Security Analysis

Come learn how money really works. We’ll cover how to grow it, protect it, get out of debt, and use smart retirement and infinite banking strategies to build long-term security.

**REGISTER AT THE LUMA EVENT PAGE!!!** https://luma.com/2e6rhzjo **Agenda:** ​​6:00 - 6:30 PM - Welcome and mingle 6:30- 6:45 PM - Introductions 6:45 - 7:30 PM - Talk 7:30 - 8:00 PM - Wrap up ​​**Description:** ​IAI coding agents can now scaffold entire applications from a single prompt. But for mission-critical systems that require compliance, reliability, and auditability, "it works on my machine" isn't enough. When your agent makes fifty tool calls, rewrites three files, and confidently hallucinates a security vulnerability, how do you even begin to debug that? ​This talk introduces a practical, open-source toolkit for injecting observability, control, and systematic testing into agentic AI development. Using MLflow's tracing and evaluation framework, we'll follow a single throughline: building an AI agent with a coding assistant (Claude Code), tracing both the assistant's work **and** the agent it produces, then evaluating quality with LLM judges - closing the loop from development through production monitoring. ​You'll walk away with a concrete workflow for turning the black box of agentic coding into something you can inspect, measure, and trust. No vendor lock-in required. ​**Speaker Bio:** ​Tim Lortz is an AI Product Specialist at Databricks, where he has worked since 2019. He currently serves as the technical lead for Databricks' go-to-market efforts for AI in regulated industries, focusing particularly on enterprise-grade governance for AI platforms. ​ Prior to Databricks, Tim spent many years in various data science practitioner and leadership roles in the Federal contracting space. He holds a PhD in Industrial & Operations Engineering from the University of Michigan (Go Blue!!) and a BS in Industrial Engineering from the University of Pittsburgh.

Discover the power of your breath to manage your mind and experience instant peace & calm. Join a 60-minute free Workshop and get a glimpse of the Sudarshan KriyaTM- The breathing technique that is revolutionizing the lives of millions. What you’ll discover at ‘Beyond Breath’ ✔ A taste of the Sudarshan KriyaTM, a breathing technique taught in the Happiness Program ✔ An instant energy booster that awakens & relaxes your mind - Take it home and practice daily! ✔ The peace & calm of a unique guided meditation ✔ Secret keys to manage your mind ✔ The power of surrounding yourself with positive, like-minded people. You can use your breath to master your thoughts and emotions - the key to managing the quality of your day. The Happiness Program At the end of this workshop you may enroll into the Happiness Program (3 days, 3 hours each day) to learn the Sudarshan KriyaTM, a science-backed, rhythmic breathing technique through which you can: Tap into a reservoir of energy and use it as you please! Relieve deep-rooted stresses and anxieties Uplevel your productivity Overcome emotional blocks, move on from past events and shed limiting beliefs Heal your body & gain power over your mind Experience the true state of meditation Learn more about the Happiness Program & the Sudarshan KriyaTM in our introductory workshop 'Secrets to Meditation'. Instagram: artoflivingDMV aolf.live/secretstomeditation

Spec-driven development flips the traditional workflow on its head: instead of code being the source of truth, the specification becomes the backbone of design, collaboration, and delivery. In this session, we’ll explore how GitHub Spec-Kit enables teams to treat specifications as first-class artifacts—living documents that drive architecture, implementation, and verification. You’ll learn how Spec-Kit helps teams clearly express intent using structured, version-controlled specs that live alongside code. We’ll walk through a practical workflow that starts with defining system behavior and constraints, then progressively refines those specs into testable, automatable outcomes. Along the way, we’ll show how specs can reduce ambiguity, improve cross-functional collaboration, and make design decisions explicit before a single line of production code is written. This talk will cover: --What spec-driven development is (and what it isn’t) --How GitHub Spec-Kit fits into modern developer workflows --Using specs to align product, engineering, and AI-assisted development --Real-world examples of turning specs into implementations with confidence Whether you’re building greenfield systems, integrating AI into your stack, or trying to reduce costly rework, spec-driven development offers a scalable way to move faster without sacrificing clarity. Attendees will leave with concrete patterns and a clear mental model for adopting GitHub Spec-Kit in their own projects.

