FBI Cyber update & Advanced Persistent Threats (APT)

FBI

Monday December 2nd, 2019 / 6 PM - 9 PM

WHO: Southwest CyberSec Forum

WHEN: 1st Monday of each month 6:00 PM - 9:00 PM

WHERE: UAT theater at 2625 W Baseline Rd, Tempe, AZ 85283

WHY: To stay current with new cyber threats, explore new security technologies, and network with your peers.

FREE: No membership fees, no RSVP’s, food and drinks provided by our sponsors.

Sponsor: Palo Alto 

Our thanks to Palo Alto for sponsoring this months meeting!

Palo Alto Logo

Contact: Amy Looper | Named Account Manager | Palo Alto Networks
Phoenix, AZ | www.paloaltonetworks.com
Mobile: 480.431.3870
Email: alooper@paloaltonetworks.com

[5:30-6:30 PM]

Pizza and Networking in the UAT common area

  • Open to the public and UAT students
  • Pizza and Drink provided.
  • No food or drink in the UAT Theater (Please)

[6:30-7:00 PM]

Cyber Security Community updates

  • Cyber community updates (~5 min)
  • Sponsor segment (~15 min)
  • Cyber threat update with Erik Graham (~15 min)

[7-7:45 PM]

Defending against APT with Secure DevOps

Ford Winslow

by Ford Winslow, CEO of ICE Cybersecurity

Topic

Ford will discuss the importance of engaging the Development and Architecture teams at the early stages to build security into your products and systems so you can effectively defend, detect and prevent compromises from Advanced Persistent Threats as well as the hard lessons learned performing incident response for large clients.

Bio

With over two decades of professional experience in Information Technology and Business Management, Ford Winslow has been a thought leader in the related fields of cybersecurity, cloud and IT Services since their inception.

ICE Cybersecurity, the San Diego-based firm he founded in 2016, specializes in managed cybersecurity and advanced cyber protection programs for organizations in heavily regulated industries.

Over the past two decades, Mr. Winslow has held technology leadership positions in the Cybersecurity, Cloud, Information Technology, Risk Management, Life Sciences, Financial Services, Healthcare, Non-Profit and Retail Industries, where he has consistently delivered value through the latest break-throughs in technology.

Prior to launching ICE Cybersecurity, Mr. Winslow served as Chief Risk Officer, of a San Diego-based Cloud and Managed Services Provider. He is the co-author of “Good Informatics Practices,” a best-practices training guide for the Life Sciences and Healthcare industries. Prior to CentrexIT

In addition to his professional duties, Mr. Winslow serves as an advisor to a number of startups focused on Cybersecurity, Blockchain, Internet of Things (IoT) and Emerging Technologies. He is an advisor and mentor with CyberTECH, a San Diego-based network of tech-inspired startups and early-stage firms.

Mr. Winslow is an active member of the local community, supporting social organizations and charities benefiting a variety of worthy causes. His spare time is spent with family, on the golf course, playing music, or cooking. Ford studied Computer Science and Information Systems Management at University of Maryland.

[7:45-8:45 PM]

FBI Cyber update

FBI Seal
Federal Bureau of Investigation

by FBI Special Agent Paul Schaaf, also Phoenix Co-Infragard Coordinator, Federal Bureau of Investigation

Paul and team will provide an update on the FBI Cyber Task Force and relevant issues we all face as we collectively work together to keep our national infrastructure safe and secure.

[8:45-9:00 PM]

Networking

 

Detecting APT with NAC, Sandboxing & SIEM-Part I + Zeek/Bro Log Collection

Monday November 4th, 2019 / 6 PM – 9 PM

WHO: Southwest CyberSec Forum

WHEN: 1st Monday of each month 6:00 PM – 9:00 PM

WHERE: UAT theater at 2625 W Baseline Rd, Tempe, AZ 85283

WHY: To stay current with new cyber threats, explore new security technologies, and network with your peers.

FREE: No membership fees, no RSVP’s, food and drinks provided by our sponsors.

 

Sponsor: Fortinet 

Our thanks to Fortinet for sponsoring this months meeting!

Fortinet Logo
Fortinet

 

Debbie Lite Trauter
Channel Account Manager – Mountain Desert
E: dlite@fortinet.com
M: 714.336.9695
Skype: Debbie Lite Trauter
NSE Certified : Level 3
899 Kifer Road | Sunnyvale, CA 94086

[7:15-8 PM]

Detecting APT with NAC, Sandboxing and SIEM – Part 1

Bio Placeholder Pic
Image Pending

by Cory  Sober, Systems Engineering Manager, Fortinet

Join Cory for the first in a two part series on Advanced Persistent Threats and how to detect them is something every large organization struggles with.  Yes, you have a wide variety of tools but how do you get them to all work together to get rapid answers to the time critical question of “Do I have a compromise and what is my exposure?”   Join Cory in this first of a two part series where he does a deep dive in how to use modern commercial tools including Network Access Control, Sandbox technology and full fledged Security Information and Event Management (SIEM) to detect Advanced Persistent Threats so you can quickly isolate and remediate compromises.

Cory is a Systems Engineering Manager at Fortinet with decades of hands on experience and holds several technical certifications relating to security, networking and systems.

In addition to being a security and networking expert, Cory is a graduate of the Reserve Officers Law Enforcement Academy and a member of Infragard

[8-8:45 PM]

Security Monitoring with Zeek and Bro IDS

Tim Garcia Profile Pic

by Tim Garcia, SANS instructor (Tool Time with Tim) VP-CISSP,GSEC,GCDA,GCCC,GMON,GCED

Can a 20 year old technology help give you strategic visibility into a modern enterprise netowork?  The answer is yes!.  Welcome to a powerful network monitoring/logging tool most people have never heard of.

Tim Garcia will review the capabilities and use of the the Zeek and Bro IDS (two seperte tools that are often used together) for security threat hunting.

(Originally the presentation was to be on the use of the Yara scripting tool to identify maleware signatures but the Zeek/Bro topic won out due to popular demand).

Tim is SANS Instructor primarily focused on blue team activities, ethical hacking, incident handling, security management and general information security principles.   Instructor in Information Systems Security, Systems Analysis and Project Management for several local universities in the Phoenix area.