May 16, 2022
Legal Guide to Ransomware
By Mark Rasch 
[PDF] [Video]

February 16, 2021
Developing Your Cyber Action Plan
By Teresa Allison 

September 15, 2020
The NIST Security and Privacy Controls Catalog (800-53): What’s New in the Draft and Looking Ahead
By Victoria Yan Pillitteri
[Video | PDF]

August 18 , 2020
Incident Handling & Threat Hunting w/ Security Onion
by Tyrone E. Wilson

November 19, 2019
Better Identity Coalition
by Jeremy A. Grant
[PDF] [Video 1 | 2 | 3]

 October 15, 2019
.govCAR - Think Like the Adversary
by Branko Bokan

September 17, 2019
Expecting Secure, High-Quality Software: Minimizing Technical Debt and Mitigating Risks with Better Measures for Test and Audit
by Joe Jarzombek
[PDF] [Video 1 | 2 | 3 | 4]

June 18, 2019
Macintosh Forensics
by Simson Garfinkel
[PDF] [Video 1 | 2 | 3]

May 21, 2019
Authentication Beyond SMS
by Kelley Robinson
Confidence as Code: Automated Security Testing in Cloud Environments
by Brad Geesaman
[PDF] [Video 1 | 2| 3] [Demo]

March 19, 2019
FAIL SAFE - 20 Ways to undermine your security program
by Tom Hallewell
[PDF] [Video 1 | 2 | 3]

March 12, 2019
Breaking into Cyber
by Tyrone Wilson

February 19, 2019
Enterprise API Management Platform
by Aqeel Butt and Naresh Patel of Optimoz, Inc.
[Video 1|2]

December 18, 2018
Future Shock: Four Cyber-startups talk about the future
Rali Kettani, Josh Stella , Matt Schmidt , Sean Donnelly
[Video 1|2|3]

November 20, 2018
Approaching Cybersecurity Law - A Guide for Information Security Professionals
by David Jackson

June 19, 2018
Incorporating Enterprise Priorities to the Risk Management Framework
by Noel A Nazario

April 17, 2018
Developing Your Cyber Career Action Plan
by Teresa Allison
[PDF] [Cleared jobs article[Action plan template]

July 18, 2017
Derived Personal Identity Verification (PIV) Credentials
by David Coley 

March 21, 2017
Current State of Application Security 
by Aravind Venkataraman

January 24, 2017
Cyber Risk – How DHS is Clarifying its Vision through the Continuous Diagnostics & Mitigation (CDM) Dashboard
by Matt House

October 18, 2016
Understanding Basic Physical Access Control, (PACS)
by Bill Stover

August 20, 2016
Understanding the Federal IT Security Professional (FITSP)
by Jim Wiggins

July 19, 2016
Targeted Ransomware Attacks
by Jason Rebholz

April 19, 2016
Cyber Security Management – An analytics based approach

by Krishnamurthy Krithivasan

February 23, 2016
Safeguarding our Data - DevOps Friend or Foe
by Joseph Santangelo

January 19, 2016

Cybersecurity Landscape in 2016   
Nik Son, Abel Sussman, and Dan Choi of Coalfire
[PPTX] [Audio]

January 20, 2015
Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations
by Dr. Ron Ross

November 18, 2014
A (Brief) History of Computer Crime
by Mark Rasch, Rasch Technology And Cyberlaw

October 21, 2014
Releasing the Kracken: Building and Using A GPU Password Cracker  
by Jonathan Fallone
[PDF[Audio] [Video @BSides DC 2014]


August 19, 2014
Combating Today's Targeted Attacks  
by Tom Kellermann


June 17, 2014
The Five Stages of Grief - How to Implement a Software Assurance Program 
by Scott Lehman and Tom Hallewell

April 15, 2014
Cyber Intelligence 
by Dmitri Alperovitch

March 18, 2014
Man-in-the-Browser Session Hijacking
by Raphael Mudge, Strategic Cyber LLC


January 28, 2014, 2014
Social Engineering to Improve Security Awareness
by Ira Winkler
[PDF] [Audio]

October 15, 2013
National Critical Infrastructure, Protection vs. Assurance
by Jack Whitsitt

August 20, 2013
What's Hiding in Your Software Components?  Hidden Risks of Component-Based Software
by Bruce Mayhew

July 16, 2013
Transforming your SOC for Big Data Analytics -- Rationale and Strategy
by Eddie Schwartz
[PDF] [Audio]


June 18, 2013
When Less Is More, the Thin Slicing of a Black Swan
by Michele Chubirka and Ronald P. Reck 
[PDF] [Audio]

May 21, 2013
Outcome Based Security

by Ron Gula 
[PDF] [Audio]

April 16, 2012
Social Media Smarts
by Michael Janke
[PDF] [Audio]

March 19, 2012
SCADA Cyber Security for the Smart Grid
by Dewan Chowdhury
[PDF] [Audio]

February 19, 2012
What is Cyber and How Do We Test It?
by Peter H. Christensen
[PDF] [Audio]

