CiNPA - Security SIG

Topic 1: William Ong: Captcha Me If You Can!
Topic 2: Matthew Snoddy: The DF in “DFIR”

Captcha Me If You Can!
Modern AI has advanced rapidly in the past few years. As a result, many businesses have now flooded the AI market and data is now truly the new gold. Fast, agile startups have begun to resort to increasingly aggressive data aggregation and collecting techniques, prompting large data owners and corporations to either defend their data from collection or monetize their data with a paywall. The main defense system has been and continues to be Captchas. This has resulted in an accelerating arms race of captcha and AI-based captcha-beating technologies. In this talk, we map the evolution and provide a few predictions on the future of the AI-Captcha Arms Race.

The DF in “DFIR”
As information security professionals are aware, massive efforts are often put into the proactive side of security with policies and procedures, hardware and software, and regular training. However, there is also the reactive side, when an incident occurs and the response afterwards. With incidents making headlines daily in the world of information security, an often-overlooked aspect of incident response is the DF in “DFIR”: digital forensics and the results of examinations and investigations. This presentation will discuss some of the background of forensics, from traditional desktop computers and hard drives, to modern forensics on phones and in the cloud, as well as the impact digital forensics has on organizations and individuals when an incident occurs. Tools, techniques, policies, procedures, and best practices with regard to forensics will be discussed. High-profile newsworthy litigation and trials highlight some of the capabilities of modern forensics, but for every major news event, there are thousands of other forensic examinations that represent the more common ways that forensics helps improve the security posture of the digital world we all live and interact with.

William Ong is a Senior Enterprise AI and DevOps Cloud Architect, currently contracting with various government agencies and Fortune 500. He is responsible for setting and leading AI strategy in addition to automated lifecycle management for Machine Learning and AI cloud deployments at scale. His experience focuses on practical AI development, with real-world AI implementations in manufacturing, CPG, social media, finance, and government projects.

Matthew Snoddy is a digital forensic examiner and security consultant in Lexington, Kentucky. Matthew attended the US Air Force Academy before transferring to the University of Kentucky, studying computer science. His 31-year career has included almost all aspects of modern computing, and ultimately founded Network Therapists, Inc in 2001 and since has been a network and security consultant. Additionally, he serves as a digital forensic examiner, supporting litigation over the years for hundreds of cases as a consulting and expert witness. Matthew holds multiple security and technology certifications, including CISSP. He has been credited as editor and contributor for various ISC2 certification training projects authored by Ben Malisow for CISSP, CCSP, and SSCP, and was a co-host for over 100 episodes of the podcast “The Sensuous Sounds of Infosec”. Matthew is married with four children, and neither his wife nor his kids actually have any idea what he does for a living aside from “computers”.

About Us:

The CiNPA Security SIG is the Cincinnati Networking Professionals Association Security Special Interest Group. We meet monthly on the third Thursday of each month, starting at 6:30 p.m.

Please connect with us on Google Groups at https://groups.google.com/g/cinpa-security-sig to stay updated on notices. (This link will explain how to join the group.)

The CiNPA Security SIG's monthly meeting format typically consists of one or two main monthly meeting topics featuring live presentations or demonstrations promoting open and interactive group discussions. Our focus is primarily on the technical aspects of InfoSec, but we occasionally touch on other areas of cybersecurity as well. Information security news, announcements, and round-table discussions follow our main meeting topics.

Attendee Benefits:

• Attendance qualifies for 2 hours of CPE or CEU credit towards certification renewals

• Maintaining awareness of new vulnerabilities and exploits

• Learning about the latest security tools, utilities, products, services, solutions, strategies, techniques, frameworks, and best practices

• Sharing of information regarding trends concerning enterprise systems and technology

• Hearing announcements of upcoming area security conferences and events

• Networking with peers in the local Information Security (InfoSec) community