Meeting 2019-Feb

Metro Area

Monday February 4th, 2019

WHO: Southwest CyberSec Forum
WHEN: 1st Monday of each month (excluding holidays)
WHERE:  UAT theater at 2625 W Baseline Rd, Tempe, AZ 85283 (NEW LOCATION!)
WHY: To stay current with new cyber threats, explore new security technologies, and network with your peers.
FREE: No membership fees, no RSVP’s, food and drinks provided by our sponsors.

This month we have Tool Time with Tim Gracia (SANS Instructor) providing a run down on useful Cybersecurity tools. Tim will be followed by Gavin Klondike whom will be doing a deep dive on Machine Learning which is a trending technology that has significant implications for the Cybersecurity arena.

Erik Graham will be presenting his popular cyber threat update as usual.

This meeting is free and open to the public, so please invite your friends & bring your best questions. Our goal is to keep you, your co-workers, and your family informed and safe

Notice: Until Further Notice, all future meetings will be at the University of Advancing Technology in Tempe, AZ.

2625 W Baseline Rd, Tempe, AZ 85283 (Map)

Sponsor: 

Fortinet Logo
Fortinet

We provide top-rated network and content security, as well as secure access products that share intelligence and work together to form a cooperative fabric. Our unique security fabric combines Security Processors, an intuitive operating system, and applied threat intelligence to give you proven security, exceptional performance, and better visibility and control–while providing easier administration.

Fortinet Contacts:

 

AGENDA

Networking, Food and Drinks

  • 6:00 to 6:30 pm
  • No Entry into the UAT Theater until 6:30 as classes are in session
  • No Food or Drink inside the UAT theater at any time

General Announcements & Sponsor Segment

  • 6:30 to 6:50 pm
  • Sponsorship by Fortinet whom provides world-class security solutions
Fortinet Logo
Sponsor: Fortinet

Cyber Threat Updates by John Nash

  • 6:50 to 7:00 pm
  • Erik is out today so John will cover all cybersecurity news of note since the last meeting.

Links from Cyber Threat Update:

Tool Time with Tim Garcia

  • 7:00 to 7:45 pm
  • As a long standing SAN instructor and a veteran security professional Tim Garcia will review useful cybersecurity tools, is always a group favorite and will be sure to make the forum well worth your time.
  • Tim has been kind enough to share his presentation which can be found here. Note: this link/location may change when we re-organize the site.

Machine Learning for Security Analysts with Gavin Klondike

  • 7:45 to 8:45 pm

Machine Learning Abstract:

Today, over a quarter of security products for detection have some form of machine learning built in. However, “machine learning” is nothing more than a mysterious buzzword for many security analysts. In order to properly deploy and manage these products, analysts will need to understand how the machine learning components operate to ensure they are working efficiently. In this talk, we will dive head first into building and training our own machine learning models using the 7-step machine learning process.

And Gavin has graciously provided the slides to his presentation in advance which can be accessed below. Thanks Gavin!

SlideShare: Machine Learning for Security Analysts

Slides: https://www.slideshare.net/GTKlondike/machine-learning-for-security-analysts

GitHub: Machine-Learning-for-Security-Analysts

GitHub Code/Docs: https://github.com/NetsecExplained/Machine-Learning-for-Security-Analysts

Gavin’s Bio:

Gavin is a senior consultant and researcher who has a passion for network security, both attack and defense. Through that passion, he runs NetSec Explained; a blog and YouTube channel which covers intermediate and advanced level network security topics, in an easy to understand way. His work has given him the opportunity to be published in industry magazines and speak at conferences such as Defcon and CactusCon. Currently, he is researching into ways to address the cybersecurity skills gap, by utilizing machine learning to augment the capabilities of current security analysts.