PLEASE CHECK THE ONLINE MEDITATION CALENDAR FOR DETAILS OF THESE MORE THAN 50 SERVICES A WEEK- https://onlinemeditation.yogananda.org/calendar/

[Profs and Pints DC](https://www.profsandpints.com/washingtondc) presents: **“Torture in the Middle Ages,”** with Larissa “Kat” Tracy, visiting assistant teaching professor of English at the University of Maryland Baltimore County and author or editor of ten books on medieval violence. [Advance tickets: $13.50 plus sales tax and processing fees. Available at [https://events.ticketleap.com/tickets/profsandpints/dc-torture-middle-ages](https://events.ticketleap.com/tickets/profsandpints/dc-torture-middle-ages) .] When *Pulp Fiction*’s Marsellus Wallace vows to “get medieval” on someone we assume that they’re in for some serious pain. Torture—that most notorious aspect of medieval culture and society—more recently has been portrayed in popular culture in series like G*ame of Thrones* and *Vikings*, through lurid scenes depicting torture and gruesome punishment as standard medieval practice. In many modern European cities one can find popular museums displaying such gruesome implements as the rack, the strappado, the gridiron, the wheel, and the iron maiden. The dominant mythology suggests that the Middle Ages was a period during which sadistic torment was inflicted on citizens with impunity and without provocation. The truth, however, is a lot more complicated. Join Professor Larissa “Kat” Tracy, who has extensively researched torture, punishment, and social justice in medieval society, for a talk challenging preconceived ideas that popular historians, films, and media have promoted about the prevalence of torture and judicial brutality in medieval society. She’ll discuss medieval Europe’s actual use of torture—the instruments, the laws, the cultural norms, and the victims—and make clear that the act of punishment was actually a very different legal event. She’ll argue that the portrayals of medieval torture in literature represent satire, critique and dissent; they have didactic and political functions in opposing the status quo. The books that Professor Tracy has written or edited include *Torture and Brutality in Medieval Literature*; *Castration and Culture in the Middle Ages*; *Medieval and Early Modern Murder*; *Flaying in the Premodern World*, and most recently *End Game: Exile and Execution in Medieval and Early Modern Society*. When she gets medieval on you it means you are going to learn. The experience, however, won’t be painful at all. (Doors: $17, or $15 with a student ID. Listed time is for doors. The talk starts 30 minutes later.) Image: Torture instruments on display at Prague Castle. Photo by Clayton Tang / Wikimedia Commons.

Weekly Bible study currently reading through the Gospel of Luke. We meet at Teaism in Penn Quarter. You can find us in the downstairs seating area!

Looking for a new skill? Want to seem mysterious when people ask about your hobbies? Enjoy puzzles? Lock picking might be right for you! Is this legal? Yes! Is it fun? Yes! The meeting is very casual, come and go as you please. We meet in the upstairs area of Board Room. No payment, skills, tools, or RSVP necessary. If you can make small precise movements with your hands, you can learn to pick locks. Introductory talk at 7pm. All are welcome. We meet in a bar but minors are allowed to attend. We are not in a private room; parental discretion advised. If you are a minor or are responsible for one who's attending, please email the organizer in advance at chapter-DC@toool.us Open invite; bring friends! We are the DC chapter of TOOOL. More information here: http://toool.us/

**[Bitcoin District](https://bitcoindistrict.org/)** is a community of Bitcoiners living & working in the greater DMV metro area. Join us for a "Coffee & Bitcoin" meetup where we'll talk about what's happening in the world of Bitcoin. We highly encourage anyone who is new to Bitcoin or just a little curious to come and ask questions... don't be shy! 🚗 Free parking behind the coffee shop. 🚆 METRO: Greensboro + 10 minute walk (Silver line) **Our events are Bitcoin focused and we generally avoid discussing other coins & tokens. Nothing discussed during this meetup is financial advice. Always do your own research.**

SUMMARY: The DEF CON Group 443, also known as DC443, is an interest group designed to discuss general hacking and its culture, information security (InfoSec), and related topics. Our group’s interests include InfoSec, SDR, Hackathons, Speaker Events (MiniCons), Capture The Flags (CTFs), Binary Reversing/Exploitation, Ham Radio, Lock Picking, Micro Electronics, Web Development, etc. We plan to meet every other week on Fridays at Unallocated space. Meetings can include Talks, projects, trivia nights, workshops, or contests and CTFs. Website: [https://dc443.org](https://dc443.org/) Twitter: [https://twitter.com/dc443_](https://twitter.com/dc443_) GOAL: Learn about new and existing interests and grow the Unallocated Space community. THINGS TO BRING: Yourself and friends SKILL LEVEL: Any PRESENTER: Adam (Digital Tinker)

