Date: Wednesday April 11, 2018

Time: 5:30pm-7:30pm

Title: Hands on Lab: BGP Routing and Attacks (bring your laptops!)

Description: This course is intended to teach students the fundamentals of routing (both static and dynamic) as well as filtering traffic with iptables. Students will become familiar with configuring routers based on Alpine Linux and Quagga routing software. Step-by-step lab directions will be provided as well as a brief lecture covering each lab topic.


  • Understand and configure static routing
  • Understand network address translation (NAT) with iptables
  • Filter traffic with iptables
  • Configure dynamic routing with OSPF
  • Configure dynamic routing with BGP
  • Understand and practice BGP route hijacking

Presenter:  Bill Reed, of SEI

Sponsor:  Optiv

(ISC)² Pittsburgh Chapter

Pittsburgh, PA
189 Members

Our mission is to advance information security in the Pittsburgh Community by providing our members and other security professionals with the opportunity to share knowledge, g…

Next Meetup

(ISC)2 Pittsburgh Chapter Meeting (Spring)

Wednesday, Apr 11, 2018, 5:30 PM
19 Attending

Check out this Meetup Group →



Title: Protecting Controlled Unclassified Information(CUI) in Nonfederal Information Systems and Organizations

Presenter: Chris Seiders, Security Analyst, University of Pittsburgh, Computing Services and Systems Development (video) (slides)

Description: NIST Special Publication 800-171 “Protecting Controlled Unclassified Information(CUI) in Nonfederal Information Systems and Organizations”

What it is and how you may be impacted.

Sponsor: Optiv

Title: How to Beat Evasive Malware at Its Own Game

Presenter: Lenny Zeltser, VP of Products, Minerva Labs (presenting  remotely)

Slides available for members only at the presenter’s request via

Wednesday, November 15, 2017

Time: 5:30pm-7:30pm

Developing sophisticated attacks takes time and requires heavy investment. Attackers safeguard their methods by designing malicious software to remain unnoticed by security tools for as long as possible. This educational session discusses some of the common evasive techniques that malware authors incorporate into their creations. Moreover, it proposes several innovative approaches for turning such capabilities against malware to defend endpoints, turning adversaries ‘ strengths into weaknesses.

You’ll learn about:

Common evasive techniques used by malware authors to bypass security defenses.

Ideas for exploiting evasive capabilities of such threats to give defenders an advantage over adversaries.

Free, proof-of-concept tools that demonstrate the effectiveness (and sometimes limitations) of such defensive techniques.

Attend this session to learn how evasive malware achieves its objectives and to consider methods for defending against such threats without relying on signatures, behavioral patterns or machine learning models.

About Lenny Zeltser

Lenny is a senior faculty member at SANS Institute and VP of Products at Minerva Labs. Earlier in his career, Lenny served as a Director of Product Management at a Fortune 500 company with a focus on security software and services. Previously, he led the enterprise security consulting practice at a major cloud services provider. A frequent public speaker and writer, Lenny has co-authored books on network security and malicious software. Lenny holds an MBA from MIT Sloan and a Computer Science degree from the University of Pennsylvania.

Sponsor: Minerva Labs

Title: Hands on Scripting lab with PowerShell and Python (bring a laptop)

Presenter: Joshua Acklin, Cyber Security Engineer, CERT (video)(slides )

Description: Introduction and completion of these labs.  

Wednesday, August 23, 2017 – (ISC)2 Pittsburgh Chapter

Time: 5:30pm-8:30pm

Packet Capture Analysis with Python

This lab covers Python 2.7 and all content will revolve around the most recent version of Python 2.7. Students will walk through a basic Python guide and upon completion will create a simple Python application that identifies Unique IP addresses within a Packet Capture(pcap). Utilizing the Lab guide students will create a Python class with functions that sift through a large pcap, identify IP addresses, compare IP addresses with known IP address and make logical decisions on adding an IP address to a Python data structure.

Network Flow Analysis with Python

This lab is a continuation of Packet Capture Analysis with Python. In this lab, students will be provided a Python script skeleton: PacketSniffer to create a custom passive network flow analysis application. Using a Python library pyshark Students will create Python Objects to analyze network flow. Upon completion of PacketSniffer Students will monitor a probe within an adversaries network to identify IP addresses, ports, protocols, and anomalous behavior.

