Software Development

**Meetup No. 68 - RedTeamRD** La comunidad RedTeamRD regresa con un meetup donde exploraremos dos superficies de ataque que muchas veces pasan desapercibidas: la infraestructura física que mantiene vivos los datacenters y la lógica detrás del control de acceso en aplicaciones web. Este encuentro nos llevará desde los sistemas HVAC controlados por PLCs hasta la manipulación lógica de endpoints vulnerables. Dos charlas. Dos mundos. Un mismo problema: lo que asumimos seguro, rara vez lo es. **Capa 0: Cuando el Ataque No Busca Datos, Busca Derretir el Hardware** 🎙️ **Fidel Jeldes** La mayoría de las estrategias de ciberseguridad están diseñadas para proteger información: bases de datos, credenciales, propiedad intelectual. Pero ¿qué ocurre cuando el atacante no quiere robar datos, sino interrumpir físicamente la operación? En esta charla exploraremos la “Capa 0”, la infraestructura crítica que mantiene vivos a los datacenters: sistemas HVAC, chillers, distribución eléctrica y sensores ambientales gestionados por PLCs que utilizan protocolos industriales heredados, sin cifrado ni autenticación robusta. Analizaremos cómo la convergencia entre IT y OT ha abierto una superficie de ataque poco visible pero altamente crítica. Veremos cómo un actor malicioso puede pivotar desde la red corporativa hacia la red de gestión ambiental y manipular protocolos como Modbus/TCP o BACnet para alterar lecturas de sensores, provocar sobrecalentamientos o forzar paradas de emergencia. Una sesión que cambia la perspectiva tradicional de la seguridad y nos obliga a pensar más allá de los datos. **Access Control: Cuando la Lógica es Vulnerable** 🎙️ **Bryan Céspedes** Un recorrido práctico por laboratorios de PortSwigger enfocados en vulnerabilidades de control de acceso roto, mostrando cómo la simple observación y el pensamiento lógico son suficientes para acceder a lo que no deberías. Se abordará la manipulación de parámetros de solicitud, el descubrimiento de identificadores expuestos en funciones públicas y la explotación de endpoints predecibles. Una charla accesible para entender cómo fallas de diseño en el control de acceso le abren la puerta a un atacante sin necesidad de exploits complejos. 📅 **Fecha y hora** **Jueves 26 de febrero de 2026** **7:00 PM – 9:00 PM (AST)** 📍 **Lugar** Auditorio INDOTEL, Zona Colonial, Santo Domingo 🎥 **Transmisión en vivo (gratuita)** https://youtube.com/live/IJ7vCKv7ikg?feature=share *(No es necesario registrarse para verlo en línea.)* 💬 **Contribuciones** Si deseas apoyar nuestros eventos y el desarrollo de talento local en ciberseguridad: * [https://www.patreon.com/RedTeamRD](https://www.patreon.com/RedTeamRD) * [https://paypal.me/redteamrd](https://paypal.me/redteamrd)

**Meetup No. 68 - RedTeamRD** La comunidad RedTeamRD regresa con un meetup donde exploraremos dos superficies de ataque que muchas veces pasan desapercibidas: la infraestructura física que mantiene vivos los datacenters y la lógica detrás del control de acceso en aplicaciones web. Este encuentro nos llevará desde los sistemas HVAC controlados por PLCs hasta la manipulación lógica de endpoints vulnerables. Dos charlas. Dos mundos. Un mismo problema: lo que asumimos seguro, rara vez lo es. **Capa 0: Cuando el Ataque No Busca Datos, Busca Derretir el Hardware** 🎙️ **Fidel Jeldes** La mayoría de las estrategias de ciberseguridad están diseñadas para proteger información: bases de datos, credenciales, propiedad intelectual. Pero ¿qué ocurre cuando el atacante no quiere robar datos, sino interrumpir físicamente la operación? En esta charla exploraremos la “Capa 0”, la infraestructura crítica que mantiene vivos a los datacenters: sistemas HVAC, chillers, distribución eléctrica y sensores ambientales gestionados por PLCs que utilizan protocolos industriales heredados, sin cifrado ni autenticación robusta. Analizaremos cómo la convergencia entre IT y OT ha abierto una superficie de ataque poco visible pero altamente crítica. Veremos cómo un actor malicioso puede pivotar desde la red corporativa hacia la red de gestión ambiental y manipular protocolos como Modbus/TCP o BACnet para alterar lecturas de sensores, provocar sobrecalentamientos o forzar paradas de emergencia. Una sesión que cambia la perspectiva tradicional de la seguridad y nos obliga a pensar más allá de los datos. **Access Control: Cuando la Lógica es Vulnerable** 🎙️ **Bryan Céspedes** Un recorrido práctico por laboratorios de PortSwigger enfocados en vulnerabilidades de control de acceso roto, mostrando cómo la simple observación y el pensamiento lógico son suficientes para acceder a lo que no deberías. Se abordará la manipulación de parámetros de solicitud, el descubrimiento de identificadores expuestos en funciones públicas y la explotación de endpoints predecibles. Una charla accesible para entender cómo fallas de diseño en el control de acceso le abren la puerta a un atacante sin necesidad de exploits complejos. 📅 **Fecha y hora** **Jueves 26 de febrero de 2026** **7:00 PM – 9:00 PM (AST)** 📍 **Lugar** Auditorio INDOTEL, Zona Colonial, Santo Domingo 🎥 **Transmisión en vivo (gratuita)** https://youtube.com/live/IJ7vCKv7ikg?feature=share *(No es necesario registrarse para verlo en línea.)* 💬 **Contribuciones** Si deseas apoyar nuestros eventos y el desarrollo de talento local en ciberseguridad: * [https://www.patreon.com/RedTeamRD](https://www.patreon.com/RedTeamRD) * [https://paypal.me/redteamrd](https://paypal.me/redteamrd)