This meetup is designed to be an open forum amongst our community. We intend for it to be an opportunity for members to showcase what projects we've been working on this year related to Linux and AWS. If you are a current (or aspiring) professional looking for a practical way to build your experience with Linux and cloud computing, this event is for you! About us: Respect The Tech is an organization focused on information technology education and innovation. Our mission is to innovate technology education through virtual labs and gamified training. All of our team members are experienced professionals in the cybersecurity and cloud computing field. We are based out of the DMV and aim to serve the DMV with the same tools that enabled us to be successful with technology. ______________________________ Requirements: A functional laptop AWS account created and ready to use (free tier recommended)

Please reserve your spot by registering on the below link : **Reserve** https://www.eventbrite.com/e/join-biggest-community-investors-founders-washington-online-tickets-1972272305558?aff=meetup **QUESTIONS ?** Pls Reach out to; Ridhi - [+971504724873](http://wa.me/971504724873) ( WhatsApp Only)

Monthly meeting: Second Saturday of the month International House of Pancakes (IHOP) 775 Rockville Pike, Rockville, MD 20852 7:00 PM – 10 PM. Late arrivals always welcome. Look for the table with someone wearing a red hat. Questions, please call 1-240-644-5230 Agenda: What are more things we can do to wake people up? What can we do to get more people involved? Other things people would like to talk about. This will be a joint meeting with: DC 9/11 Truth [https://dc911truth.org/](https://dc911truth.org/) dc911truth Facebook page [https://www.facebook.com/groups/dc911truth/](https://www.facebook.com/groups/dc911truth/) 911 Meetup Group [https://www.meetup.com/meetup-group-kyegaoqu/](https://www.meetup.com/meetup-group-kyegaoqu/) Central Bank Digital Currencies CBDC Meetup Group [https://www.meetup.com/central-bank-digital-currencies-cbdc/](https://www.meetup.com/central-bank-digital-currencies-cbdc/) Freedom of Speech Meetup Group [https://www.meetup.com/silver-spring-freedom-of-speech-meetup-group/](https://www.meetup.com/silver-spring-freedom-of-speech-meetup-group/) One way to make it more difficult for them them to impose a digital currency on us is to use cash. Central Bank Digital Currency (CBDC) With Digital Currency they can: Have a complete government dossier on every detail of your life. Use your purchase history to maintain a detailed social credit score for every person. Provide tax breaks to corporations who hire people with admirable social credit scores. Only grant government contracts to corporations with employees with admirable social credit scores. Adjust health insurance premiums to incentivize people to develop admirable social credit scores. Connect your social credit score with a digital ID to encourage you to look at only approved web sites when surfing the internet. Viewing conspiracy web sites could lower your Social Credit Score and make it difficult to get a job. With their electronic chain around your neck, they can control where, when, how you travel, what food you are allowed to buy etc. They will love the power to only allow you to use your digital money only where they want you to shop and allow you to buy only what they prefer you to buy. Require you to have to have a license to use your money. They will call it a Digital Currency License. Require you to take any vaccine they want you to take to maintain your digital currency license. Tax you in ways we have not even imagined. Adjust your income tax rate based on your social credit score. Use AI to increase your income tax rate if you eat too many hamburgers because they will tell you eating too many hamburgers will increase global warming. This is just one example of many behaviors they might not approve of. Adjust individual prices for different individuals. They will be able to make you pay more per pound for hamburger if you purchased too much red meat during the past 30 days. Require you to buy so many pounds of soy burger for every pound of hamburger to save the planet and increase the profits for the soy burger manufacturers. Turn off the digital money of people they consider to be spreading misinformation. Turn off the digital money of people they consider to be dangerous conspiracy theorists. Turn off your money at 8 PM if they want a curfew at 8 PM Turn off your money in another state if they do not want you to drive to another state without permission. Turn off your money when buying guns or ammo if they do not want you to buy guns or ammo. Turn off your digital money more than three miles away from your home if they want you to stay within three miles of your home during the next epidemic. Etc. etc. etc. From the standpoint of the government, one beauty of digital money is that your money is one “state emergency” away from being the government’s money. All they have to do is to take your digital money out of your Central Bank Digital Account for the “good of all”. It is not as easy for them to do this with physical cash, gold, stocks, or silver etc. Anything they **can** do, they will do. The essence of slavery is control. Digital Currency will enable them to make you, their slave. (in a global digital concentration camp). .

