Our next ISSA meeting is **this Thursday** May 19 and will feature Ovie Carroll, Director of the DoJ Cyber Crime Lab, Computer Crime and Intellectual Property Section (CCIPS)! Ovie will present "Current and Emerging Trends in Digital Forensics."
Our next ISSA meeting will be Thursday, March 31 and will feature Doug Burks and Security Onion! This free meeting is open to the public, so please share with your friends and security colleagues! We'll also have a report from our bi-annual financial audit and we'll be electing officers for the next 2-year term, so please make every effort to attend if you're a member.
Security Onion is a Linux distro for intrusion detection, network security monitoring, and log management. It's based on Ubuntu and contains Snort, Suricata, Bro, OSSEC, Sguil, Squert, ELSA, Xplico, NetworkMiner, and many other security tools. The easy-to-use Setup wizard allows you to build an army of distributed sensors for your enterprise in minutes!
Doug Burks started Security Onion in 2008 to provide a comprehensive platform for intrusion detection, network security monitoring, and log management. Today, Security Onion has over 200,000 downloads and is being used by organizations around the world to help monitor and defend their networks. In 2014, Doug started Security Onion Solutions LLC to help those organizations by providing commercial support and training. Doug is a CEO, public speaker, teacher, former president of the Greater Augusta ISSA, and co-founder of BSides Augusta, but what he really likes the most is catching bad guys.
Our next ISSA meeting will be Thursday, December 3 and will feature Jim Salter! This free meeting is open to the public, so please share with your friends and security colleagues!
38 million accounts and 9.7 million credit card transactions from the notorious adultery site leaked this year. How does this affect you? Probably more than you think, whether you were in AM's databases or not. What can we learn from the data exposed in the breach, and what does it tell us about the security posture of not only website owners, but internet users themselves?
Jim Salter (@jrssnet) is an author, mercenary sysadmin, and father of three—not necessarily in that order. He got his first real taste of open source running Apache on his very own dedicated FreeBSD 3.1 server back in 1999, and he's been a fierce advocate of FOSS ever since. He's the author of the Sanoid hyperconverged infrastructure project (http://sanoid.net/). And he's written articles for Ars Technica on everything from next-gen filesystems to NAS distributions.
Our next ISSA meeting will be Thursday, November 5 and will feature Tony Sager! This free meeting is open to the public, so please share with your friends and security colleagues!
Tony Sager is a Senior VP and Chief Evangelist for the Center for Internet Security. He leads the development of the Critical Security Controls, a worldwide consensus project to find and support technical best practices in cybersecurity. His “volunteer army” cuts across all segments of the industry to identify practices that will stop the vast majority of attacks seen today, and then leads projects that will validate, measure, scale, and share these practices for widespread adoption. Tony also serves as the Director of the SANS Innovation Center, a subsidiary of The SANS Institute.
Tony retired from the National Security Agency in June 2012 after 34 years as an Information Assurance professional. He started his career in the Communications Security (COMSEC) Intern Program, and worked as a mathematical cryptographer and a software vulnerability analyst. After moving into leadership positions, Tony helped found and then led the Systems and Network Attack Center, oversaw all Red and Blue Team projects, established and led security product evaluation teams, helped guide the agency's top talent development programs, served as the founding chief of the Vulnerability Analysis and Operations Group (comprised of 700 of the NSA's top technical cybersecurity specialists serving the defensive mission), and was the Chief Operating Officer for the Information Assurance Directorate. Tony also led the release of NSA security guidance to the public starting in 2001, and greatly expanded NSA’s role in the development of open standards for security.
Mr. Sager holds a B.A. in mathematics from Western Maryland College and an M.S. in computer science from The Johns Hopkins University. Tony is also a civilian graduate of the US Army Signal Officer Basic Course and the National Security Leadership Course.
Our next ISSA meeting will be Thursday, June 25 and will feature Hal Pomeranz! This free meeting is open to the public, so please share with your friends and security colleagues!
IR Event Log Analysis
Windows event logs contain a bewildering variety of messages. But homing in on a few key events can quickly profile attacker activity. From administrator logins, to scheduled tasks, to entries related to system services, and more-- the event logs are a one-stop shop. Learn to "crack the code" and enhance your investigations by adding event log analysis to your toolset.
About Hal Pomeranz
Hal Pomeranz is an independent digital forensic investigator who has consulted on cases ranging from intellectual property theft, to employee sabotage, to organized cybercrime and malicious software infrastructures. He has worked with law enforcement agencies in the US and Europe and global corporations. Hal is a SANS Faculty Fellow, and a respected author and speaker at industry gatherings worldwide.