Meeting 2019-Feb

Metro Area

Monday February 4th, 2019

WHO: Southwest CyberSec Forum
WHEN: 1st Monday of each month (excluding holidays)
WHERE:  UAT theater at 2625 W Baseline Rd, Tempe, AZ 85283 (NEW LOCATION!)
WHY: To stay current with new cyber threats, explore new security technologies, and network with your peers.
FREE: No membership fees, no RSVP’s, food and drinks provided by our sponsors.

This month we have Tool Time with Tim Gracia (SANS Instructor) providing a run down on useful Cybersecurity tools. Tim will be followed by Gavin Klondike whom will be doing a deep dive on Machine Learning which is a trending technology that has significant implications for the Cybersecurity arena.

Erik Graham will be presenting his popular cyber threat update as usual.

This meeting is free and open to the public, so please invite your friends & bring your best questions. Our goal is to keep you, your co-workers, and your family informed and safe

Notice: Until Further Notice, all future meetings will be at the University of Advancing Technology in Tempe, AZ.

2625 W Baseline Rd, Tempe, AZ 85283 (Map)

Sponsor: 

Fortinet Logo
Fortinet

We provide top-rated network and content security, as well as secure access products that share intelligence and work together to form a cooperative fabric. Our unique security fabric combines Security Processors, an intuitive operating system, and applied threat intelligence to give you proven security, exceptional performance, and better visibility and control–while providing easier administration.

Fortinet Contacts:

 

AGENDA

Networking, Food and Drinks

  • 6:00 to 6:30 pm
  • No Entry into the UAT Theater until 6:30 as classes are in session
  • No Food or Drink inside the UAT theater at any time

General Announcements & Sponsor Segment

  • 6:30 to 6:50 pm
  • Sponsorship by Fortinet whom provides world-class security solutions
Fortinet Logo
Sponsor: Fortinet

Cyber Threat Updates by John Nash

  • 6:50 to 7:00 pm
  • Erik is out today so John will cover all cybersecurity news of note since the last meeting.

Links from Cyber Threat Update:

Tool Time with Tim Garcia

  • 7:00 to 7:45 pm
  • As a long standing SAN instructor and a veteran security professional Tim Garcia will review useful cybersecurity tools, is always a group favorite and will be sure to make the forum well worth your time.
  • Tim has been kind enough to share his presentation which can be found here. Note: this link/location may change when we re-organize the site.

Machine Learning for Security Analysts with Gavin Klondike

  • 7:45 to 8:45 pm

Machine Learning Abstract:

Today, over a quarter of security products for detection have some form of machine learning built in. However, “machine learning” is nothing more than a mysterious buzzword for many security analysts. In order to properly deploy and manage these products, analysts will need to understand how the machine learning components operate to ensure they are working efficiently. In this talk, we will dive head first into building and training our own machine learning models using the 7-step machine learning process.

And Gavin has graciously provided the slides to his presentation in advance which can be accessed below. Thanks Gavin!

SlideShare: Machine Learning for Security Analysts

Slides: https://www.slideshare.net/GTKlondike/machine-learning-for-security-analysts

GitHub: Machine-Learning-for-Security-Analysts

GitHub Code/Docs: https://github.com/NetsecExplained/Machine-Learning-for-Security-Analysts

Gavin’s Bio:

Gavin is a senior consultant and researcher who has a passion for network security, both attack and defense. Through that passion, he runs NetSec Explained; a blog and YouTube channel which covers intermediate and advanced level network security topics, in an easy to understand way. His work has given him the opportunity to be published in industry magazines and speak at conferences such as Defcon and CactusCon. Currently, he is researching into ways to address the cybersecurity skills gap, by utilizing machine learning to augment the capabilities of current security analysts.

YouTube: https://www.youtube.com/channel/UCsKK7UIiYqvK35aWrCCgUUA
Website: https://netsecexplained.com/

Past talks and publications:

Wrap Up and Networking

  • 8:45 to 9:00 pm

Meeting Recap 2019-Jan

Jan 7th, 2019 Meeting Recap

And as usual we had another great session this Month! Casey Reid of Tenable did a terrific presentation on Vulnerability Management and outlined the challenges even the largest companies have with tracking their network assets.  Erik Graham also provided the monthly Cyberthreat run down which is as much entertaining as it is educational.

