Our next ISSA meeting will be Thursday, December 3 and will feature Jim Salter! This free meeting is open to the public, so please share with your friends and security colleagues!
38 million accounts and 9.7 million credit card transactions from the notorious adultery site leaked this year. How does this affect you? Probably more than you think, whether you were in AM's databases or not. What can we learn from the data exposed in the breach, and what does it tell us about the security posture of not only website owners, but internet users themselves?
Jim Salter (@jrssnet) is an author, mercenary sysadmin, and father of three—not necessarily in that order. He got his first real taste of open source running Apache on his very own dedicated FreeBSD 3.1 server back in 1999, and he's been a fierce advocate of FOSS ever since. He's the author of the Sanoid hyperconverged infrastructure project (http://sanoid.net/). And he's written articles for Ars Technica on everything from next-gen filesystems to NAS distributions.
Registration
For more details and to register, please see:
https://greater-augusta-issa-2015-december.eventbrite.com/
Thursday, November 5, 2015
Thursday, October 8, 2015
November 2015 Public meeting - The Fog of More with Tony Sager
Our next ISSA meeting will be Thursday, November 5 and will feature Tony Sager! This free meeting is open to the public, so please share with your friends and security colleagues!
Tony Sager is a Senior VP and Chief Evangelist for the Center for Internet Security. He leads the development of the Critical Security Controls, a worldwide consensus project to find and support technical best practices in cybersecurity. His “volunteer army” cuts across all segments of the industry to identify practices that will stop the vast majority of attacks seen today, and then leads projects that will validate, measure, scale, and share these practices for widespread adoption. Tony also serves as the Director of the SANS Innovation Center, a subsidiary of The SANS Institute.
Tony retired from the National Security Agency in June 2012 after 34 years as an Information Assurance professional. He started his career in the Communications Security (COMSEC) Intern Program, and worked as a mathematical cryptographer and a software vulnerability analyst. After moving into leadership positions, Tony helped found and then led the Systems and Network Attack Center, oversaw all Red and Blue Team projects, established and led security product evaluation teams, helped guide the agency's top talent development programs, served as the founding chief of the Vulnerability Analysis and Operations Group (comprised of 700 of the NSA's top technical cybersecurity specialists serving the defensive mission), and was the Chief Operating Officer for the Information Assurance Directorate. Tony also led the release of NSA security guidance to the public starting in 2001, and greatly expanded NSA’s role in the development of open standards for security.
Mr. Sager holds a B.A. in mathematics from Western Maryland College and an M.S. in computer science from The Johns Hopkins University. Tony is also a civilian graduate of the US Army Signal Officer Basic Course and the National Security Leadership Course.
Registration
For more details and to register, please see:
https://greater-augusta-issa-2015-november.eventbrite.com/
Tony Sager is a Senior VP and Chief Evangelist for the Center for Internet Security. He leads the development of the Critical Security Controls, a worldwide consensus project to find and support technical best practices in cybersecurity. His “volunteer army” cuts across all segments of the industry to identify practices that will stop the vast majority of attacks seen today, and then leads projects that will validate, measure, scale, and share these practices for widespread adoption. Tony also serves as the Director of the SANS Innovation Center, a subsidiary of The SANS Institute.
Tony retired from the National Security Agency in June 2012 after 34 years as an Information Assurance professional. He started his career in the Communications Security (COMSEC) Intern Program, and worked as a mathematical cryptographer and a software vulnerability analyst. After moving into leadership positions, Tony helped found and then led the Systems and Network Attack Center, oversaw all Red and Blue Team projects, established and led security product evaluation teams, helped guide the agency's top talent development programs, served as the founding chief of the Vulnerability Analysis and Operations Group (comprised of 700 of the NSA's top technical cybersecurity specialists serving the defensive mission), and was the Chief Operating Officer for the Information Assurance Directorate. Tony also led the release of NSA security guidance to the public starting in 2001, and greatly expanded NSA’s role in the development of open standards for security.
Mr. Sager holds a B.A. in mathematics from Western Maryland College and an M.S. in computer science from The Johns Hopkins University. Tony is also a civilian graduate of the US Army Signal Officer Basic Course and the National Security Leadership Course.
Registration
For more details and to register, please see:
https://greater-augusta-issa-2015-november.eventbrite.com/
Saturday, July 25, 2015
ISSA meeting featuring Dr. Johannes Ullrich of the SANS Internet Storm Center
Our next ISSA meeting is this Tuesday July 28 and will feature Dr. Johannes Ullrich of the SANS Internet Storm Center!
For more details and to register, please see:
http://greater-augusta-issa- 2015-july.eventbrite.com/
Hope to see you there!
For more details and to register, please see:
http://greater-augusta-issa-
Hope to see you there!
Tuesday, May 19, 2015
June 2015 Public meeting - IR Event Log Analysis with Hal Pomeranz
Our next ISSA meeting will be Thursday, June 25 and will feature Hal Pomeranz! This free meeting is open to the public, so please share with your friends and security colleagues!
IR Event Log Analysis
Windows event logs contain a bewildering variety of messages. But homing in on a few key events can quickly profile attacker activity. From administrator logins, to scheduled tasks, to entries related to system services, and more-- the event logs are a one-stop shop. Learn to "crack the code" and enhance your investigations by adding event log analysis to your toolset.