Host Intrusion Detection with Powershell

This lab is a continuation of Windows Filesystem Scanning with PowerShell. In this lab, students will be provided a PowerShell script skeleton: PowerHids to create a custom Host Intrusion Detection System. PowerHids will create a Window’s system baseline and a periodic monitoring check against the baseline. The Windows Systems Students are expected to monitor are, File System, Windows Registry, Network, and Running Processes. Upon completion of the PowerHids Script students will monitor a Windows system and identify changes.

Windows Filesystem Scanning with PowerShell

This lab introduces the fundamental basis for creating scripts in PowerShell. In this lab, you will learn some of the key aspects of PowerShell, how to traverse through a windows system identifying Key Terrain Cyber, and identifying system that have been manipulated within a Windows System. Key concepts that will be explained include the purpose of PowerShell, the use of PowerShell’s programming paradigm to create effective scripts, the four core aspects within a Windows system (network, processes, files, and the registry). On the conclusion of this module will understand the concepts and the development of a script to traverse a Windows File System creating an effective baseline in which to compare against.

High School Cyber Security Competition

75 students attended the 2017 STEM outreach program this summer, which was sponsored by The Software Engineering Institute’s CERT Division and the Pittsburgh Chapter of (ISC)2.

Alert Orchestration, presented by Luis Guzman

How to enrich alerts and deliver information to make a programmatic or human-aided decision.

Date: Tuesday, May 23rd

Time: 5:30 – 7:30 pm

Sponsor: Ethical Intruder (presentation)

Presenter: Luis Guzman  (presentation)




Hands on Wireless Pen testing in an all virtual training environment .

Date: Wednesday, March 8th

Time: 5:30 – 7:30 pm

Presenter: Adam Welle, CERT

Sponsor: Anomali


ISC2 Pittsburgh Networking Event

As the snow starts falling, it’s that time of year. ISC2 Pittsburgh will host its first annual networking event this December 7th at the Allegheny Harvard Yale Princeton Club.

Our goal is to bring together Western Pennsylvania’s information security community in a laid back environment to get to know our group as well as each other. We have patterned this social after several others across the country and hope to make this event a great success.

We will take care of the appetizers and non-alcoholic beverages. A cash bar will be available for those looking to have beer and wine. In other words, attendance is free!

We encourage folks from ISC2, ISSA, Infragard, Steel City Infosec, OWASP, SEI and anyone else who is in any way associated with information security in Pittsburgh or those who would just like to get to know us better to attend. We welcome people from college students to CISOs and anyone in between!

The official information for the event is listed below. We strongly prefer that you register in advance if you plan on attending.

Date: Wednesday, December 7th 2016

Time: 6-9 pm

Location: Allegheny Harvard Yale Princeton Club, 619 William Penn Place,Pittsburgh, PA 15219

The event is generously sponsored by Gigamon, F5, Imperva, Cyber-Ark, and LogRhythm. Many thanks for their support.

Tuesday October 11, 2016 @ 6pm-  ISC2 Chapter meetup.  Dan Denne will be discussing strategies to pass the new CISSP exam.  Dan recently passed the exam.  Food will be served. Thanks go out to our sponsor Cigital. Expect an e-vite soon. All are welcome, certified or not!

Location: NCFTA

Wednesday, July 18-20, 2016  –  The Software Engineering Institute’s CERT Division and (ISC)²® Pittsburgh Chapter’s High School Cyber Security Competition at Carnegie Mellon University

9:00AM – 4:00PM ET

Location: Collaborative Innovation Center, Carnegie Mellon University, 4720 Forbes AvePittsburgh, PA 15213

Wednesday, June 1, 2016, 5:30 p.m.  – (ISC)Pittsburgh Chapter – CERT’s Security Board game “Three Envelopes”

Location: Microsoft Pittsburgh Office

Wednesday, March 23, 2016  – (ISC)Pittsburgh Chapter – Main Talk- Summer Fowler, Technical Director, Cybersecurity Risk & Resilience at CERT