Vulnerability Management 2.0

Casey Reid, Principle Security Engineer at Tenable

Some of the key points were of Casey’s presentation were as follows:

Asset Management:

The ability to know what you have on your network through regular scanning, as well as a process to decide when to allow a device on its network based on its risk score and whether it has been scanned or not.

Scanning Containers and other virtualized and variable workloads

Containers provided by kubernetes docker present special challenges when it comes to scanning.

Scanning Cloud Resources:

Identifying tools and processes to detect and scan ephemeral resources. In many cases this is best handled by intelligent agents that can integrate with your scanning tools:

Scanning ICA/SCADA Control Systems

Focus on scanning non-traditional assets such as ICA/SCADA control systems

CVE Scoring and what is wrong with it

The issues with CVE scoring and how you sometimes have to override those defaults and create custom methodologies to prioritize your remediation based on whether exploitable exist for those vulnerabilities as well as if they are at the edge or in more protected network zones.

Group Discussion

Finally there was a lively discussion around these topics with healthy participation by the audience. It is always good to see a dynamic group interaction like the one we had last night which indicates we have engaging speakers and an audience that is willing to challenge them.

FBI Presentation:

Paul Schaaf of the FBI also provided key information on the trends on Cyber and the ongoing challenges we all have as we enter 2019.

Sponsorship by Nuix:

Finally, thanks to David Petty and Matt Dunbar of Nuix for sponsoring. They provided key information on their product line and how they are solving tough problems in security management for some of the largest organizations in the world.

Nuix Logo

 

Thanks all for Attending!

Meeting 2019-Jan

Federal Panel

Monday January 7th, 2019

WHO: Southwest CyberSec Forum
WHEN: 1st Monday of each month (excluding holidays)
WHERE:  UAT theater at 2625 W Baseline Rd, Tempe, AZ 85283 (NEW LOCATION!)
WHY: To stay current with new cyber threats, explore new security technologies, and network with your peers.
FREE: No membership fees, no RSVP's, food and drinks provided by our sponsors.

 

Our FBI forum is always our most attended meeting and we expect a good turnout for this one as well. Be sure and invite all your friends for a very informative and timely presentation from Paul Schaaf, Special Agent. He will be proceeded by Casey Reid of Tenable (Provider of Nessus) presenting "Vulnerability Management 2.0." And of course Erik Graham will be presenting his popular cyber threat update as well.

This meeting is free and open to the public, so please invite your friends & bring your best questions. Our goal is to keep you, your co-workers, and your family informed and safe

Notice: Until Further Notice, all future meetings will be at the University of Advancing Technology in Tempe, AZ.

2625 W Baseline Rd, Tempe, AZ 85283

Sponsor: 

Nuix Logo

NUIX Endpoint security, governance, risk and compliance

Contact:

David Petty
SVP Commercial Sales
David.Petty@nuix.com | http://www.nuix.com
Ph: 1-703-969-5056
Herndon, VA

LinkedIn

 

AGENDA

*6:00 to 6:30*
Networking outside the UAT theater

(No Food Inside Theater Please per UAT rules)

*6:30 to 6:50 pm* 
General Announcements & Sponsor Segment

*6:50 to 7:00 pm*
Cyber Threat Updates by Erik Graham

*7:00 to 7:45 pm*
Vulnerability Management 2.0

Presented By

Casey Reid, Principle Security Engineer

Tenable (Maker of Nessus Software)

LinkedIn

*7:45 to 8:45 pm*
Paul Schaaf presents FBI Year End Review and What's Coming for 2019

*8:45 to 9:00 pm*
Wrap Up and Networking

 

Meeting 2018-Nov

November 5th, 2018

WHO: Southwest CyberSec Forum
WHEN: 1st Monday of each month (excluding holidays)
WHERE:  UAT theater at 2625 W Baseline Rd, Tempe, AZ 85283 (NEW LOCATION!)
WHY: To stay current with new cyber threats, explore new security technologies, and network with your peers.
FREE: No membership fees, no RSVP's, food and drinks provided by our sponsors.