**Important time note:** Please plan on arriving between 5:30 and 6:00 as the elevators lock after 6 and you'll need to message us and we'll need to come get you. The building address is 4450 Bridge Park The entrance is 6620 Mooney St, Suite 400 You will need to scan your ID at the door to get a visitor badge. **Abstract** *Spec-Driven Development with GitHub Spec-Kit: From Intent to Implementation* Spec-driven development flips the traditional workflow on its head: instead of code being the source of truth, the specification becomes the backbone of design, collaboration, and delivery. In this session, we’ll explore how GitHub Spec-Kit enables teams to treat specifications as first-class artifacts—living documents that drive architecture, implementation, and verification. You’ll learn how Spec-Kit helps teams clearly express intent using structured, version-controlled specs that live alongside code. We’ll walk through a practical workflow that starts with defining system behavior and constraints, then progressively refines those specs into testable, automatable outcomes. Along the way, we’ll show how specs can reduce ambiguity, improve cross-functional collaboration, and make design decisions explicit before a single line of production code is written. This talk will cover: --What spec-driven development is (and what it isn’t) --How GitHub Spec-Kit fits into modern developer workflows --Using specs to align product, engineering, and AI-assisted development --Real-world examples of turning specs into implementations with confidence Whether you’re building greenfield systems, integrating AI into your stack, or trying to reduce costly rework, spec-driven development offers a scalable way to move faster without sacrificing clarity. Attendees will leave with concrete patterns and a clear mental model for adopting GitHub Spec-Kit in their own projects. **YouTube Link** TBA

Columbus Code & Coffee is an inclusive, informal co-working session. People of all skill levels attend, and we love it that way. Many people (optionally) bring projects to work on, and many other people (optionally) socialize the entire time. It's entirely up to you! **What to Expect at the Intro Circle** \~\~\~\~\~\~\~\~\~\~\~\~\~ Near the beginning of the event (1:30 pm), we do a standup: * Organizer announcements, updates, and logistics Round 1 - (7 secs max): * Your name * What you're working on * What you can help others with Round 2: * Community events you wanna plug. If none, that's cool too. Round 3: * Job opportunities you're hiring for OR announce that you are looking for one. If none, that's cool. After the introduction circle, everything is self-organized! Feel free to work alone, pair up, attend one of our workshops/presentations, or mingle!

Discover Kiro, AWS’s innovative development environment that adapts to your workflow. Whether you prefer specification-driven development or a more intuitive, vibe-based approach, Kiro empowers you to build applications your way. In this session, speakers will explore Kiro’s core functionality and its evolution through re:Invent 2025, along with demonstrations of prompts used to create APIs, hooks, and steering documents. In the latter part of the session, watch as we build a complete example from scratch, showcasing Kiro’s agentic AI workflow in action for spec-driven development and vibe coding. What You'll Learn - Core Kiro concepts and development philosophy Feature evolution: pre and post re:Invent 2025 Practical examples: API creation, hooks, and steering docs Live coding demonstration with real-time problem solving Who Should Attend - Developers, solutions architects, and technical leaders interested in modern AWS development tools and AI-assisted coding workflows. **Speakers Bio:** Matthew Jorat: Matthew Jorat is a Customer Solutions Manager at AWS with nearly three decades of expertise in AI, cloud transformation, migration, modernization, IT, technology, and business. His career spans infrastructure engineer, solutions architect, security auditor, customer success director, support and services director, and operations officer. He was an early adopter of AWS services as a customer, and his current role at AWS uniquely blends his technical and business skills as he partners with executive teams to translate strategic priorities into measurable business outcomes through cloud adoption, AI implementation, and operational excellence. Matt leads end-to-end AI initiatives for enterprise customers, identifying high-impact use cases and maintaining relentless focus on measurable ROI. He holds eight AWS certifications and serves as Adjunct Professor at Franklin University teaching cloud computing and AWS architecture. His expertise encompasses GenAI, agentic AI systems, migration, modernization, and optimization strategies that drive transformation at scale. [https://www.linkedin.com/in/mattjorat/](https://www.linkedin.com/in/mattjorat/) Girish Bhatia: Girish Bhatia is a seasoned technology delivery leader with deep expertise in cross-domain program management. He holds multiple AWS certifications, including AWS Certified Solutions Architect – Associate, AWS Certified Developer – Associate, and AWS Generative AI Practitioner, and is also an AWS Community Builder. Girish brings over two decades of experience in the information technology industry. Throughout his career, Girish has led major technology-driven business transformation from modernizing on-premises applications to driving large-scale cloud migrations. His work includes API-based integration platforms, data-center and mainframe modernization, and enterprise cloud adoption initiatives. Based in Columbus, Ohio, Girish works at a tech-forward fintech company. He is passionate about AWS serverless architectures, Generative AI and emerging cloud technologies. An avid learner and builder, he continues to explore and apply the latest innovations in AWS to help organizations accelerate their digital transformation. https://www.linkedin.com/in/girishbhatia/[https://www.linkedin.com/in/girishbhatia/](https://www.linkedin.com/in/girishbhatia/) **THANK YOU** *Franklin University* for hosting our meetup! To learn more about *Franklin University*, please visit their website: https://www.franklin.edu/ **DIRECTIONS** Franklin University Fisher Hall 300 E. Main St, Columbus, OH 43215 Map: https://maps.app.goo.gl/jxjBA2hUmS5qrvhq8 Parking is FREE! Please park in Lot C in front of Fisher Hall. See attached map. NOTE: Map the address only. When mapping with Google Maps it may use the Fisher Hall at OSU, which is NOT correct. **Want to sponsor the pizza and/or bar tab?** Please contact me if you would like to sponsor this meetup's pizza and/or bar tab: angelo@mandato.com

