Building Elegant Security Dashboards for your NOC or SOC & CISSP Domain 1 Security & Risk Management

Phreedom Leadership Photo

Monday June 3rd, 2019 / 6 PM - 9 PM

WHO: Southwest CyberSec Forum

WHEN: 1st Monday of each month 6:00 PM - 9:00 PM

WHERE: UAT theater at 2625 W Baseline Rd, Tempe, AZ 85283

WHY: To stay current with new cyber threats, explore new security technologies, and network with your peers.

FREE: No membership fees, no RSVP’s, food and drinks provided by our sponsors.

Presentation 1: Building Security Dashboards from Elasticsearch Log Data (7:00-7:45 PM)

by Dean Moore and John Nash of Phreedom Technologies

 

John R. Nash Bio Pick
John R. Nash

With the relentless increase in speed and capacity of networks and systems, the logs that are generated can exceed thousands of events per second or more!  Is there any hope for an understaffed security team to keep up with the constant flow of user activity and system events, and hope to make any sense out of it?

John and Dean will show how to build sophisticated security dashboards, sourced from firewall and windows event log data stored in Elasticsearch.  The focus will be on the use of open source tools to build time series histograms and heat maps to identify important data that will highlight how your infrastructure is operating and quickly identify patterns and anomalies that may require further investigation.

Examples:

Dashboard 1
Firewall session for most active users over a 2 day period

Dasboard 3
ISP Daily Bandwidth by Netblock Owner (ASN)

Security Dashboard 2
Daily Heat map of Firewall Policy Events

 

Presentation 2: CISSP Domain 1 Security & Risk Management presented by Tim Hoffman (7:45-8:00 PM)

Tim Hoffman
Tim Hoffman

The security & risk management domain is a complex domains that accounts for a total of 16% of the score on the examination. This domain often confuses the more technical personnel because it speaks to business. The intent of the domain puts focus directly on business executives and security personnel who must work together to agree on the proper security activities to perform to achieve optimum governance. The Board and Executive Management will involve themselves with providing strategic direction and making decisions based on risk – then managing risks appropriately while concurrently verifying that the enterprise's resources are used responsibly.

Mr. Timothy Hoffman is a Healthcare Cybersecurity Executive with an extensive US Navy cryptologic background, a serial entrepreneur, and Founder of Tim Hoffman & Associates, LLC. His professional credentials include an MS from Central Michigan University and certifications including: CISSP, GCIH, CCSK, Security+(CE), Network+(CE), ITIL v3, ISO 27001, C|EH, CNDA, Expert Rating PM, ISP, and many others.

Mr. Hoffman’s strength is found in alignment of technology solutions to business needs so as to support business through risk management. His team translates technical speak into everyday language that is easy to understand and has won praise for security program creation, policy & procedure writing, Cloud system design, and network architecture.

Notable career accomplishments include 5 books, radio show host in Italy & US, multiple language facility with fluency in Italian, and platform training to thousands of students on IT & cybersecurity topics for nearly 30 years. He is a competitive level dancer on the global UCWDC scale placing 4th in 2016 and 8th at a higher level in 2019.

 

Presentations on Intel AMT and NGFW Next Generation Firewalls

 

Presentation 1: Security Implications of Intel’s Active Management Technology (AMT)

Presented by Gorden Bader, CISSP

Intel Active Management Technology (AMT) is hardware and firmware technology for remote out-of-band management of personal computers, running on the Intel Management Engine, a separate microprocessor not exposed to the user, in order to monitor, maintain, update, upgrade, and repair them.

 

You Tube Presentation:

Interl AMT Security Overvier
Intel AMT Security Overview

 

Original PowerPoint:

 

Intel AMT Security Overvier
Intel AMT Security Overview

 

Presentation 2: Review of Modern Next Generation Firewalls (NGFW)

by John Nash, VP of Technology, Phreedom Technologies

John R. Nash, VP of Technology Picture
John R. Nash, VP of Technology, LLC

 

John Nash of Phreedom Technologies presents a feature round up of modern perimeter firewalls. There is a lot of confusion and misconceptions, even among security professionals about what modern firewalls do.  Even the terms Next Generation, NGFW or 4th Generation Firewall which are commonly thrown around by vendors can be confusing and misleading.  John breaks down the features of a sampling of the the leading firewall vendors giving you a clear picture of what the proper role of a perimeter firewall plays in your organization and how it ties into your overalls security strategy. This is tailored to professionals at every stage in their career.

