Practical and Continuous Security Engineering
        (Starting a Security Program for Free) workshop

Abstract

This workshop is a hands-on exercise in building a good security program. The presenters have built security programs from scratch at multiple companies and have found that, while the companies can vary, the fundamentals remain roughly the same. The goal here is to bridge the gap between common infosec vendor jargon and practical security engineering work. There’s no shortage of acronyms being invented every week in the realm of security engineering. Instead of wading through these buzzwords that might not even be around by the end of the year, this workshop will dig into the principles that make for a good security program. These principles will then be applied with practical hands-on exercises where you’ll use free and open source security tools to build continuous security automation and alerting similar to ones that have been built when starting new security programs.

Day / Time / Location

Day 1, Friday, 15-August-2025, 4:00pm - 7:00pm
Tobin 221 (Workshop B)

Full Description

Registration -- NOT required

NOTE: You do NOT need to register to take this workshop
-- please show up early to ensure a seat at Tobin 221 (Workshop B).

Presenter(s)

Mark El-Khoury
Omar

Materials

Any materials needed to participate in this workshop will be available at-cost.
Observers are welcome at no cost.
To do the hands-on portion for this workshop:
Materials Cost: None

Required Software / What to bring

Familiarity with unix environments, a unix system to test with (Mac/Linux/WSL is fine), a Github account

Links