Topic:
Presentation 1: Software Security Street Fighting Style presented by Dr. Johannes Ullrich, Chief Research Officer for SANS Institute, a cooperative research and education organization (www.sans.org).
It is tough to be a developer. As a developer, you have countless opportunities to make mistakes. You mess up once, and you lose. On the other hand, the attacker has to find only a single vulnerability to get fame and fortune. The only way to beat the attacker is simple and repeatable defensive techniques that work every time. Similar to a street fight, simple and repeatable wins over complex and elaborate. This talk will outline how some of these principles apply to software security and security in general.
Presentation 2: Information Security in South Africa presented by Prof Dr. Hein S Venter, visiting professor working with Dr. J. Phillip Craiger, University of Central Florida, this summer.
Information security is a vast research field with sub areas of research. Dr. Venter will briefly mention the main sub areas of research in the field of Information Security, and then zoom in on the areas that have received considerable research effort in South Africa. He also will focus to the particular areas of his own research group, the Information and Computer Security Architectures (ICSA) Research Group, Department of Computer Science, University of Pretoria, South Africa. The particular research areas within Information Security include digital forensics, information privacy, wireless security systems, network security, vulnerability scanning, and intrusion detection in distributed systems. The research area that receives most of Dr. Venter’s focus is digital forensics; however, he also will briefly touch on the other areas listed here. Lastly, he will give an overview of how he perceives the Information Security landscape to grow in South Africa and the remainder of the world for the foreseeable future.
Dr. Johannes Ullrich, Chief Research Officer for SANS (SysAdmin, Audit, Network, Security) Institute, currently is responsible for the SANS Internet Storm Center (ISC) and the Global Information Assurance Certification (GIAC) Gold program. He founded DShield.org in 2000, which is now the data collection engine behind the ISC. His work with the ISC has been widely recognized, and in 2004, Network World named him one of the 50 most powerful people in the networking industry. Prior to working for SANS, Dr. Ullrich worked as a lead support engineer for a web development company and as a research physicist. Dr. Ullrich holds a PhD in Physics from State University of New York (SUNY) Albany and is lives in Jacksonville, Florida.
Dr. Hein S. Venter, Professor, University of Pretoria. Prof. Dr. Venter obtained his PhD in Computer Science, 2003, from the University of Johannesburg (formerly the Rand Afrikaans University), South Africa, and began his research career at the University of Pretoria in 2003. He also holds a BSc, BSc (Honours) and MSc degrees in Computer Science. Dr. Venter is one of the founding members of the Information and Computer Science Architectures (ICSA) Research Group, University of Pretoria Department of Computer Science, where he supervises Honours, MSc, and PhD postgraduate students. He has authored or co-authored more than 50 publications at national and international conferences and journals. Dr. Venters’ current research interests is mainly digital forensics but includes information privacy, wireless security systems, network security, vulnerability scanning, and intrusion detection in distributed systems. He is a member of International Federation for Information Processing (IFIP) Working Group 11.9 on Digital Forensics, the South African Institute for Computer Scientists and Information Technologists (SAICSIT), and Information Security for South Africa (ISSA) where he is the conference chair. He serves on the technical and program committees for conferences of SAICSIT and ISSA. He also is a member of Institute of Electrical and Electronics Engineers (IEEE), Association for Computing Machinery (ACM), and American Academy of Forensic Science (AAFS) (status pending) professional organizations. Prof. Dr. Venter teaches undergraduate and postgraduate courses as well as short courses in computer and information security aimed at industry. As a sideline, Dr. Venter is the director of a community-based project, Project PumaScope, aimed at reaching previously disadvantaged communities in the Mpumalanga Province in South Africa. The main goal is to facilitate teaches and learners of rural secondary schools with basic knowledge in Computer Science and Computer Literacy.
Remember to send an e-mail to Alexis Brignoni stating member name and the names of any guests you are bringing if you plan to attend. As always, there is no charge to attend.