Our November 5th expert panel forum will feature security experts Erik Graham, Chris Pavan, Anthony Dezilva, and John Nash. Panel moderator will be Kurt Schmeckpepper. They will be fielding questions from our followers around the world and our audience. Bring your toughest questions and be prepared for some lively discussions.

This meeting is free and open to the public, so please invite your friends & bring your best questions. Our goal is to keep you, your co-workers, and your family informed and safe

We are NO LONGER meeting at the University of Phoenix Fountain head location as that building is no longer available to us.

Notice: Starting November, 2018, meetings have been moved to the University of Advancing Technology in Tempe, AZ.

2625 W Baseline Rd, Tempe, AZ 85283

Sponsor: TBD

At this time we do not have  a sponsor for the November meeting, so until we do have a commitment, we will NOT be providing pizza and drinks as the sponsorship is the groups only source of revenue. However, the UAT theater has a student café next door where you can purchase pizza, sandwiches, snacks, and beverages.

If you would like to sponsor this meeting information on our sponsorship page

 

AGENDA

*6:00 to 6:30*
Networking outside the UAT theater

*6:30 to 6:45 pm* 
General Announcements

*6:30 to 6:45 pm*
Sponsor Segment

*6:45 to 7:00 pm*
Cyber Threat Updates by Erik Grahm

*7:00 to 9:00 pm*
Expert Panel Forum Moderated by Kurt Schmeckpepper

 

Meeting 2018-Oct

October 1st, 2018

WHO: Southwest CyberSec Forum
WHEN: 1st Monday of each month (excluding holidays)
WHERE:  University of Phoenix in Tempe 1625 W Fountainhead Pkwy, Tempe, AZ 85282.
WHY: To stay current with new cyber threats, explore new security technologies, and network with your peers.
FREE: No membership fees, no RSVP's, food and drinks provided by our sponsors.

Our October 1st forum will be one to remember.  Tool Time Tim, (Tim Garcia), always a favorite and a long time SANS instructor, will be presenting a deep dive into some technical topics. John Nash will be presenting an overview of how to assemble some basic security monitoring for your organization using open source tools.

This meeting is free and open to the public, so please invite your friends & bring your best questions. Our goal is to keep you, your co-workers, and your family informed and safe

Tempe 1625 W Fountainhead Pkwy, Tempe, AZ 85282

=> Meetings have been moved to the 4th floor <=

SPONSORED BY

INS Logo
Integrity Network Solutions

Integrity Network Solutions (“INS”) is an Arizona based firm that specializes in senior network, security, unified communications and telecom expertise.  Our service offerings are organized under two primary practice areas - Professional Services and Telecom Resale.  The combined talent and decades of experience in both practice areas provides a unique value to our clients as we are able to design, implement and maintain advanced technical solutions with end-to-end visibility and control.  Our Professional Services team is staffed with several CCIE level engineers with specializations in security, route/switch, datacenter, optical, cloud and unified communications.  INS is proud to have provided services to several prominent public and private enterprise organizations which span across diverse vertical markets.

INS has Telecom Resale agreements with all major carriers and we maintain a strategic partnership with CenturyLink.  INS negotiates with carriers to get you the most competitive pricing available and we take the complexity out of managing your telecom, datacenter, cloud and security services.  A unique differentiator that sets us apart is that we assign senior engineer resources to assist customers with the onboarding to new services at no additional cost.  This eliminates the finger pointing between the service provider and your staff and insures your services are provisioned properly and optimized for the best performance.