Central Ohio Radio Enthusiasts—CORE—is an informal community for anyone enthusiastic or curious about radio—whether you're new to radio and want to learn or you've been tinkering for years and want to share. Ham radio operators, GMRS users, Meshtastic fans, software-defined radio nerds, makers, and technical and non-technical folks are all welcome. No experience required or expected. This month we have **Radio Signal Analysis Using SDRs and OpenWebRX+** with **Scott McCrory**. Details are are [core.radio](https://core.radio/).

**Improving Office in Franklinton** Physical location: Improving Office 330 Rush Alley Suite #150 Columbus, OH 43215 Schedule: 6:00 p.m.: Socialize, eat, and drink. Improving will be providing pizza and beverages. 6:30 to 8:00 pm. Main meeting and presentation(s). Topic: This month John Lairson will share a notebook describing the Alpaca (Paper) Trading API and discuss different algorithms for evaluating stock trades. We meet on the last Monday of each Month. Presentations are given by members and friends of this group. If you would like to do a presentation (small or large) on a python topic, please contact Central OH Python at centralohpython@gmail.com

What does a trojan look like when it has over 900k+ combined installs and a Forbes write-up? Exactly like a legitimate Chrome extension. This session presents a technical dissection of two Chrome extensions, each with over one million active installations — that functioned as trojans in production environments, evading detection while operating through entirely legitimate browser APIs. These were not obscure tools. They were widely trusted, actively recommended, and covered by mainstream press before their malicious behavior was fully understood. We will walk through the actual source code of both extensions, showing precisely how the malicious functionality was constructed, concealed, and executed at scale. This analysis anchors a broader examination of how modern compromises actually succeed. Drawing on aggregated real-world incident data, we identify the technique categories currently delivering the highest adversary return, and why they keep working. Spoiler: it's rarely a zero-day. It's trust. The Chrome extension deep-dive will cover: * Line-by-line source analysis of how malicious functionality was embedded within working, useful software * Which browser permission scopes were abused, and why a million users — and their IT teams — didn't see it coming * The behavioral and structural indicators that distinguish a trojan extension from a legitimate one, and how to operationalize detection around them This session closes with a practical defensive prioritization framework built around observed attacker behavior: which mitigations are measurably reducing risk in production environments, which are consuming budget without impact, and a scoring methodology your team and leadership can apply immediately. **Source material:** Primary analysis of extension source code, corroborated by reporting from Forbes and other established outlets. **What this is not:** A vendor pitch, a speculative threat narrative, or a surface-level breach retrospective. **Who should attend:** Security architects, AppSec and cloud security practitioners, blue team leads, threat hunters, browser security practitioners, and security leaders responsible for prioritizing risk and investment decisions.

Customer identity resolution becomes increasingly complex as organizations scale across multiple systems, regions, and data formats. Traditional rule-based approaches often fail to keep up with data variability, require constant manual tuning, and struggle with real-time processing needs. This session presents a practical approach to building a scalable identity resolution pipeline using AWS services and modern AI techniques. The architecture combines data ingestion through Amazon S3 and AWS Glue, transformation pipelines using Spark on EMR, and machine learning models deployed via SageMaker for entity matching and standardization. Graph-based relationship modeling is implemented using Amazon Neptune to improve resolution accuracy by incorporating household and shared attribute context. We will walk through how machine learning models can be used for name and address normalization, how intelligent blocking strategies improve matching efficiency, and how feedback loops can be introduced to continuously improve accuracy. The session also highlights how serverless components such as AWS Lambda can be used for orchestration and real-time processing. **SPEAKER BIO** Mosaic Syed is a Senior Data Engineering and Cloud Solutions Architect with over 20 years of experience designing and delivering scalable, secure, and high-performance data solutions across global enterprise environments. https://www.linkedin.com/in/mosaic-basha-syed-92300856 **CALL FOR SPEAKERS** Learn more: [https://www.awscolumbus.com/get-involved/](https://www.awscolumbus.com/get-involved/) **THANK YOU** *VEEAM* for hosting our meetup! To learn more about *Veeam*, please visit their website: [https://www.veeam.com/](https://www.veeam.com/) **DIRECTIONS** 8800 Lyra Dr #450 · Columbus, OH go to 4th floor. **Want to sponsor the pizza and/or bar tab?** Please contact me if you would like to sponsor this meetup's pizza and/or bar tab: angelo@mandato.com

