventbrite.com/e/bsides-pittsburgh-presents-wargames-tickets-49200106844

  • October Presentation - ICS Security

    Hilton Garden Inn, Forbes A

    Digital Instrumentation and Control (I&C) and cyber-physical systems are becoming more prevalent in modern information system landscapes. Along with the many benefits of digital I&C systems, challenges arise that stem from the delta in maturity between modern information systems and I&C systems. This presentation covers the intricacies and effects of securing digital instrumentation and control systems. David Spehar and David Altman from Westinghouse will discuss the application of security controls to industrial systems, challenges presented by common and proprietary protocols, indicators of compromise, and culture management for industrial scenarios. David Spehar currently serves as a Senior Information Engineer at Westinghouse Electric Company advancing cyber security for Westinghouse and our nuclear power customers. In his current role he is responsible for performing all functions required supporting day-to-day data security operations, supporting and maintaining a broad suite of information security infrastructure, accountable for security and networking infrastructure component availability and integrity, and monitoring compliance with IT. He performs various security-engineering roles with a focus on engineering administration of various appliances, migrating current on premise cyber security appliances to the cloud, and aids in the design and development of new cyber security projects. Upon joining Westinghouse in 2016 he was responsible for the design and review of Westinghouse’s cyber security systems; configuration, testing and implementation of cyber security systems for various global nuclear power plants; he also designed and reviewed network architecture. Prior to joining Westinghouse, he served as a Security Analyst at NTT Security, Inc. David began his career and as a Cyber Security Analyst at Mine Safety Appliances, Inc. David joined Westinghouse in August 2016. He earned a Bachelor’s of Science in Information Technology from Excelsior College of Albany, New York, specializing in Cybersecurity. He holds several certifications that include: ● SANS GIAC Certified Intrusion Analyst (GCIA) ● SANS GIAC Certified Incident Handler (GCIH) ● SANS GIAC Security Essentials (GSEC) ● ISC2 Systems Security Certified Practitioner (SSCP) ● CompTIA Security+

  • September Social

    Cenci's Pizzeria & Bar

    September social - come hang out, talk security, socialize, and meet cool people in infosec. Also, feel free to come to the OWASP Q3 meetup immediately prior @ https://www.meetup.com/OWASP-Pittsburgh-Chapter/events/252359802/

  • July Presentation: RF Issues Related to FCC Part 15 Devices

    Jonathan Woytek - Sr. Member of Technical Staff at SEI CERT Coordination Center Presentation and possibly a short demo on RF issues--specifically using wireless audio as the example technology--and talking about FCC Part 15 devices, the frequency spectrum shuffles over the past few years, and security issues with devices operating in those areas. Thank you to our sponsor, CyberSN! Check them out @ https://cybersn.com/

  • June Social - Games N' At

    Games N'At

    • What we'll do June social - come hang out, talk security, socialize, and meet cool people in infosec. It's BYOB (minor bottling fee $2-$8)! So bring something for yourself or to share. No need to bring a cooler or ice...they have that. The have soda and typically "bar-like" food for purchase.

  • May Lab - Smart Contract Security


    • What we'll do Learning about and abusing various smart contract code. • What to bring A laptop (Windows or Mac preferred)

  • Using And Abusing The Blockchain (Presentation Night)

    Come join us for a technical discussion about the blockchain - no hype here. We will be starting out with a presentation that covers all of the technical details of how this stuff works and how to interact with it. Then we will have a second presentation that covers abuses of blockchain and cryptocurrency attacks. Our first presenter is Daniel Mross, who you may recognize from the movie The Rise and Rise of Bitcoin[1]. Needless to say, he has been involved with cryptocurrencies for a long time, and is coming to drop some knowledge on us all. For the second presentation, Justin Leapline and Jon Zeolla will be focusing on the security of blockchains and technologies that build on top of them. 1: http://www.imdb.com/title/tt2821314/

  • March social


    Eat, drink, and talk infosec