Contact:

Ed Ruskys, Owner
Ed.Ruskys@insnetworks.com
http://www.insnetworks.com
480-560-2995

AGENDA

*6:00 to 6:30*
Networking

*6:30 to 6:45 pm* 
General Announcements 

 Jerry Crow and John R. Nash

*6:45 to 7:00pm*
Sponsor Segment

*7:00 to 7:45*
Tim Garcia (Tool Time Tim) "Security Deep Dive"

*7:45 to 9:15 p.m*
John Nash (Phreedom) "Basic Security Monitoring with Open Source Tools"

Meeting 2018-Aug

Federal Panel

August 6, 2018 – Federal Panel

WHO: Southwest Cyber Sec Forum
WHEN: 1st Monday of each month (excluding holidays)
WHERE:  University of Phoenix in Tempe 1625 W Fountainhead Pkwy, Tempe, AZ 85282.
WHY: To stay current with new cyber threats, explore new security technologies, and network with your peers.
FREE: No membership fees, no RSVP’s, pizza and drinks provided by our sponsors.

Our August 6th forum is shaping up to be a blockbuster. We will have a reprise of our recent FBI night featuring Paul Schaaf with his active shooter presentation. There was so much interest and requests for more info that we had to have him back to present on this topic again.

Also, our forum is proud to present Anthony Dezilva; current board member ISC to Phoenix Chapter, Advisory Board Member of ACTRA, and Product Manger of Security Services PhoenixNAP. The title of his presentation is “Arizona, a supportive and collaborative Cybersecurity echo system.”

This meeting is free and open to the public, so please invite your friends & bring your best questions. Our goal is to keep you, your co-workers, and your family informed and safe

Tempe 1625 W Fountainhead Pkwy, Tempe, AZ 85282

=> Meetings have been moved to the 4th floor <=

SPONSORED BY

TBConsulting
TBConsulting

For more than two decades, Technical & Business Consulting, LLC (TBC) has been partnering with clients in the Greater Southwest Region. They seek to bring enterprise-grade tools, people and process to underserved mid-market companies; helping solve IT pains points, from cybersecurity to disaster recovery. TBC’s success is attributed to its proprietary 5D Methodology – Discover, Design, Develop, Deploy & Debrief. This 5D methodology provides clients with structure during the implementation and continued maintenance of their managed service with a designated Project Manager to keep projects running smoothly and on time.

TBC has partnered with Tier III & Tier V datacenters across the Greater Southwest Region, to better meet the needs of our clients, and help them realize their full potential.

TBC offers managed services encompassing:

• Cybersecurity
• Business Continuity/Disaster Recovery
• Business Impact Analysis
• Desktop as a Service
• ServiceNow Suite
• Private Cloud
• Unified Communications
• Software Defined WAN

Each of our service offerings has been engineered to accommodate the most rigorous of workloads, while providing exceptional professional service in times where tight SLAs need to be met by utilizing the TBC IT Operations Center. The TBC ITOC is a US based 24/7/365 operations center staffed by experienced personnel, who are able to assist with smart hands, incident requests and are committed to the Continual Service Improvement model.

Contact Info:

David Ziton
6023121914

 

AGENDA

*6:00 to 6:30*
Networking

*6:30 to 6:45 pm* 
General Announcements 

 Jerry Crow and John R. Nash

*6:45 to 7:00pm*
Sponsor Segment

*7:00 to 7:45*
“Arizona, A Supportive and Collaborative Cybersecurity Echo System”

Anthony Dezilva, CISSP, MBA, PhD Learner

Anthony Dezilva
Anthony Dezilva, CISSP, MBA, PhD Learner

*7:45 to 9:15 p.m*
FBI Presentation

Paul Schaaf

Presenting will be the local Phoenix FBI Field Agent for Cyber. The FBI’s presentation will focus on a review of security in the media and an active shooter presentation and the recommended policies that organizations should have in place to be prepared for such an event.

Meeting 2018-Jun

June 4, 2018

WHO: Southwest Cybersecurity Forum
WHEN: 1st Monday of each month (excluding holidays)
WHERE:  University of Phoenix in Tempe 1625 W Fountainhead Pkwy, Tempe, AZ 85282.
WHY: To stay current with new cyber threats, explore new security technologies, share experiences with your peers, network, and go where no man has gone before!
FREE: No membership fees, no RSVP's, pizza and drinks provided.

