Transportation, Disease, & Consumer Products

We gather every month for engaging presentations, lively discussions and craft beer! This group gives security researchers in the Greater Boston community the chance to interact with each other more frequently. Each event features three speakers to talk about something a good hacker finds interesting along with discussions about security processes, techniques and much more!

1. Transportation, Disease, & Consumer Products (6:45-7:10)

By Chris Wysopal | LinkedIn (https://www.linkedin.com/in/wysopal) | Wikipedia (https://en.wikipedia.org/wiki/Chris_Wysopal)

The main government approach to cybersecurity has been to think of it through the lens of the military and intelligence community. After all that is where the most expertise lies today. This lens is problematic going forward. We should instead be looking to the way the government thinks of safety: for transportation, disease, consumer products, and the workplace. These are better models for the information security challenge we face.

About Chris. Chris Wysopal (Weld Pond) is Cofounder and CTO of Veracode, the largest provider of application security as a service. Chris was one of the original security researchers (7th member) in the 90's as a member of the high profile hacker think tank, The L0pht. On May 19, 1998, all seven members of L0pht (Brian Oblivion, Kingpin, Mudge, Space Rogue, Stefan Von Neumann, John Tan, and Weld Pond aka Chris Wyospal) famously testified before the Congress of the United States that they could shut down the entire Internet in 30 minutes. He is a member of the Black Hat Review Board and wrote the book, "The Art of Application Security Testing".

2. Cloud Security & the Full Stack Hack (7:35-8)

By Erik Peterson | LinkedIn (https://www.linkedin.com/in/erikpeterson)

Amazon Web Services (AWS) and other cloud services are billed as an amazingly secure and resilient, but what is the reality? Once you look past that pristine environment and the manicured forests you’ll find a dark jungle. With concrete examples and new techniques this presentation will explore “full stack” vulnerabilities and their effect on security and how they create new pitfalls when migrating to and operating in a Cloud world.

About Erik. Erik Peterson is a member of Veracode’s CTO office where he is the Director of Technology Strategy. His professional experience includes 17 years of security industry experience; consisting of senior and executive leadership roles for Hewlett-Packard, S.P.I. Dynamics, GuardedNet and Sanctum, Inc where he was responsible for technology strategy, research and product management.

Peterson has also held information security positions for Moody’s Investors Service and SunTrust Bank and IT professional roles for the U.S. Embassy in Vienna, Austria and the United Nations International Atomic Energy Agency. He has spoken on the topic of application and cloud security at numerous industry events, including BlackHat EU, Security BSides, OWASP, ISSA, InfraGard and the Cloud Security Alliance.

Schedule

6:00 - 6:30: Craft Beer & Wine

6:30 - 6:35: Cybersecurity Opener by Akshat

6:40 - 6:45: Tool of the month by Will

6:45 - 7:45: Chris Wysopal & Erik Peterson

8:00 - 9:00: Network with other security enthusiasts!

Physical Security

We'd like to make things easy for Security. Everybody should update their meetup profile with their last name and a recent photograph. To do that, click My Profile > View Profile and you'll see the options.

Parking & Public Transportation

Parking is available on premises. Network Drive at Northwest Park offers direct MBTA Bus service (http://www.mbta.com/schedules_and_maps/bus/) to/from the Alewife Red Line T stop in Cambridge (http://www.mbta.com/schedules_and_maps/subway/lines/default.asp?route=RED) and LRTA bus service (http://www.lrta.com/index.html) from Lowell.

Not receiving emails?

Some members have said they're not receiving our emails. You might have unsubscribed to our special announcements. To fix it: Click Settings > Email Updates > Choose Boston Security Meetup under "Updates about your groups" and check off "Announcement about a specific Meetup" and "Announcement to members about the group".

Why are you charging $1?

The nominal $1 fee and checkout process serve to verify your attendance and provide a more accurate headcount — and ensure a much better networking experience! Your modest support does enable and encourage us to continue improving these events.

Looking for speakers!

We're always looking for good speakers and interesting topics for our presentation nights! If you're interested in giving a talk, or have a suggestion for a future event, please contact us.

Recruiters

If you would like to attend or mingle with our members in a professional capacity to recruit, please contact us directly about sponsorship opportunities through the Meetup site.