Lighting talks

–Sid Faber – The CERT Network Security Monitoring Suite (install and config pdfs)

Chad White-  InfoSec Summit (ISSA) Columbus

Allen Howard- Wireless Security

Dan Denne- Red Forests

Diane Planton & Ryan Sydlik- Meta-Directories and  Identity Access Management

6:00PM – 8:30PM ET

Location: Collaborative Innovation Center, Carnegie Mellon University, 4720 Forbes AvePittsburgh, PA 15213

Tuesday, December 15, 2015 – (ISC)Pittsburgh Chapter – Find the Adversaries Artifacts! Hands-on Forensic Exercises.

Please join us for newly created hands-on forensics exercises in The CERT Simulation, Training, and Exercise Platform (STEPfwd) Virtual Platform. Find the adversaries artifacts!

5:00PM – 8:30PM ET

Wednesday, September 16, 2015 – (ISC)Pittsburgh Chapter – Blackhat / Defcon Speaker Ken Westin,

Operationalizing Threat Intelligence: How to Develop and Apply a Threat Intelligence Program

Please join us for Backhat / Defcon speaker Ken Westin.  The topic will be Operationalizing Threat Intelligence: How to Develop and Apply a Threat Intelligence Program.

The talk will be followed by security table topics and discussion by our members. Some topics: Governance, Risk management and Compliance software (GRC),  What’s new in Crypto & NIST FIPS 202/SHA-3, Device hacking and finding developer backdoors, What’s new in network security, An interesting security story and NoSQL security logging and mobile forensics.

5:30PM – 8:30PM ET Collaborative Innovation Center, Carnegie Mellon University, 4720 Forbes AvePittsburgh, PA 15213

Great job teens, the teachers were very impressed with your passion and how quickly you learned the security material, nice work!


July 27-29, 2015, 8:30 a.m. – 5 p.m. – High School Cyber Security Competition

High School students join the blue team this summer! Learn how to defend a virtual network against live attacks using open source tools such as Snort! Sponsored by CERT ( and ISC2 Pittsburgh (

The Pittsburgh Chapter is banding together with to fill a gap in teen education today, to help develop the next generation of cybersecurity professional. This event will provide high school teens with an opportunity they may never get otherwise.

Where: Collaborative Innovation Center, Carnegie Mellon University4720 Forbes AvePittsburgh, PA 15213Cost: Free entrance (Street parking not included)Prize: 1st place prize $500 Student registration:  (limit 24)

Vendor sponsor:  Accuvant, and @layer427expert

Wednesday, May 20, 2015 – (ISC)Pittsburgh Chapter – Race The Clock, Security Escape Room (bring your own laptop)

Escape rooms are a form of puzzle game where willing participants will be locked within a room with a specific scenario according to a respective theme (i.e. a laboratory, a jail cell, etc), either alone or alongside a team of individuals, to solve a plethora of puzzles and riddles using the elements found inside the room to attempt to escape within a certain amount of time.
In our version, the room is a virtual lab containing one or more virtual systems. The theme is a certain skill set or competency in the IT or computer security fields (i.e. networking, forensics, programming, etc). Instead of simply trying to escape, the end result the player hopes to achieve is discerning a final piece of information, and must work through a set of tasks and puzzles to discern this information. The player will have available or must unlock, the tools, information, and clues necessary to reach the final piece of information at the end of each challenge.

Chris Herr “Video Games as a Training Tool to Prepare the Next Generation of Cyber Warriors“

5:30PM – 8:30PM ET Collaborative Innovation Center, Carnegie Mellon University4720 Forbes AvePittsburgh, PA 15213

 Tuesday, January 13, 2015 – (ISC)Pittsburgh Chapter – Cyber Range

Join The Blue Team for hands-on exercises to defend a virtualized cyber range sponsored by CERT and ISC2 Pittsburgh Chapter.  Use your defense skills against attacks, using open source tools, such as Nagios and Snort this winter. All Skill levels are welcome.

5:30PM – 8:30PM ET Collaborative Innovation Center, Carnegie Mellon University, 4720 Forbes AvePittsburgh, PA 15213


Chapter updates

Cyber Range