Put on your thinking cap for this forum. Our two main presenters will challenge what you think you know about CyberSecurity and wishing the forum lasted longer.

This meeting is free and open to the public, so please invite your friends & bring your best questions. Our goal is to keep you informed and safe

Tempe 1625 W Fountainhead Pkwy, Tempe, AZ 85282

=> Meetings have been moved to the 4th floor <=

SPONSOR

Glasswall Solutions

Glasswall Solutionshttps://www.glasswallsolutions.com
(866) 823-6652

Sponsor Bio:

Glasswall is taking content disarm and reconstruction (CDR) technology to the next level (a level that no other software solution on the market is able to match). This has resulted in Glasswall's unique and patented software solution being implemented globally across multiple high profile enterprises as well as governmental and federal institutions

AGENDA

*6:00 to 6:30*
Networking

*6:30 to 6:45 pm* 
General Announcements 

 Jerry Crow and John Nash

*6:45 to 7:00pm*
Sponsor Segment

*7:00 to 7:20*
Cyber Threat Update
Erik Graham

*7:30 to 8:15 p.m*
Chris Pavan of the Helios Group

Active Attack Intervention: Fighting back without breaking the law.

Chris will run through some relevant Cyber incidents and discuss TTPs used to fight back against an active attacker. He will also cover when and why intervention should be used over immediate remediation. The wrap up will include pre-planning as well as some homegrown tools you can create to ensure your interference is meaningful and successful.

LinkedIn Bio:

*8:15 to 9:00 p.m*
Elio Greico

Topic Pending

New Name – Southwest Cybersec Forum

After many years operating as the Southwest Security Professionals Forum, we are changing our name to Southwest CyberSec Forum (SWCSF).

Over the years we have had comments from folks saying they thought that our forum was for professionals only, or that it was a physical security forum. Neither of which, as you may know, is true.  As our focus is primarily related to Cyber and our outreach extends to professionals, students, teachers, government decision makers and other Security groups, the name change seemed apt and overdue.

There are no membership fees, our forum is open to anyone interested in all aspects of security, both cyber and physical. Looking forward to seeing you at the forum!

Meeting 2018-May

Federal Panel

May 7, 2018 - Federal Panel

WHO: Southwest Cybersecurity Forum
WHEN: 1st Monday of each month (excluding holidays)
WHERE:  University of Phoenix in Tempe 1625 W Fountainhead Pkwy, Tempe, AZ 85282.
WHY: To stay current with new cyber threats, explore new security technologies, share experiences with your peers, network, and go where no man has gone before!
FREE: No membership fees, no RSVP's, pizza and drinks provided.

This is a forum that you do not want to miss! We will have an extended cyber threat update followed by an FBI presentation on active shooter scenarios and mid-year review on cyber threats. This meeting is free and open to the public, so please invite your friends & bring your best questions. Our goal is to keep you, your co-workers, and your family informed and safe

Tempe 1625 W Fountainhead Pkwy, Tempe, AZ 85282

=> Meetings have been moved to the 4th floor <=

SPONSOR

Glasswall Solutions

Glasswall Solutionshttps://www.glasswallsolutions.com
(866) 823-6652

Sponsor Bio:

Glasswall is taking content disarm and reconstruction (CDR) technology to the next level (a level that no other software solution on the market is able to match). This has resulted in Glasswall's unique and patented software solution being implemented globally across multiple high profile enterprises as well as governmental and federal institutions

AGENDA

*6:00 to 6:30*
Networking

*6:30 to 6:45 pm* 
General Announcements 

 Jerry Crow and Robert Birdsall

*6:45 to 7:00pm*
Sponsor Segment

*7:00 to 7:20*
Cyber Threat Update
Erik Graham

*7:30 to 9:00 p.m*
FBI Presentation

Presenting will be the local Phoenix FBI Field Agent for Cyber. He may be joined by some of his counterparts from either Homeland Security and/or the Secret service whom will provide updates from their organizations on the state of security and Cyber threats. The FBI's presentation will focus on a review of security in the media and an active shooter presentation and the recommended policies that organizations should have in place to be prepared for such an event.