Come join us at our next installment of NCC Group Open Forum (Chicago)

Hello, it’s time for another NCC Group open forum! This edition we have two talks and some space in the middle to network and ask questions about the topics presented or security in general.
First, we will have @lvh talking to us about configuration-drive auditing. Traditional server environments rely on some combination of inventories, network penetration testing and configuration management in order to allow audits. These are often stale, incomplete, and not easily accessible by API. They’re almost always inconsistent between environments (e.g. different tools) and often inconsistent internally. Modern cloud environments provide a very comprehensive set of services which are all accessible via relatively consistent APIs. Since then, we’ve developed configuration-driven auditing tools to take advantage of those new properties to make auditing more powerful and less painful.

This talk gives a brief overview of the current state of the art in configuration-driven auditing tools, provides some hypotheses for how we could improve on these tools, and reports on the results of the experimental tools Latacora has built internally to test those hypotheses, difficulties and successes developing these tools, and future work.

The second talk will be by Terence Tarvis, talking to us about reversing Go binaries. His talk will be about basics of reversing a binary that was compiled from Go. It will discuss some features of Go, reversing, binary formats, and discuss some research around the topic of reversing. The goal will be to share some experiences on the subject and introduce research in the reverse engineering of binaries compiled from Go.

The event will be from 6pm to 9pm at the Braintree offices in the Merchandise Mart. Please RSVP as the venue has a strict policy on attendance. You will not be admitted to the event if you have not registered for it! Thanks for your understanding.

NCC Group hosts quarterly meet ups to talk about security and other interesting security related issues in the SF/South Bay region, Seattle, Austin and New York.