You Tube Presentation:

(Pending)

Interl AMT Security Overvier
Next Generation Firewall Feature Roundup

 

 

Southwest CyberSec Forum Sponsored by Phreedom Technologies

Metro Area

Monday March 4th, 2019

WHO: Southwest CyberSec Forum
WHEN: 1st Monday of each month (excluding holidays)
WHERE:  UAT theater at 2625 W Baseline Rd, Tempe, AZ 85283 (NEW LOCATION!)
WHY: To stay current with new cyber threats, explore new security technologies, and network with your peers.
FREE: No membership fees, no RSVP’s, food and drinks provided by our sponsors.

This month we have Rebecca Wynn presenting on Cybersecurity.  Rebecca, (CISSP, CRISC, CASP, CCISO) is a very accomplished speaker and leader in cybersecurity and someone you don’t want to miss, and Elio Grieco will be presenting on AI, Machine Learning and the driving forces behind them.

Erik Graham will be presenting his popular cyber threat update as usual.

This meeting is free and open to the public, so please invite your friends & bring your best questions. Our goal is to keep you, your co-workers, and your family informed and safe

Notice: Until Further Notice, all future meetings will be at the University of Advancing Technology in Tempe, AZ.

2625 W Baseline Rd, Tempe, AZ 85283 (Map)

Sponsor: 

 

Phreedom Logo
Phreedom Technologies

Phreedom Technologies offers premier managed IT, security and infrastructure services which take distractions off your plate and allow you to focus on your business.   Our solutions include core network, on/off-site backups and managed security.

As a small business owned and managed by local entrepreneurs, Phreedom is agile, responsive and accessible.

Contact Dean (602-336-3452) or John (602-336-3451) to get started.

Phreedom is proud to support the Phoenix cyber community though our regular sponsorship of the SWCSF.

AGENDA

Networking, Food and Drinks

  • 6:00 to 6:30 pm
  • No Entry into the UAT Theater until 6:30 as classes are in session
  • No Food or Drink inside the UAT theater at any time

General Announcements & Sponsor Segment

  • 6:30 to 6:50 pm
  • Sponsorship pending

Cyber Threat Updates by Erik Graham

  • 6:50 to 7:00 pm
  • Erik will be presenting his cyber update in his usual entertaining style.

Cybersecurity Masterpiece Theater with Dr. Rebecca Wynn

  • 7:00 to 7:45 pm

Who should be put in jail if a company has a data breach? Come and take part in looking at recent court cases, pending legislation, data breaches, and be on the jury. Who should be sent to jail? CEO? CIO? CTO? CISO? Employee?

Named 2017 Cybersecurity Professional of the Year – Cybersecurity Excellence Awards, Chief Privacy Officer (CPO) SC Magazine, Global Privacy and Security by Design (GPSbyDesign) International Council Member, SC Magazine’s List of “Women in IT Security – Top Influencers for 2018, and finalist Women in Technology Business Role Model of the Year 2018 – Dr. Rebecca Wynn is lauded as a “game-changer who is ten steps ahead in developing and enforcing cybersecurity and privacy best practices and policies.” She is a “big picture” thinker who brings nearly 20 years of experience in Information Security, Assurance & Technology. Recently she led the information security, privacy, and compliance pre-acquisition, acquisition and post-acquisition of LearnVest, Inc. to Northwestern Mutual Life Insurance Company – a Fortune 100 company. She is well known for being a gifted polymath, having deep understanding of current cyber security challenges and privacy issues. She has a proven track record of taking companies to the next level of excellence in many sectors including government, financial services, fintech, healthcare, information technology, legal, semiconductors, and retail. Always open to new opportunities.

Elio Grieco

  • 7:45 to 8:45 pm

What is Machine Learning?  How is it different than AI?  How does it work, how is it being used today and what are the implications for cybersecurity industry?

Elio Profile Picture
Elio Grieco

As a respected member of the Phoenix cyber community Elio will be speaking on AI/Machine Learning, the factors that are driving the adoption of these technologies, how they are being used and their trajectory and impact on our tech and society.

