[Owasp-cincinnati] February Meeting

Andy Willingham andy.willingham at owasp.org
Fri Feb 2 13:51:20 UTC 2018

Well Punxsutawney Phil saw his shadow this morning which means that there
are 6 more weeks of winter. Of course with a 30% success rate I’m not so
sure we can put much stock in him. What we can put stock in is learning
something at the February OWASP meeting that you can use to improve your
security program.

We have spent some time over the Holiday’s working on the new year and
OWASP. I’m happy to say that we have expanded our leadership team to
include some new blood and have some great ideas for this year. We’re
kicking things off on Feb 13th with our first meeting of the year and we
hope that you will be able to join us.

You can register on our Eventbrite page at

Our speaker is Adam Leisring from Paycor and Paycor is also hosting and
sponsoring our meeting.

Adam will be speaking on the topic of Credential Stuffing and why we need
to be aware, concerned, and have a plan to address this.


Just last year, over three billion credentials were reported stolen from
various sources in both small and large amounts. Credential theft and
“stuffing” is a real and present threat to all organizations and the risk
of account takeover, particularly for privileged accounts, is substantial.
In this presentation, we’ll take a journey through the various stages of
credential stuffing from theft, to sale, to actual stuffing on sites. Next,
we’ll review some tested controls that you can put in place to either
detect or prevent this threat against your enterprise.


Adam is the Director of Information Security for Paycor, one of the largest
independently held Human Capital Management companies in America. He
oversees Information Security for Paycor’s 1400 associates as well as
Paycor’s 30,000 clients of their award-winning Software as a Service
product. In past positions, he has served in leadership roles including
Technical Services and Operations, Enterprise Architecture and Software
Engineering. Adam holds CISSP and CISM certifications as well as a Master’s
Certificate in Corporate Information Security. Adam is a volunteer in
ISC(2)’s Safe and Secure Online program which spreads security awareness to
children at local schools.
Andy Willingham

More information about the Owasp-cincinnati mailing list