September 18, 2012
Open Source and Security
by Phil Odence
[PDF] [Audio]

July 17, 2012

The Easy Stuff
by Marcus Ranum 
[PDF] [Audio]

June 19, 2012
The Continuity / Security Convergence
by Paul R. Lazarr
[PDF] [Audio]

May 15, 2012 
Establishing Trust with Electronic Identities, When Electrons Aren’t Enough 
by  Brent Williams 
[PDF] [Audio]

April 17, 2012

Evolving Cyber Security Strategies and Highlights from NIST SP800-53 rev4 
by Dr. Ron Ross
[PDF] [Audio]

March 20, 2012 
Security of Large Technical Systems
by Marcus Sachs

February 21, 2012 
The Future of Cyber Security and Digital Forensics
by Greg Kipper

January 17, 2012 
Attribution and Response
by Paul de Souza

December 20, 2011
Advanced Threat Modeling 
by John Steven

November 15, 2011
Stream-based digital forensics with bulk_extractor
by Simson L. Garfinkel 
[PDF] [Audio]

October 18, 2011
Mobile Devices Gathering Information and Protecting Organizations
by Amber Schroader
[PDF] [Video]

September 20, 2011
Access Control and the Semantic Web
by Ronald P. Reck

August 16, 2011
DDoS Behind the Scenes
by Michael Smith

July 19, 2011
Economic Aspects of Cybersecurity
by Dr. Lawrence A. Gordon

June 21, 2011
Secure Android Applications, The OWASP Way
by Jack Mannino
[PDF] [Audio]


May 17, 2011
Secure Use of Cloud Computing
by Earl Crane


April 19, 2011
Smartphone Botnets
by Georgia Weidman
[PDF] [Audio]


March 15, 2011
Memory Forensics: Collecting and Analyzing Malware Artifacts from RAM
by Inno Eroraha
[PDF] [Audio]


February 15, 2011
Secure Deployment of IPv6
by Sheila Frankel
[PDF] [Audio]


January 18, 2011
Armitage - Cyberattack Management for Metasploit
by Raphael Mudge
[PDF] [Audio] [Video]


December 21, 2010
The State of Software Security
by Jeff Ennis, Veracode, Inc.
[PDF] [Audio]


November 16, 2010
How I learned to stop worrying and love compliance
By Ron Gula
[PDF] [Audio]


October 19, 2010
The Privileged Challenge
By Michael Wrightson
[PDF] [Audio]


September 21, 2010
Skeletons in the Closet: Securing Inherited Applications
by John Dickson
[PDF] [Audio]


August 21, 2010
Saturday at the Museum
National Cryptological Museum

July 20, 2010
M-Trends- The Advanced Persistent Threat
by Robert Lee
[PDF] [Audio] [Report]

June 15, 2010
Securing the Health IT Ecosystem
by Dr. Deborah Lafky
[PDF] [Audio]

May 18, 2010
Becoming a Better Cyber-Warrior: Finding Advanced Persistent Threats Using Real-Time Situational Awareness
by Eddie Schwartz
[PDF] [Audio]

April 20, 2010
Security Configuration Management with NIST SP800-128
by Kelley L. Dempsey
[PDF] [Audio]

March16, 2010
The Watchers - Talk and Book signing
by Shane Harris

February 16, 2010
Dangers of Web Application Vulnerabilities
by Jack Mannino
[PDF] [Audio]

January 19, 2010
Twenty Important Controls for Effective Cyber Defense and FISMA Compliance
by John M. Gilligan
[PDF] [Audio] [Bibliography]

December 15, 2009
The Case for Network Forensics
by Peter Schlampp, VP of Product Management and Marketing, Solera Networks
[PDF] [Audio]

November 17, 2009
Securing Cloud Computing - Are You Ready?
by Alex Fernandez, Purewire, Inc.

October 20, 2009
Mobile Device Forensics & Security Concerns
by Amber Schroader

September 15, 2009
Software Development: The Next Security Frontier - An Introduction to the CSSLP Certification
by Glenn Johnson, Certification Consultant, ISC2

July 21, 2009
Open Discussion: Nation State Hacking – Experience from the Front
Tom Hallewell, Discussion Leader
[PDF] [Audio]

June 16, 2009
Integrated Enterprise-wide Risk Management - Organization, Mission, and Information Systems View
by Dr. Ron Ross
[PDF] [Audio]

May 19, 2009
PCI-DSS Compliance
by Ulf Mattsson

April 21, 2009 6:30 PM
Smartphone Hacks and Attacks A Demonstration of Current Threats to Mobile Devices
by Daniel Hoffman, SMobile Systems

March 17, 2009
Data Doesn't Die: Strategies for Data Decommissioning
Perry Dollar - Media Sanitization Project Manager, Department of Veterans Affairs

February 17, 2009
Your Browser Wears No Clothes - Why Fully Patched Browsers Remain Vulnerable
by Michael Sutton, Zscaler

January 13, 2009
The less known side of identity theft: What every InfoSec professional should know about identity theft
by Branko S. Bokan