Technical Level: Highly Technical. Speakers: Jeremy Richards, Robert Beggs, Sue McGlashan, Jay Graver, Marcelo Tamaki, Brian Bourne, Gord Taylor, Jason Lam In this presentation, we'll cover the highlights of each conference. The new exploits and tool releases, new research and make sure you know what you missed out on! This is the MUST ATTEND TASK event of the year. If there is any specific topic you'd like covered, be sure to contact us and let us know. Reference: Defcon Official Website...

Read More »

Technical Level: Intermediate Technical. Speaker: Dave Millier, SentryMetrics Leveraging both open source and commercial tools, discover how to transform raw logs from security and non-security devices into meaningful information. Get the information that both IT and senior management need for both day-to-day and long-term planning. Turn millions of daily events into meaningful reports, alerts, or action items. Turn down the "noise" and turn up the value from systems you've already...

Read More »

Technical Level: Highly Technical. Speaker: Glen Lewis, Workbrain.com Glen will talk about loopholes in web-based enterprise applications, starting with simple problems like cross-site scripting and SQL injection, all the way up to impersonation and unauthorized access. Topic: Security Risks beyond the Network: Developing Secure Solutions Technical Level: Highly Technical. Speaker: Jeff Zado, Senior Product Manager, Microsoft Canada Ensuring that your organization’s applications are secure is no longer just about firewalls, networks and simple authentication. Security is a big challenge for organizations and the price of failure could mean disastrous results for companies and shareholders. But I am sure that you all know this, as you are security experts. However, developing secure software is a relatively new discipline that organizations are adopting and integrating throughout the software development lifecycle. In this talk we will look at common application security issues, how companies can identify them earlier in the development lifecycle and how Microsoft solutions can be leveraged to assist you and our organizations. ...

Read More »

Technical Level: Non-Technical. Speaker: Robert Beggs, Digital Defence This presentation presents a "rogue's gallery" of Canadian hackers - at least, the ones who've been caught! We will look at who they are and the techniques they used to compromise the privacy and security of the networks they attacked. This will allow us to understand the Canadian laws that govern computer misuse and -most importantly- the means we can use to defend our networks against the attackers. Presentation: PDF Here

Read More »

Technical Level: Highly Technical. Speaker: Various Attendees In this presentation, we'll cover the highlights of the conference. The new exploits and tool releases, any new research and make sure you know what you missed out on! Presentation on Metasploitation: Presenter's Website Presentation on Pentium Exploit: PPT Here Reference: CanSecWest/Core Website...

Read More »

Technical Level: Intermediate Technical. Topic: The Changing Threat Environment Speaker: Mike Murray With the newfound commitment to security by vendors, and the publicity that vulnerability research has garnered, the threat landscape has changed significantly since the turn of the century. Mike Murray, nCircle's Director of Vulnerability and Exposure Research will discuss the reasons behind and the consequences of these changes. Presentation: PPT Here...

Read More »

Technical Level: Intermediate. Topic: Risk and Perils of Ignoring the Insider Security Threat Speaker: Carl Bonds, CEO, CSO for Elytra Enterprises There is a tremendous body of evidence that now shows how important it is to protect the organization and its data against malicious and/or inadvertent insider threats. Whether you are operating a call center with casual or semi-casual computer savvy employees plugging in their 60 GB IPODS daily, or allowing executives to carry corporate...

Read More »

Technical Level: Intermediate. Speaker: Bruce Cowper, Microsoft Canada Many organizations have both heterogeneous and geographically distributed systems. Branch offices, Identity Management, collaboration and interoperability present their own challenges. With the release of Windows Server 2003 R2, there are many new and improved features that help you with these scenarios. In this session we will be taking a Security focus on real world scenarios based around Windows Server 2003...

Read More »

Technical Level: Highly Technical. Speaker: Jeremy Richards Linux Live CDs - A penetration testers dream come true -- It's a fully operational linux distribution running in RAM. Hundreds of auditing tools, exploits, scanners, and more. Turn your laptop into a professional auditors platform in a single reboot. We will cover WHAX (previously called Whoppix) and Auditor - two seperate LiveCDs. Live demonstrations of: Audit wireless security, Cracking WEP in 10minutes -- Kismet...

Read More »

Technical Level: Non-Technical. Speakers: Bernedette Schell, Michelle Warren, Harry Benz This month’s TASK meeting will focus on beginning a new career in Information Security, or enhancing your technical and social skills to improve your success in your present career. Our invited speakers will cover the current IT and IS environments in Canada, the changing role of women, technical and soft skills, and the process of preparing for, and successfully applying for, positions in security. Speakers...

Read More »