Wrap Up and Networking

  • 8:45 to 9:00 pm

Meeting 2019-Feb

Metro Area

Monday February 4th, 2019

WHO: Southwest CyberSec Forum
WHEN: 1st Monday of each month (excluding holidays)
WHERE:  UAT theater at 2625 W Baseline Rd, Tempe, AZ 85283 (NEW LOCATION!)
WHY: To stay current with new cyber threats, explore new security technologies, and network with your peers.
FREE: No membership fees, no RSVP’s, food and drinks provided by our sponsors.

This month we have Tool Time with Tim Gracia (SANS Instructor) providing a run down on useful Cybersecurity tools. Tim will be followed by Gavin Klondike whom will be doing a deep dive on Machine Learning which is a trending technology that has significant implications for the Cybersecurity arena.

Erik Graham will be presenting his popular cyber threat update as usual.

This meeting is free and open to the public, so please invite your friends & bring your best questions. Our goal is to keep you, your co-workers, and your family informed and safe

Notice: Until Further Notice, all future meetings will be at the University of Advancing Technology in Tempe, AZ.

2625 W Baseline Rd, Tempe, AZ 85283 (Map)

Sponsor: 

Fortinet Logo
Fortinet

We provide top-rated network and content security, as well as secure access products that share intelligence and work together to form a cooperative fabric. Our unique security fabric combines Security Processors, an intuitive operating system, and applied threat intelligence to give you proven security, exceptional performance, and better visibility and control–while providing easier administration.

Fortinet Contacts:

 

AGENDA

Networking, Food and Drinks

  • 6:00 to 6:30 pm
  • No Entry into the UAT Theater until 6:30 as classes are in session
  • No Food or Drink inside the UAT theater at any time

General Announcements & Sponsor Segment

  • 6:30 to 6:50 pm
  • Sponsorship by Fortinet whom provides world-class security solutions
Fortinet Logo
Sponsor: Fortinet

Cyber Threat Updates by John Nash

  • 6:50 to 7:00 pm
  • Erik is out today so John will cover all cybersecurity news of note since the last meeting.

Links from Cyber Threat Update:

Tool Time with Tim Garcia

  • 7:00 to 7:45 pm
  • As a long standing SAN instructor and a veteran security professional Tim Garcia will review useful cybersecurity tools, is always a group favorite and will be sure to make the forum well worth your time.
  • Tim has been kind enough to share his presentation which can be found here. Note: this link/location may change when we re-organize the site.

Machine Learning for Security Analysts with Gavin Klondike

  • 7:45 to 8:45 pm

Machine Learning Abstract:

Today, over a quarter of security products for detection have some form of machine learning built in. However, “machine learning” is nothing more than a mysterious buzzword for many security analysts. In order to properly deploy and manage these products, analysts will need to understand how the machine learning components operate to ensure they are working efficiently. In this talk, we will dive head first into building and training our own machine learning models using the 7-step machine learning process.

And Gavin has graciously provided the slides to his presentation in advance which can be accessed below. Thanks Gavin!

SlideShare: Machine Learning for Security Analysts

Slides: https://www.slideshare.net/GTKlondike/machine-learning-for-security-analysts

GitHub: Machine-Learning-for-Security-Analysts

GitHub Code/Docs: https://github.com/NetsecExplained/Machine-Learning-for-Security-Analysts

Gavin’s Bio:

Gavin is a senior consultant and researcher who has a passion for network security, both attack and defense. Through that passion, he runs NetSec Explained; a blog and YouTube channel which covers intermediate and advanced level network security topics, in an easy to understand way. His work has given him the opportunity to be published in industry magazines and speak at conferences such as Defcon and CactusCon. Currently, he is researching into ways to address the cybersecurity skills gap, by utilizing machine learning to augment the capabilities of current security analysts.

YouTube: https://www.youtube.com/channel/UCsKK7UIiYqvK35aWrCCgUUA
Website: https://netsecexplained.com/

Past talks and publications:

Wrap Up and Networking

  • 8:45 to 9:00 pm

Meeting Recap 2019-Jan

Jan 7th, 2019 Meeting Recap

And as usual we had another great session this Month! Casey Reid of Tenable did a terrific presentation on Vulnerability Management and outlined the challenges even the largest companies have with tracking their network assets.  Erik Graham also provided the monthly Cyberthreat run down which is as much entertaining as it is educational.

Vulnerability Management 2.0

Casey Reid, Principle Security Engineer at Tenable

Some of the key points were of Casey’s presentation were as follows:

Asset Management:

The ability to know what you have on your network through regular scanning, as well as a process to decide when to allow a device on its network based on its risk score and whether it has been scanned or not.

