Skip navigation.

The primary purpose of the Chapter is to promote the education of its members for the improvement and development of their capabilities relating to the security of information system processing.

Training Event: How I Pwned Your Website - November 14th 2014

When: November 14th, 2014 from 10-5
Where: TBD
Link:  EventBriteLink

Paul Burbage from Phishlabs

Title: How I Pwned Your Website

Charlotte ISSA 10th Annual InfoSec Summit

Date: Summit - 04-24-2014

Training classes on 04-22-2014 thru 04-23-2014 and 04-25-2014 at National Gypsum - Details are coming!!!!

Job Fair will be held in room 209 on the Summit date
Where:  Charlotte Convention Center - Map/Directions

Register Here

Agenda/Schedule - Updated 4/17/2014 - 23:00
Interested in Training - Register Here -
Training Session 1 - Class is Sold Out!!!    Advanced Mobile Penetration Testing with OWASP MobiSec

Call for Presentations

Keynote Speakers  

Kevin Johnson

Streaking the Internet: Looking at privacy within modern systems

In this presentation Kevin Johnson of Secure Ideas will be discussing how expectations of privacy have changed over time.  The presentation will explore privacy concerns in the "Internet of Things", mobile applications and social networks.  It will use real world examples including SnapChat, mobile advertising and geolocation/ibeacons.


Kevin Johnson is the Chief Executive Officer of Secure Ideas. Kevin has a long history in the IT field including system administration, network architecture and application development. He has been involved in building incident response and forensic teams, architecting security solutions for large enterprises and penetration testing everything from government agencies to Fortune 100 companies. In addition, Kevin is an instructor and author for the SANS Institute and a faculty member at IANS. He is also a contributing blogger at TheMobilityHub.

Kevin has performed a large number of trainings, briefings and presentations for both public events and internal trainings. Kevin teaches for the SANS Institute on a number of subjects. He is the author of three classes: SEC542: Web Application Penetration Testing and Ethical Hacking,SEC642: Advanced Web Application Penetration Testing and SEC571: Mobile Device Security. Kevin has also presented at a large number of conventions, meetings and industry events. Some examples of these are: DerbyCon, ShmooCon, DEFCON, Blackhat, ISACA, Infragard and ISSA.

Kevin is also very involved in the open source community. He runs a number of open source projects. These include SamuraiWTF; a web pen-testing environment, Laudanum; a collection of injectable web payloads, Yokoso; an infrastructure fingerprinting project and a number of others. Kevin is also involved in MobiSec and SH5ARK. Kevin was the founder and lead of the BASE project for Snort before transitioning that to another developer.

John Strand

John Strand is a senior instructor with the SANS Institute. He teaches SEC504: Hacker Techniques, Exploits, and Incident Handling; SEC560: Network Penetration Testing and Ethical Hacking; SEC580: Metasploit Kung Fu for Enterprise Pen Testing; and SEC464: Hacker Guard: Security Baseline Training for IT Administrators and Operations with Continuing Education. John is the course author for SEC464: Hacker Guard: Security Baseline Training for IT Administrators and Operations with Continuing Education and the co-author for SEC580: Metasploit Kung Fu for Enterprise Pen Testing.

When not teaching for SANS, John co-hosts Security Weekly, the world's largest computer security podcast. He is also the owner of Black Hills Information Security, specializing in penetration testing and security architecture services. He has presented for the FBI, NASA, the NSA, and at DefCon. In his spare time he writes loud rock music and makes various futile attempts at fly-fishing.

Paul Asadoorian

Paul Asadoorian is the Founder & CEO for Security Weekly (formerly "PaulDotCom"), an organization dedicated to providing podcast, webcasts and videos on the topics of hacking and information security. For over 8 years Paul has interviewed the security industries finest and led a team of folks to create an informative resource for the security community. Paul is the co-author of "WRT54G Ultimate Hacking" and "Offensive Countermeasures: The Art Of Active Defense". By day he works for Tenable Network Security as the product evangelist focusing on both active and passive vulnerability scanning. At night he can be found wrangling the kids, hacking household embedded systems, and enjoying fine spirits and cigars.

David Kennedy
  David J. Kennedy
CISSP, OSCP, OSCE, GSEC, MCSE, ISO 27001 Founder, Principal Security Consultant

David started TrustedSec with the vision in building a world-class information security consulting company. To-date, TrustedSec
 provides information security consulting services for a large portion
of the Fortune 1000 space as well as medium sized companies. Prior to TrustedSec, David was a Chief Security Officer (CSO) for Diebold
 Incorporated, a Fortune 1000 company located in over 80 countries with
over 16,000 employees. David developed a global security program that
tackled all aspects of information security. David is considered a
thought leader in the security field and has presented at over three
hundred conferences worldwide.

David has had numerous guest appearances on Fox News, CNN, CNBC, Huffington Post, Bloomberg, BBC, The Katie Show, and other high-profile media outlets. David is the founder of DerbyCon, a large-scale information security conference. David has testified in front of Congress on multiple occasions on the threats we face in security and in the government space. David also co-authored Metasploit: The Penetration Testers Guide book, which was number one on Amazon in security for over a year. David was also one of the founding members of the “Penetration Testing Execution Standard (PTES)“. PTES is the industry leading standard and guidelines around how penetration tests should be performed and methodologies. David has had the privilege to speak and keynote at some of the nations largest conferences.

David is the creator of several widely popular open-source tools including
“The Social-Engineer Toolkit” (SET), Artillery, and Fast-Track. David
has also released several zero-day exploits and focuses on security
research. David has over 14 years of security experience, with over 9
specifically in security consulting. Prior to the private sector, David
worked in the United States Marines for cyber warfare and forensics
analysis activities.

Job Fair Participants



Syndicate content