CiNPA - Security SIG

Topic 1: William Ong: Captcha Me If You Can!
Topic 2: Matt Scheurer: Stage Crash Course in KQL

Captcha Me If You Can!
Modern AI has advanced rapidly in the past few years. As a result, many businesses have now flooded the AI market and data is now truly the new gold. Fast, agile startups have begun to resort to increasingly aggressive data aggregation and collecting techniques, prompting large data owners and corporations to either defend their data from collection or monetize their data with a paywall. The main defense system has been and continues to be Captchas. This has resulted in an accelerating arms race of captcha and AI-based captcha-beating technologies. In this talk, we map the evolution and provide a few predictions on the future of the AI-Captcha Arms Race.

Stage Crash Course in KQL
Does a certain sponge really live in a pineapple under the sea? Jacques Cousteau would know! With that in mind, join us for a free hands-on training workshop by getting in the (sea)weeds with the Kusto Query Language (KQL) as we deep-dive into analyzing security log data. Bring a laptop to follow along through the workshop exercises for some free hands-on experience. Or watch and learn as the trainer works through the exercises on-screen. Either way, you'll glean valuable insights into the stories that security logs tell from a Rock Star Incident Responder's perspective!

William Ong is a Senior Enterprise AI and DevOps Cloud Architect, currently contracting with various government agencies and Fortune 500. He is responsible for setting and leading AI strategy in addition to automated lifecycle management for Machine Learning and AI cloud deployments at scale. His experience focuses on practical AI development, with real-world AI implementations in manufacturing, CPG, social media, finance, and government projects.

Matt Scheurer is a show host for the ThreatReel Podcast, and Vice President of Computer Security and Incident Response in a large enterprise environment. He has many years of hands-on technical experience. Matt is an official "Hacking is NOT a Crime" Advocate, serves on the Advisory Board for the Warren County Career Center "Information Technology and Cybersecurity" program, and also volunteers as a technical mentor for the Women's Security Alliance (WomSA). He has presented numerous Information Security topics at countless technology meetup groups, and prominent Information Security conferences, including keynotes at the Cybersecurity Collaboration Forum Cincinnati Leadership Exchange, the Information Security Summit in Cleveland, Queen City Con 0x1 & 0x2 in Cincinnati, and SecureWV in Charleston. He is awarded with delivering lifetime conference Keynote Addresses at Queen City Con. Matt is also a 2019 comSpark "Rising Tech Stars Award" winner, named a "Top 12 Hacking Influencer" by Bishop Fox in 2023, and awarded a "Black Badge" for continuous community engagement at Queen City Con in 2024.

About Us:

The CiNPA Security SIG is the Cincinnati Networking Professionals Association Security Special Interest Group. We meet monthly on the third Thursday of each month, starting at 6:30 p.m.

Please connect with us on Google Groups at https://groups.google.com/g/cinpa-security-sig to stay updated on notices. (This link will explain how to join the group.)

The CiNPA Security SIG's monthly meeting format typically consists of one or two main monthly meeting topics featuring live presentations or demonstrations promoting open and interactive group discussions. Our focus is primarily on the technical aspects of InfoSec, but we occasionally touch on other areas of cybersecurity as well. Information security news, announcements, and round-table discussions follow our main meeting topics.

Attendee Benefits:

• Attendance qualifies for 2 hours of CPE or CEU credit towards certification renewals

• Maintaining awareness of new vulnerabilities and exploits

• Learning about the latest security tools, utilities, products, services, solutions, strategies, techniques, frameworks, and best practices

• Sharing of information regarding trends concerning enterprise systems and technology

• Hearing announcements of upcoming area security conferences and events

• Networking with peers in the local Information Security (InfoSec) community