Scanning Containers and other virtualized and variable workloads

Containers provided by kubernetes docker present special challenges when it comes to scanning.

Scanning Cloud Resources:

Identifying tools and processes to detect and scan ephemeral resources. In many cases this is best handled by intelligent agents that can integrate with your scanning tools:

Scanning ICA/SCADA Control Systems

Focus on scanning non-traditional assets such as ICA/SCADA control systems

CVE Scoring and what is wrong with it

The issues with CVE scoring and how you sometimes have to override those defaults and create custom methodologies to prioritize your remediation based on whether exploitable exist for those vulnerabilities as well as if they are at the edge or in more protected network zones.

Group Discussion

Finally there was a lively discussion around these topics with healthy participation by the audience. It is always good to see a dynamic group interaction like the one we had last night which indicates we have engaging speakers and an audience that is willing to challenge them.

FBI Presentation:

Paul Schaaf of the FBI also provided key information on the trends on Cyber and the ongoing challenges we all have as we enter 2019.

Sponsorship by Nuix:

Finally, thanks to David Petty and Matt Dunbar of Nuix for sponsoring. They provided key information on their product line and how they are solving tough problems in security management for some of the largest organizations in the world.

Nuix Logo

 

Thanks all for Attending!

Meeting 2019-Jan

Federal Panel

Monday January 7th, 2019

WHO: Southwest CyberSec Forum
WHEN: 1st Monday of each month (excluding holidays)
WHERE:  UAT theater at 2625 W Baseline Rd, Tempe, AZ 85283 (NEW LOCATION!)
WHY: To stay current with new cyber threats, explore new security technologies, and network with your peers.
FREE: No membership fees, no RSVP's, food and drinks provided by our sponsors.

 

Our FBI forum is always our most attended meeting and we expect a good turnout for this one as well. Be sure and invite all your friends for a very informative and timely presentation from Paul Schaaf, Special Agent. He will be proceeded by Casey Reid of Tenable (Provider of Nessus) presenting "Vulnerability Management 2.0." And of course Erik Graham will be presenting his popular cyber threat update as well.

This meeting is free and open to the public, so please invite your friends & bring your best questions. Our goal is to keep you, your co-workers, and your family informed and safe

Notice: Until Further Notice, all future meetings will be at the University of Advancing Technology in Tempe, AZ.

2625 W Baseline Rd, Tempe, AZ 85283

Sponsor: 

Nuix Logo

NUIX Endpoint security, governance, risk and compliance

Contact:

David Petty
SVP Commercial Sales
David.Petty@nuix.com | http://www.nuix.com
Ph: 1-703-969-5056
Herndon, VA

LinkedIn

 

AGENDA

*6:00 to 6:30*
Networking outside the UAT theater

(No Food Inside Theater Please per UAT rules)

*6:30 to 6:50 pm* 
General Announcements & Sponsor Segment

*6:50 to 7:00 pm*
Cyber Threat Updates by Erik Graham

*7:00 to 7:45 pm*
Vulnerability Management 2.0

Presented By

Casey Reid, Principle Security Engineer

Tenable (Maker of Nessus Software)

LinkedIn

*7:45 to 8:45 pm*
Paul Schaaf presents FBI Year End Review and What's Coming for 2019

*8:45 to 9:00 pm*
Wrap Up and Networking

 

Meeting 2018-Nov

November 5th, 2018

WHO: Southwest CyberSec Forum
WHEN: 1st Monday of each month (excluding holidays)
WHERE:  UAT theater at 2625 W Baseline Rd, Tempe, AZ 85283 (NEW LOCATION!)
WHY: To stay current with new cyber threats, explore new security technologies, and network with your peers.
FREE: No membership fees, no RSVP's, food and drinks provided by our sponsors.

Our November 5th expert panel forum will feature security experts Erik Graham, Chris Pavan, Anthony Dezilva, and John Nash. Panel moderator will be Kurt Schmeckpepper. They will be fielding questions from our followers around the world and our audience. Bring your toughest questions and be prepared for some lively discussions.

This meeting is free and open to the public, so please invite your friends & bring your best questions. Our goal is to keep you, your co-workers, and your family informed and safe

We are NO LONGER meeting at the University of Phoenix Fountain head location as that building is no longer available to us.

Notice: Starting November, 2018, meetings have been moved to the University of Advancing Technology in Tempe, AZ.