Christians in Tech is a community at the intersection of faith and technology. Our meetups are designed to spark meaningful conversations, promote knowledge sharing, and encourage growth—both in your career and your spiritual walk with God. Whether you're an experienced professional or just starting your tech journey, CIT welcomes you. Our Website [https://linktr.ee/citcbus](https://linktr.ee/citcbus) Sponsors and Partners * Improving (Venue Sponsor) * Bethel World Prayer Center (Fiscal Sponsor) * Fruits & Roots (Coffee Partner)

**Web Design Decoded: Tools, Practices, and Proven Processes:** **Semantic HTML** At WebDev Columbus, we are exploring some of the most important topics of professional high-end web design and page building. Primarily focused on site building in the WordPress environment, our group explores tools, tips, and techniques for building the best WordPress sites possible. Additionally, we focus on disciplines and technologies that take website design from visually appealing to optimized spaces for delivering you and/or your client's message effectively and with a nod towards extended reach. Each session combines practical demonstrations with real-world insights, giving you actionable knowledge you can apply immediately. Whether you're a seasoned developer looking to enhance your design skills or a newcomer wanting to understand design best practices, this series offers valuable insights for every skill level. **What to expect:** * Hands-on demonstrations of popular design tools * Best practices for design-to-development workflows * Tips for creating responsive, accessible designs * Real-world problem-solving scenarios * Interactive Q&A sessions * Networking opportunities with fellow developers **Each meetup features:** 60 minutes of focused presentation 30 minutes of live demonstrations 30 minutes for questions and discussion **See you there!** Our casual, collaborative environment encourages learning from both presenters and fellow attendees. Bring your questions, share your experiences, and connect with Central Ohio's web development community! **Stay tuned for specific session topics and dates.**

We're excited to launch **GitHub Copilot Dev Days**, a global in‑person community event series running **March 15 – April 30**! Let's come together as developers, grow our local community, and showcase the power of GitHub Copilot with **free, high‑quality training materials** from Microsoft + GitHub. * GitHub Copilot in VS Code * GitHub Copilot CLI … and more! * **Intro Talk (30–45 min):** GitHub Copilot + AI development * **Local Community Talk (30–45 min):** NOT ME, **[Matt Eland](https://www.linkedin.com/in/matteland/)** * **Hands‑on Workshop (1 hour):** Practical exercises using GitHub Copilot * **SPECIAL GUEST** **(virtual)**: **[Andrea Griffiths](https://www.linkedin.com/in/acolombiadev/)** (Senior Developer Advocate at GitHub) ***Bring your laptop and expect to write some (non-AI-generated) code!*** Food and drinks will be available. **LOCATION:** 6515 Longshore Loop, Suite 300, Dublin, OH 43017 **FREE PARKING:** 6725 Longshore Street, Dublin, OH 43017

Columbus Code & Coffee is an inclusive, informal co-working session. People of all skill levels attend, and we love it that way. Many people (optionally) bring projects to work on, and many other people (optionally) socialize the entire time. It's entirely up to you! **What to Expect at the Intro Circle** \~\~\~\~\~\~\~\~\~\~\~\~\~ Near the beginning of the event (1:30 pm), we do a standup: * Organizer announcements, updates, and logistics Round 1 - (7 secs max): * Your name * What you're working on * What you can help others with Round 2: * Community events you wanna plug. If none, that's cool too. Round 3: * Job opportunities you're hiring for OR announce that you are looking for one. If none, that's cool. After the introduction circle, everything is self-organized! Feel free to work alone, pair up, attend one of our workshops/presentations, or mingle!