Join us on Wednesday, May 13, 2026, from 6-8 PM EDT, for a unique and challenging event featuring the CMD+CTRL Cyber Range. OWASP Toronto is happy to host a Cyber Range event with CMD+CTRL! CMD+CTRL Cyber Ranges are intentionally vulnerable applications and websites that tempt players to steal money, view their boss’s salary, acquire expensive items for free, and conduct other nefarious acts. **Bring your laptop to participate in-person, or join virtually!** * In-person: In person: Security Compass, 325 Front Street West, Unit 103, Toronto, ON * Online: See registration below **You MUST register on the following site to participate:** https://web.cmdnctrlsecurity.com/owasp-toronto-register

Practical AI for Power BI Developers A year ago, “agentic AI” was mostly hype for Power BI teams. Today, it deserves your undivided attention. For Power BI pros, there is now a real opportunity to reduce repetitive development work, accelerate delivery, and help developers do more, but only when strong DataOps practices are in place to make AI workflows effective. This session is a no-nonsense introduction to effective AI patterns for Power BI and Fabric development. Along the way, we will make sense of the growing pile of terminology, including skills, plugins, hooks, and MCP. You will see examples of how modern AI tooling can help with development tasks across Power BI and Fabric, along with the prerequisites, guardrails, and DataOps principles needed to use it responsibly. Whether you're burned out on AI hype or already using Copilot CLI daily, this session will show you the foundations that are finally making AI-assisted development genuinely useful.

When judging morality, should we prioritize **intentions/duty** or **outcomes/results**? It introduces two influential philosophers as representatives of these approaches. * **Immanuel Kant (deontology):** An action is moral when it is done from **duty** and follows rational, universal principles (the **categorical imperative**). Certain acts—like lying—are wrong regardless of the consequences; you can’t do a wrong thing for a right reason. * **John Stuart Mill (utilitarian consequentialism):** The morality of an action is determined by its **effects**, specifically how much **happiness/well-being** it produces. Mill argues that some pleasures are “higher” than others, and that good intentions don’t redeem harmful outcomes. ## Discussion Questions 1. **The lying dilemma:** A murderer comes to your door and asks if your friend is hiding inside. Kant would say you must not lie. 2. **Can good intentions rescue a bad outcome?** 3. **The organ harvest problem:** A surgeon has five patients dying of organ failure and one healthy patient in for a checkup. Killing the one to harvest organs would save five lives, and the math works out for the utilitarian. Why does this feel so deeply wrong? Is that feeling a point in Kant's favor, or just a bias we should overcome? 4. **Do rules need exceptions?** Kant insists moral rules must be universal, with no exceptions. But most of us can imagine extreme scenarios where any rule seems like it should bend. Does the need for exceptions fatally undermine deontology, or is the strength of the system precisely that it refuses to bend? 5. **Who gets to calculate the consequences?** Utilitarianism asks us to maximize good outcomes, but we're notoriously bad at predicting consequences. If we can't reliably know the results of our actions, is it practical to base our entire moral system on outcomes? Does this uncertainty push us back toward rules and principles? 6. **Everyday morality:** Think about a real moral decision you've made recently, even a small one. Did you reason more like a Kantian (what's the right thing to do in principle?) or more like a utilitarian (what will produce the best result?)? Do most people naturally lean one way? 7. **Justice vs. the greater good:** A town can prevent a deadly plague by sacrificing one innocent person. The greater good is clearly served. But is it just? Can an action be morally right and deeply unjust at the same time? 8. **The big synthesis question:** Are these two systems actually opposed, or do they often arrive at the same answers by different paths? Is it possible that we need both: rules to guide us in the moment and consequences to evaluate systems and policies over time?