2625 W Baseline Rd, Tempe, AZ 85283

Sponsor: TBD

At this time we do not have  a sponsor for the November meeting, so until we do have a commitment, we will NOT be providing pizza and drinks as the sponsorship is the groups only source of revenue. However, the UAT theater has a student café next door where you can purchase pizza, sandwiches, snacks, and beverages.

If you would like to sponsor this meeting information on our sponsorship page

 

AGENDA

*6:00 to 6:30*
Networking outside the UAT theater

*6:30 to 6:45 pm* 
General Announcements

*6:30 to 6:45 pm*
Sponsor Segment

*6:45 to 7:00 pm*
Cyber Threat Updates by Erik Grahm

*7:00 to 9:00 pm*
Expert Panel Forum Moderated by Kurt Schmeckpepper

 

Meeting 2018-Oct

October 1st, 2018

WHO: Southwest CyberSec Forum
WHEN: 1st Monday of each month (excluding holidays)
WHERE:  University of Phoenix in Tempe 1625 W Fountainhead Pkwy, Tempe, AZ 85282.
WHY: To stay current with new cyber threats, explore new security technologies, and network with your peers.
FREE: No membership fees, no RSVP's, food and drinks provided by our sponsors.

Our October 1st forum will be one to remember.  Tool Time Tim, (Tim Garcia), always a favorite and a long time SANS instructor, will be presenting a deep dive into some technical topics. John Nash will be presenting an overview of how to assemble some basic security monitoring for your organization using open source tools.

This meeting is free and open to the public, so please invite your friends & bring your best questions. Our goal is to keep you, your co-workers, and your family informed and safe

Tempe 1625 W Fountainhead Pkwy, Tempe, AZ 85282

=> Meetings have been moved to the 4th floor <=

SPONSORED BY

INS Logo
Integrity Network Solutions

Integrity Network Solutions (“INS”) is an Arizona based firm that specializes in senior network, security, unified communications and telecom expertise.  Our service offerings are organized under two primary practice areas - Professional Services and Telecom Resale.  The combined talent and decades of experience in both practice areas provides a unique value to our clients as we are able to design, implement and maintain advanced technical solutions with end-to-end visibility and control.  Our Professional Services team is staffed with several CCIE level engineers with specializations in security, route/switch, datacenter, optical, cloud and unified communications.  INS is proud to have provided services to several prominent public and private enterprise organizations which span across diverse vertical markets.

INS has Telecom Resale agreements with all major carriers and we maintain a strategic partnership with CenturyLink.  INS negotiates with carriers to get you the most competitive pricing available and we take the complexity out of managing your telecom, datacenter, cloud and security services.  A unique differentiator that sets us apart is that we assign senior engineer resources to assist customers with the onboarding to new services at no additional cost.  This eliminates the finger pointing between the service provider and your staff and insures your services are provisioned properly and optimized for the best performance.

Contact:

Ed Ruskys, Owner
Ed.Ruskys@insnetworks.com
http://www.insnetworks.com
480-560-2995

AGENDA

*6:00 to 6:30*
Networking

*6:30 to 6:45 pm* 
General Announcements 

 Jerry Crow and John R. Nash

*6:45 to 7:00pm*
Sponsor Segment

*7:00 to 7:45*
Tim Garcia (Tool Time Tim) "Security Deep Dive"

*7:45 to 9:15 p.m*
John Nash (Phreedom) "Basic Security Monitoring with Open Source Tools"

Meeting 2018-Aug

Federal Panel

August 6, 2018 – Federal Panel

WHO: Southwest Cyber Sec Forum
WHEN: 1st Monday of each month (excluding holidays)
WHERE:  University of Phoenix in Tempe 1625 W Fountainhead Pkwy, Tempe, AZ 85282.
WHY: To stay current with new cyber threats, explore new security technologies, and network with your peers.
FREE: No membership fees, no RSVP’s, pizza and drinks provided by our sponsors.

Our August 6th forum is shaping up to be a blockbuster. We will have a reprise of our recent FBI night featuring Paul Schaaf with his active shooter presentation. There was so much interest and requests for more info that we had to have him back to present on this topic again.

Also, our forum is proud to present Anthony Dezilva; current board member ISC to Phoenix Chapter, Advisory Board Member of ACTRA, and Product Manger of Security Services PhoenixNAP. The title of his presentation is “Arizona, a supportive and collaborative Cybersecurity echo system.”

