Meeting Notes – January 2021

Thanks Darrell Little for an introduction to using Jupyter Notebooks for data science and applications in cybersecurity analysis.

Links of Interest

SANS API List

Using SANS API to Track Attackers

Intro to Jupyter Notebooks

Infosec Jupyterthon

Threat Hunter Playbook – Mordor Dataset

March 2021 – Quantum Computing – Fact vs Fiction

For March 2021 Rob Perry (CISO from Carilion Clinic) returns with an insightful look at quantum computing and how it could potentially change the IT Security landscape.  Never wanting to shy away from the more technical topics Rob’s previous talk regarding BlockChain challenged the most well held beliefs regarding its usage and forced us to look at Block Chain differently.  Now we have an opportunity to see where he will take us in this talk.  Don’t miss a great opportunity to hear from a local industry leader as we cover “Quantum Computing – Fact vs Fiction”.  This meeting will be virtual, and we will send connection details prior to the event. Hope to see you there!

Event Details

March 11th, 2021 @ 5:30pm,


Virtual Event – sign up to RISE email list for connection info

Subject of discussion:

Talk of recent advances in quantum computing has security professionals wondering if encryption algorithms like RSA are now vulnerable and need to be replaced or completely discarded. This talk will provide a brief overview of quantum computing and then pragmatically evaluate whether quantum computing is rewriting the security landscape or if quantum more closely resembles the hype of AI / artificial intelligence. Drinks will be served (virtually), so have your favorite beverage handy.

Robert Perry

Presenter Bio:

Robert Perry is the Chief Information Security Officer (CISO) for Carilion Clinic, one of the largest hospitals and healthcare providers based in southwest Virginia, serving nearly one million in the Virginia community and surrounding areas.

As an expert in the technology industry, Mr. Perry’s charismatic speaking style and passion for technology and cybersecurity have made him a sought after speaker at conferences. Speaking topic range in areas including: cybersecurity systems, and tools, attack and counter attack cybersecurity response systems, authentication and access control.

Mr. Perry is a high performance IT leader with over 20 years’ experience managing cybersecurity, technology systems and networking. His business and technology experience has allowed Mr. Perry to align technology initiatives with corporate and organizational business objectives.

He holds dual masters degrees: Masters in Technology Management and a Masters of Business Administration (MBA). Mr. Perry’s licenses and certificates include: CISSP (retired), CISA, CCSP, and CCNA-Voice

5 Years of RISE

This November marks 5 years of Roanoke InfoSec Exchange. What started as a simple idea for a free, informal group discussing InfoSec topics has managed to stay alive and continue to draw interest 5 years later. Looking back, this isn’t a trivial feat. One of, if not the, core principles of RISE is maximum inclusion of attendees in the area. Whether you are a seasoned professional, a student, in another career and looking for a change, or just an enthusiast – we want you to attend and benefit from RISE. “Exchange” means the exchange of knowledge for the improvement of our community and profession. We try to stay true to this principle by keeping meetings informal and free from “sales pitches”. When you come to a RISE meeting you should feel you’re getting honest information and free exchange of ideas.

This couldn’t happen without you. Your attendance, enthusiasm, and participation enables RISE to continue. If you are a RISE “elder”, we thank you for your continued participation in the group. If you are relatively new – welcome! We thank you for joining us and helping continue the spirit of InfoSec Exchange.

With your support we hope to continue bringing the community together for time to come. Thank you for your support to RISE and the local InfoSec community!

-Rob Garbee, Nate Sykes, & Ed Summers

December – Burp Suite, Part 2, Pro Edition

For December we have asked that Logan Diomedi return and give us an in-depth dive into Burp Suite.  As you may remember Logan gave us a quick overview of Burp Suite back in February and many of you requested more so here it is. 

Logan Diomedi and Burp Suite, Part 2, Pro Edition

Burp Suite is one of the many free tools available in Kali Linux.  Burp Suite allows anyone to test and verify their web applications using various techniques from initial mapping and analysis of an application’s attack surface, to finding and exploiting security vulnerabilities.  In this meeting Logan will show us how he uses Burp Suite in his “Red Teaming” pen tests and how you can use the tool to test your own websites.

December 10th @ 5:30pm; This will be a virtual meeting

Logan’s Bio

Logan Diomedi is a 24-year-old Roanoke native and has been in the Information Security world since his early teens. He currently works as a penetration tester for an offensive information-security firm known as Depth Security, where he performs network, application-based, social engineering, and physical penetration testing. Logan is a Capture-the-Flag & HackTheBox regular, and regularly performs infosec-related research in his spare time. Logan has been a RISE attendee for almost 2 years now and has a passion to bring knowledge and resources to the greater Roanoke information security community.

November 2020 – Hacking a Police Station, From Zero Access to the Evidence Room

Our next RISE meeting is going to be a great one.  Our own Tyler Booth (Hacker Extraordinaire) will be presenting “Hacking a Police Station, From Zero Access to the Evidence Room”.  Tyler will be covering one of his favorite Red Team exercises “Hacking a Police Station”.  During this exercise Tyler used several hacking techniques to move from outside with no access all the way to the evidence room.  The good new for us is that he will be explaining many of these techniques and how he leveraged them. 

The meeting will be November 12th, at 5:30pm via WebEx (WebEx info to be released later).   Looking forward to virtually seeing you all there.

Tyler’s Bio

Tyler Booth is your friendly neighborhood red teamer. He works as a Senior Information Security Consultant at CDW and can never stop hacking things.

To quote Tyler

“I have one cert and wrote a few blog posts on a currently defunct blog (dru1d.ninja). I guess that makes me a bit of an expert, amirite?”

Webcast: “How to Present” [BHIS]

We always ask for new people to step forward and present at a RISE meeting. You bring variety to the group in your experiences and delivery. But maybe you’ve never presented before, or walked away from a bad experience presenting in another forum. You’re looking for advice on how to get back behind the podium. Or you just enjoy an entertaining webcast.

Check out this webcast from Black Hills Information Security titled “How to Present: Secrets of a Retired SANS Instructor”. John Strand and friends share some of their sage advice from combined years of experience presenting to all manner and sizes of audience. These folks speak at the top conferences, face tough criticism, and know when not to drink the water. Anyone would benefit from the lessons they share – why not take advantage of community wisdom?

After you’ve watched the video send us an email at info@roanokeinfosec.com with your presentation topic for our next meeting!