About Hal Pomeranz
Hal Pomeranz is an independent digital forensic investigator who has consulted on cases ranging from intellectual property theft, to employee sabotage, to organized cybercrime and malicious software infrastructures. He has worked with law enforcement agencies in the US and Europe and global corporations. Hal is a SANS Faculty Fellow, and a respected author and speaker at industry gatherings worldwide.
Registration
For more details and to register, please see:
https://greater-augusta-issa-2015-june-hal-pomeranz.eventbrite.com/
IR Event Log Analysis
Windows event logs contain a bewildering variety of messages. But homing in on a few key events can quickly profile attacker activity. From administrator logins, to scheduled tasks, to entries related to system services, and more-- the event logs are a one-stop shop. Learn to "crack the code" and enhance your investigations by adding event log analysis to your toolset.
About Hal Pomeranz
Hal Pomeranz is an independent digital forensic investigator who has consulted on cases ranging from intellectual property theft, to employee sabotage, to organized cybercrime and malicious software infrastructures. He has worked with law enforcement agencies in the US and Europe and global corporations. Hal is a SANS Faculty Fellow, and a respected author and speaker at industry gatherings worldwide.
Registration
For more details and to register, please see:
https://greater-augusta-issa-2015-june-hal-pomeranz.eventbrite.com/
Saturday, May 9, 2015
Security Conferences in Augusta
Please mark your calendar and make plans to attend!
June 24 - 26
Cyber Security for Defense:
http://www.cybersecurityfordefense.com/
August 25-27
Technet Augusta:
http://events.jspargo.com/Augusta15/Public/Enter.aspx
September 11
Security Onion Conference:
http://blog.securityonion.net/2015/05/security-onion-conference-2015-cfp.html
September 12
BSides Augusta:
http://bsidesaugusta.org
Hope to see you there!
June 24 - 26
Cyber Security for Defense:
http://www.cybersecurityfordefense.com/
August 25-27
Technet Augusta:
http://events.jspargo.com/Augusta15/Public/Enter.aspx
September 11
Security Onion Conference:
http://blog.securityonion.net/2015/05/security-onion-conference-2015-cfp.html
September 12
BSides Augusta:
http://bsidesaugusta.org
Hope to see you there!
Friday, February 20, 2015
2015 Q2 Public meeting - Continuous Ownage: Why you Need Continuous Monitoring
Our next ISSA meeting will be Tuesday, March 31 and will feature Eric Conrad! This free meeting is open to the public, so please share with your friends and security colleagues!
Continuous Ownage: Why you Need Continuous Monitoring
Abstract:
Repeat after me, I will be breached. Most organizations realize this fact too late, usually after a third party informs them months after the initial compromise. Treating security monitoring as a quarterly auditing process means most compromises will go undetected for weeks or months. The attacks are continuous, and the monitoring must match.
This talk will help you face this problem and describe how to move your organization to a more defensible security architecture that enables continuous security monitoring.
About Eric Conrad
SANS Principal Instructor Eric Conrad is lead author of the book The CISSP Study Guide. Eric's career began in 1991 as a UNIX systems administrator for a small oceanographic communications company. He gained information security experience in a variety of industries, including research, education, power, Internet, and health care. He is now president of Backshore Communications, a company focusing on intrusion detection, incident handling, information warfare, and penetration testing. He is a graduate of the SANS Technology Institute with a master of science degree in information security engineering. In addition to the CISSP, he holds the prestigious GIAC Security Expert (GSE) certification as well as the GIAC GPEN, GCIH, GCIA, GCFA, GAWN, and GSEC certifications. Eric also blogs about information security at www.ericconrad.com.
Registration
For more details and to register, please see:
https://augusta-issa-2015-q2-eric-conrad.eventbrite.com/
Continuous Ownage: Why you Need Continuous Monitoring
Abstract:
Repeat after me, I will be breached. Most organizations realize this fact too late, usually after a third party informs them months after the initial compromise. Treating security monitoring as a quarterly auditing process means most compromises will go undetected for weeks or months. The attacks are continuous, and the monitoring must match.
This talk will help you face this problem and describe how to move your organization to a more defensible security architecture that enables continuous security monitoring.
About Eric Conrad
SANS Principal Instructor Eric Conrad is lead author of the book The CISSP Study Guide. Eric's career began in 1991 as a UNIX systems administrator for a small oceanographic communications company. He gained information security experience in a variety of industries, including research, education, power, Internet, and health care. He is now president of Backshore Communications, a company focusing on intrusion detection, incident handling, information warfare, and penetration testing. He is a graduate of the SANS Technology Institute with a master of science degree in information security engineering. In addition to the CISSP, he holds the prestigious GIAC Security Expert (GSE) certification as well as the GIAC GPEN, GCIH, GCIA, GCFA, GAWN, and GSEC certifications. Eric also blogs about information security at www.ericconrad.com.
Registration
For more details and to register, please see:
https://augusta-issa-2015-q2-eric-conrad.eventbrite.com/
Subscribe to:
Posts (Atom)