TechLife Cincinnati

Speaker: Matt Scheurer

Topic 1: Cybersecurity Models that Mostly Matter

Oftentimes the terms "Controls" or "Frameworks" or "Models" are used interchangeably, but this talk focuses specifically on the Cybersecurity Models usable by Practitioners. This talk starts with a quick overview of the essential "CIA Triad" and the "Cyber Kill Chain", but then transitions into a deeper dive into the "Pyramid of Pain", "STRIDE", and the "Diamond Model". Each of these models are easily leveraged in conjunction with other Controls and Frameworks, but each serve a specific purpose. The "Pyramid of Pain" provides a foundation of Detection Engineering absorbed by Incident Response and Threat Hunting teams. Of the various Threat Model methodologies, STRIDE (or often STRIDE+) remains a popular choice. The "Diamond Model of Intrusion Analysis" is a solid and underutilized methodology of diagramming and understanding actual cyber attacks.

Topic 2: Definitely Not Secure (DNS)

Why is that vanity protocol making internet addressing human-friendly so often overlooked? Everybody attending this event uses the Domain Name System (DNS), and daily, but relatively few understand how it all works. Yet the security ramifications are huge! After physical access, those who control the flow of network packets win. This holds true for offensive security practitioners, tech defenders, and threat actors alike.

This talk starts with DNS basics and then ventures into DNS vulnerabilities, attacks, and defensive security strategies. In addition to an overview of DNS basics, the presenter covers DNS security including live demos on a variety of DNS attacks. DNS security topics covered include abuse, command & control (C2), data exfiltration, hijacking, information leakage, spoofing, takeover, tunneling, and more. Attendee takeaways include methods for tightening DNS security, detecting attack traffic patterns, and overall awareness of DNS related cyber-attacks happening today.

About Us:

The CiNPA Security SIG is the Cincinnati Networking Professionals Association Security Special Interest Group. We meet monthly on the third Thursday of each month, starting at 6:30 p.m.

Please connect with us on Google Groups at https://groups.google.com/g/cinpa-security-sig to stay updated on notices. (This link will explain how to join the group.)

You can also follow us on Linkedin.

The CiNPA Security SIG's monthly meeting format typically consists of one or two main monthly meeting topics featuring live presentations or demonstrations promoting open and interactive group discussions. Our focus is primarily on the technical aspects of InfoSec, but we occasionally touch on other areas of cybersecurity as well. Information security news, announcements, and round-table discussions follow our main meeting topics.

Attendee Benefits:

• Attendance qualifies for 2 hours of CPE or CEU credit towards certification renewals

• Maintaining awareness of new vulnerabilities and exploits

• Learning about the latest security tools, utilities, products, services, solutions, strategies, techniques, frameworks, and best practices

• Sharing of information regarding trends concerning enterprise systems and technology

• Hearing announcements of upcoming area security conferences and events

• Networking with peers in the local Information Security (InfoSec) community

DO NOT USE MEETUP RSVP - USE THE LINK in the text in the Comments

N.B.: Check comments here (below) or http://www.cinpa.org/meeting-topic each month for new meeting LINK.

Cincinnati Networking Professionals Association - CINPA

Monthly Meeting - FIRST WEDNESDAY - Typically we have an IT Industry professional present on a subject of interest. Oftentimes these are hardware, software or services vendors.

Specific meeting information can be found at CINPA website (http://www.cinpa.org/meeting-topic)