ISSessions 2021-11-25

Hey everyone

This Thursday, November 25th at 7pm, we will be introducing you to the world of entrepreneurship in cybersecurity as well as revisiting the talk on defense evasion by Milos Stojadinovic. But first we have a very important announcement:

CyberSci Selections

The following teams have been selected to represent Sheridan College in the next CyberSci competition which will take place on January 15, 2022.

🀩 Team A:

  • Jackson Gorny
  • Muhammad Khan
  • Cristian Di Bartolomeo
  • Pablo Picazo

πŸ€– Team B:

  • Connor Laidlaw
  • Minh Giang
  • Kyle Doucette
  • Luca Di Bartolomeo

Congratulations! We are all rooting for you !! Now, back to the agenda (literally)…

AGENDA

7:00 – Kick-Off πŸ“£
7:05 – News Round-Up πŸ“°
7:30 – Cybersecurity Entrepreneurship in Brampton πŸ’‘
8:00 – Break β˜•
8:10 – Defense Evasion: Endpoint Detection & Response πŸ›‘οΈ

About Milos

Milos Stojadinovic has been working in the cyber security industry for over a decade. He is currently the Senior Director of Adversary Emulation, Threat Hunting, and Digital Development at RBC. In previous roles, Milos has worked with a number of consultancies delivering various security services to a broad variety of customers in numerous verticals. While Milos specializes in offensive cyber security, he has previously worked in the spaces of Threat Risk Assessment, PCI / PA DSS compliance, code reviews, and security architecture. Milos is also a graduate of Sheridan’s BAISc program; having also taught in the program in a part-time capacity. Milos enjoys speaking events and giving back to the community through engagement and education.

Defense Evasion: Endpoint Detection & Response

Mature organizations are deploying EDR solutions within their environments; both at scale and in high velocity. While not a replacement to traditional AV, these solutions are far more effective at providing situational awareness and endpoint visibility. EDR often presents material barriers to offensive operators; with increased focus on OPSEC and dynamic detection logic driving behavioural uncertainty. We will analyze the anatomy of EDR implementations and introduce both pragmatic and conceptual approaches to successfully evading these solutions within the context of real-world breach simulation exercises.

NB: This segment will not be recorded/uploaded/streamed to YouTube. So, make sure you tune in live!!

Can’t wait to see @everyone there!

-ISSessions Exec Team πŸ”

ISSessions 2021-11-11

Hey everyone

This Thursday, November 11th at 7pm, we have a super cool meeting with guest speaker tas_kmanager.

AGENDA

7:00 – Kick-Off πŸ“£
7:05 – News Round-Up πŸ“°
7:30 – Research with the CMI πŸ”¬
8:00 – Break β˜•
8:10 – Job Seeker of InfoSec πŸ§‘πŸ»β€πŸŽ“

About Magnatas Tondang


Tas graduated from Sheridan College ISS program back in 2018 and he is currently a Senior Consultant in EY Managed Detection and Response. His main function is to build the Threat Hunting and Detection Engineering capability of the team, and try to catch and stop advanced attackers targetting EY’s clients. Previously Tas has worked in Telco, Health Tech and Finance industry performing multiple roles from all-in analyst, Application Security to Threat Hunting. He is also part of numerous security initiatives such CDEF.ID, The DFIR Report collective and OSCD. He enjoys sharing his research and knowledge and he has presented in numerous international security conferences such as DEF CON and SANS summits.

Job Seeker of Infosec

As a student you asked yourself, “what am I going to do after school?” You read in the news that there are X million of infosec jobs need to be filled by 202X, and the next day you see there are hundreds of infosec people looking for jobs. These information added more pressure and confusion in your goal of finding your first (or dream) job.

Tas will share his experience navigating through the world of infosec as a “job seeker” where he will talk about different key components in a job, steps that you will face during job hunting, and tips and tricks from his experience both as a job seeker or as a hiring party. He will also share how, as a student, you can capture the HR attention and impress the hiring managers. With all of these information, hopefully your first (or next) job hunt will be much easier than Tas’

Can’t wait to see you all there!

-ISSessions Exec TeamπŸ”

ISSessions 2021-10-28

Hey everyone

Get ready for your favourite thing ever! ISSessions meeting this Thursday October 28th at 7pm!

Agenda

7:00 – Kick-Off πŸ“£
7:05 – News Round Up πŸ“°
7:30 – Practical Protocol Practice βš™οΈ
8:00 – Break β˜•
8:10 – Defense Evasion: Endpoint Detection & Response πŸ›‘οΈ

Practical Protocol Practice

There are countless networking protocols out in the world – so much that it’s often hard to keep track of! In this segment, Practical Protocol Practice, we take a look at a handful of ports and talk about them! This week will cover Unencrypted vs Encrypted protocols.

It is recommended to have a packet sniffer (i.e. Wireshark) and a Linux VM that you can connect to Telnet, SSH, FTP and SFTP ready.

About Milos

Milos Stojadinovic has been working in the cyber security industry for over a decade. He is currently the Senior Director of Adversary Emulation, Threat Hunting, and Digital Development at RBC. In previous roles, Milos has worked with a number of consultancies delivering various security services to a broad variety of customers in numerous verticals. While Milos specializes in offensive cyber security, he has previously worked in the spaces of Threat Risk Assessment, PCI / PA DSS compliance, code reviews, and security architecture. Milos is also a graduate of Sheridan’s BAISc program; having also taught in the program in a part-time capacity. Milos enjoys speaking events and giving back to the community through engagement and education.

Defense Evasion: Endpoint Detection & Response

Mature organizations are deploying EDR solutions within their environments; both at scale and in high velocity. While not a replacement to traditional AV, these solutions are far more effective at providing situational awareness and endpoint visibility. EDR often presents material barriers to offensive operators; with increased focus on OPSEC and dynamic detection logic driving behavioural uncertainty. We will analyze the anatomy of EDR implementations and introduce both pragmatic and conceptual approaches to successfully evading these solutions within the context of real-world breach simulation exercises.

NB: This segment will not be recorded/uploaded/streamed to YouTube. So, make sure you tune in live!!

Can’t wait to see @everyone all there!!

-ISSessions Exec Team