This meeting is free and open to the public, so please invite your friends & bring your best questions. Our goal is to keep you, your co-workers, and your family informed and safe

Tempe 1625 W Fountainhead Pkwy, Tempe, AZ 85282

=> Meetings have been moved to the 4th floor <=

SPONSORED BY

TBConsulting
TBConsulting

For more than two decades, Technical & Business Consulting, LLC (TBC) has been partnering with clients in the Greater Southwest Region. They seek to bring enterprise-grade tools, people and process to underserved mid-market companies; helping solve IT pains points, from cybersecurity to disaster recovery. TBC’s success is attributed to its proprietary 5D Methodology – Discover, Design, Develop, Deploy & Debrief. This 5D methodology provides clients with structure during the implementation and continued maintenance of their managed service with a designated Project Manager to keep projects running smoothly and on time.

TBC has partnered with Tier III & Tier V datacenters across the Greater Southwest Region, to better meet the needs of our clients, and help them realize their full potential.

TBC offers managed services encompassing:

• Cybersecurity
• Business Continuity/Disaster Recovery
• Business Impact Analysis
• Desktop as a Service
• ServiceNow Suite
• Private Cloud
• Unified Communications
• Software Defined WAN

Each of our service offerings has been engineered to accommodate the most rigorous of workloads, while providing exceptional professional service in times where tight SLAs need to be met by utilizing the TBC IT Operations Center. The TBC ITOC is a US based 24/7/365 operations center staffed by experienced personnel, who are able to assist with smart hands, incident requests and are committed to the Continual Service Improvement model.

Contact Info:

David Ziton
6023121914

 

AGENDA

*6:00 to 6:30*
Networking

*6:30 to 6:45 pm* 
General Announcements 

 Jerry Crow and John R. Nash

*6:45 to 7:00pm*
Sponsor Segment

*7:00 to 7:45*
“Arizona, A Supportive and Collaborative Cybersecurity Echo System”

Anthony Dezilva, CISSP, MBA, PhD Learner

Anthony Dezilva
Anthony Dezilva, CISSP, MBA, PhD Learner

*7:45 to 9:15 p.m*
FBI Presentation

Paul Schaaf

Presenting will be the local Phoenix FBI Field Agent for Cyber. The FBI’s presentation will focus on a review of security in the media and an active shooter presentation and the recommended policies that organizations should have in place to be prepared for such an event.

Meeting 2018-Jun

June 4, 2018

WHO: Southwest Cybersecurity Forum
WHEN: 1st Monday of each month (excluding holidays)
WHERE:  University of Phoenix in Tempe 1625 W Fountainhead Pkwy, Tempe, AZ 85282.
WHY: To stay current with new cyber threats, explore new security technologies, share experiences with your peers, network, and go where no man has gone before!
FREE: No membership fees, no RSVP's, pizza and drinks provided.

Put on your thinking cap for this forum. Our two main presenters will challenge what you think you know about CyberSecurity and wishing the forum lasted longer.

This meeting is free and open to the public, so please invite your friends & bring your best questions. Our goal is to keep you informed and safe

Tempe 1625 W Fountainhead Pkwy, Tempe, AZ 85282

=> Meetings have been moved to the 4th floor <=

SPONSOR

Glasswall Solutions

Glasswall Solutionshttps://www.glasswallsolutions.com
(866) 823-6652

Sponsor Bio:

Glasswall is taking content disarm and reconstruction (CDR) technology to the next level (a level that no other software solution on the market is able to match). This has resulted in Glasswall's unique and patented software solution being implemented globally across multiple high profile enterprises as well as governmental and federal institutions

AGENDA

*6:00 to 6:30*
Networking

*6:30 to 6:45 pm* 
General Announcements 

 Jerry Crow and John Nash

*6:45 to 7:00pm*
Sponsor Segment

*7:00 to 7:20*
Cyber Threat Update
Erik Graham

*7:30 to 8:15 p.m*
Chris Pavan of the Helios Group

Active Attack Intervention: Fighting back without breaking the law.

Chris will run through some relevant Cyber incidents and discuss TTPs used to fight back against an active attacker. He will also cover when and why intervention should be used over immediate remediation. The wrap up will include pre-planning as well as some homegrown tools you can create to ensure your interference is meaningful and successful.

LinkedIn Bio:

*8:15 to 9:00 p.m*
Elio Greico

Topic Pending