November 2015 – Splunking for Endpoint Security

Topic: Splunking for Endpoint Security

Summary:

The front line in cybersecurity is the endpoint (and users).  In this talk I will be discussing methods often used as attack vectors and how to detect them using Splunk.  Learn how to improve your organization’s security posture by Splunking filesystem details, processes, services, hashes, ports, registry settings and more.

 

Presenter: Randy Trobock

Randy Trobock is a professional services security consultant for Splunk with 6+ years in IT and security fields. He currently holds CISSP, CEH, SSCP certifications, has security consultant experience in several industries including energy/utilities, retail, insurance, education, and finance. He likes to drink expensive scotch and owns many leather bound books. 

 

Register Here

October 2015 – Network Visibility in the Next Generation Software Defined Data Center

Topic: Network Visibility in the Next Generation Software Defined Data Center

Summary:

Arista Networks, an established leader in software driven cloud networking, is partnering closely with VMware to deliver the industry’s first scalable, best-of-breed solution for network virtualization in the data center. Arista and VMware’s vision leverages core data center virtualization technologies to transform data center economics and business agility. Their approach of automation and non-disruptive deployment embraces and extends existing infrastructure investments.

Arista also has developed joint solutions with partners like Palo Alto Networks to provide enhanced visibility and security solutions in the software defined data center. This integration provides a more scalable solution for virtual security appliances.

This session will walk you through some of the unique capabilities of these joint solutions. Additionally, the session will cover using Tap Aggregation devices to increase the visibility of your network while decreasing cost all while network speeds move from 1Gbps to 10G/40G/100G.

Presenter: Josh Frank

Josh Frank is a Systems Engineer with 8+ years experience in selling into major service providers and enterprise networks, as well as 8 years experience prior to that testing multi-vendor switching and routing architectures at a major Service Provider. He specializes in the architecture and implementation of a wide variety of network designs including Data Center and WAN solutions.

Register

September 2015 Monthly Meeting

 

Topic: The evolution of security, the evolving threat landscape and strategies for effective, security, compliance and risk management

Summary:

Dell SecureWorks understands cybersecurity is a critical focus for organizations, and technology alone cannot address the risks posed by cyberthreats. We combine elite intelligence and trusted security expertise, helping organizations solve complex security challenges, strengthen their security postures and reduce risk in the face of a dynamic threat landscape. Intelligence practices developed by our security experts enable a security resiliency methodology, ensuring you see the threat, thwart cyber-attacks and recover faster from security breaches.

Presenter: Paul Webb

Paul Webb is Security Specialist with Dell SecureWorks. For the past 17 years, Paul has supported his clients across a variety of sectors to meet their needs in the areas of IT security controls and related consulting services including, but not limited to: Security strategy, information security, network security, IT risk management, IT compliance (e.g. PCI, GLBA, HIPAA, CJIS), vulnerability testing, penetration testing, technical controls sourcing and implementation and managed security services.

We are waiting to get the slide deck from Dell, we will post it here and email it out when available.

Post Conference – 2015

Thank you all for attending, we had a great turn out and hope you enjoyed it as much as we did. Below are attachments for some of the presentations that were given.

Russ McRee – Morning KeyNote

Branden Carter – EMET: A View From the Trenches

Rich Goldstone – Real-World Forensics

Carlos Pelaez – Mapping Compliance Controls

Ken Dunham – Family Safety

Carlos Pelaez – Unified Compliance Framework

Dan DeCloss – So You Want to be a Pentester

Brian Reed – NIST Framework

Rich Goldstone – Forensic Tools

March 5, 2015 – Microsoft EMET, a view from the trenches

Supported by Boise ISSA

Topic: Microsoft EMET, a view from the trenches

Speaker: Branden Carter, Idaho Transportation Department

Branden is an IT Security Analyst with the Idaho Transportation department, an agency with 1600 employees and part of the larger Idaho state executive branch. He has worked there for 9 years, and has been in the CyberSecurity office since 2012. Previous to that he had a brief stint as a server administrator at ITD, spent a year as an IT Systems Administrator for an aquaculture company (where he had the unique opportunity to eat caviar that he could never afford otherwise), and before that again at ITD where he cut his teeth as a packet herder (Network Analyst) and spent some time as an intern doing desktop support. He has an Associates of Applied Science and Bachelors of Applied Science in Computer Network Technology from BSU. He has a SANS GSEC certification and a hopefully-soon-to-be-renewed Cisco CCNA.

Microsoft EMET – March 2015 ISSA Presentation – Branden Carter

Location Monthly meetings are held from 11:30 AM to 1:00 PM MST at the StoneHouse, unless otherwise stated: 665 Park Boulevard  Boise, ID 83712  The StoneHouse is located at 665 Park Blvd., next to the Ram, near the intersection of Broadway Ave. and Park Blvd.

 

Register

February 5th – The Analytics-Enabled SOC > SIEM Use Cases

Supported by Boise ISSA

Topic: The Analytics-Enabled SOC > SIEM Use Cases

 

Speaker: Mike Munn, Splunk Engineering Manager.

Mike’s career has been focused on security and IT operations related solutions and strategies. Mike has been employed by Splunk for ~ 4 years. He is the Splunk engineering manager for the Western US and works on security use cases, visualization and analytics using Splunk, and addressing strategic product/implementation projects. He has also held security related positions at Fortinet, TrendMicro, and other security engineering roles.

 

Building a SOC_Boise ISSA_020515

 

Location Monthly meetings are held from 11:30 AM to 1:00 PM MST at the StoneHouse, unless otherwise stated: 665 Park Boulevard  Boise, ID 83712  The StoneHouse is located at 665 Park Blvd., next to the Ram, near the intersection of Broadway Ave. and Park Blvd.

 

Register

March 6th – Defending a Breach

Supported by Boise ISSA

This meeting is a members-only meeting.

Presenter: Roundtable Panel

Summary: Several prominent organizations have recently experienced breaches. This discussion will examine topics pertinent to these breaches, and what we can learn from them.

Location Monthly meetings are held from 11:30 AM to 1:00 PM MST at the StoneHouse, unless otherwise stated: 665 Park Boulevard  Boise, ID 83712  The StoneHouse is located at 665 Park Blvd., next to the Ram, near the intersection of Broadway Ave. and Park Blvd.

Register

 

February 6th – Fortinet

Supported by Fortinet

Title: Mitigating Network Borders:  Balancing User Wants, Business Needs, and Security Requirements.   Many companies find themselves in a position where balancing wants, needs, and requirements ends up compromising security in ways that leave them vulnerable to current threats.  However, by digging deeper into the packets and the communications they comprise it’s possible to not only increase security, but fulfill business needs and user desires.

Speaker: Brian McLean
Bio: 14 year Sales Engineering veteran, most of those years spent in Layer 7 Firewalling.  I have a background in Electrical Engineering, and have been involved in technology since the time that choosing between an 386SX and 386DX was a thing.

Location Monthly meetings are held from 11:30 AM to 1:00 PM MST at the StoneHouse, unless otherwise stated: 665 Park Boulevard  Boise, ID 83712  The StoneHouse is located at 665 Park Blvd., next to the Ram, near the intersection of Broadway Ave. and Park Blvd.

Register