YouTube: https://www.youtube.com/channel/UCsKK7UIiYqvK35aWrCCgUUA
Website: https://netsecexplained.com/

Past talks and publications:

Wrap Up and Networking

  • 8:45 to 9:00 pm

Meeting Recap 2019-Jan

Jan 7th, 2019 Meeting Recap

And as usual we had another great session this Month! Casey Reid of Tenable did a terrific presentation on Vulnerability Management and outlined the challenges even the largest companies have with tracking their network assets.  Erik Graham also provided the monthly Cyberthreat run down which is as much entertaining as it is educational.

Vulnerability Management 2.0

Casey Reid, Principle Security Engineer at Tenable

Some of the key points were of Casey’s presentation were as follows:

Asset Management:

The ability to know what you have on your network through regular scanning, as well as a process to decide when to allow a device on its network based on its risk score and whether it has been scanned or not.

Scanning Containers and other virtualized and variable workloads

Containers provided by kubernetes docker present special challenges when it comes to scanning.

Scanning Cloud Resources:

Identifying tools and processes to detect and scan ephemeral resources. In many cases this is best handled by intelligent agents that can integrate with your scanning tools:

Scanning ICA/SCADA Control Systems

Focus on scanning non-traditional assets such as ICA/SCADA control systems

CVE Scoring and what is wrong with it

The issues with CVE scoring and how you sometimes have to override those defaults and create custom methodologies to prioritize your remediation based on whether exploitable exist for those vulnerabilities as well as if they are at the edge or in more protected network zones.

Group Discussion

Finally there was a lively discussion around these topics with healthy participation by the audience. It is always good to see a dynamic group interaction like the one we had last night which indicates we have engaging speakers and an audience that is willing to challenge them.

FBI Presentation:

Paul Schaaf of the FBI also provided key information on the trends on Cyber and the ongoing challenges we all have as we enter 2019.

Sponsorship by Nuix:

Finally, thanks to David Petty and Matt Dunbar of Nuix for sponsoring. They provided key information on their product line and how they are solving tough problems in security management for some of the largest organizations in the world.

Nuix Logo

 

Thanks all for Attending!

Meeting 2019-Jan

Federal Panel

Monday January 7th, 2019

WHO: Southwest CyberSec Forum
WHEN: 1st Monday of each month (excluding holidays)
WHERE:  UAT theater at 2625 W Baseline Rd, Tempe, AZ 85283 (NEW LOCATION!)
WHY: To stay current with new cyber threats, explore new security technologies, and network with your peers.
FREE: No membership fees, no RSVP's, food and drinks provided by our sponsors.

 

Our FBI forum is always our most attended meeting and we expect a good turnout for this one as well. Be sure and invite all your friends for a very informative and timely presentation from Paul Schaaf, Special Agent. He will be proceeded by Casey Reid of Tenable (Provider of Nessus) presenting "Vulnerability Management 2.0." And of course Erik Graham will be presenting his popular cyber threat update as well.

This meeting is free and open to the public, so please invite your friends & bring your best questions. Our goal is to keep you, your co-workers, and your family informed and safe

Notice: Until Further Notice, all future meetings will be at the University of Advancing Technology in Tempe, AZ.

2625 W Baseline Rd, Tempe, AZ 85283

Sponsor: 

Nuix Logo

NUIX Endpoint security, governance, risk and compliance

Contact:

David Petty
SVP Commercial Sales
David.Petty@nuix.com | http://www.nuix.com
Ph: 1-703-969-5056
Herndon, VA

LinkedIn

 

AGENDA

*6:00 to 6:30*
Networking outside the UAT theater

(No Food Inside Theater Please per UAT rules)

*6:30 to 6:50 pm* 
General Announcements & Sponsor Segment

*6:50 to 7:00 pm*
Cyber Threat Updates by Erik Graham

*7:00 to 7:45 pm*
Vulnerability Management 2.0

Presented By

Casey Reid, Principle Security Engineer

Tenable (Maker of Nessus Software)

LinkedIn

*7:45 to 8:45 pm*
Paul Schaaf presents FBI Year End Review and What's Coming for 2019

*8:45 to 9:00 pm*
Wrap Up and Networking