[Owasp-portland] Fwd: [ISSA PDX] ISSA Portland Chapter -March 2014 1/2 day symposium - Register today!

Amber Pham amberdpham at gmail.com
Thu Mar 6 00:22:16 UTC 2014


 Two weeks until the next 1/2 day ISSA session.

Be sure to register before the deadline.






                                        [image:
http://portland.issa.org/wp-content/uploads/2011/08/ISSAPortland2.jpg]


Join ISSA  for a special half-day symposium on the topic of *Open Source
Security*. This will be the second symposium format event sponsored by ISSA
this year (following up on the very successful Incident Response symposium
held in October).


Please register
online<https://www.eventbrite.com/e/issa-open-source-security-tools-symposium-tickets-8163795131?ref=ecal>
to
attend the event. Seating is limited, so sign up today.


*When:*

Thursday, March 20, 2014 - Doors open at 8:30AM.  The event will end at
1:30PM.  Lunch will be provided.

*Location:  *
Thank you to our colleagues at *Nike* for hosting this symposium on the
west side.  The event will be held at the *ED1 Air Max 360 Building*;  The
address is *15475 SW Koll Parkway*.  Note that this is *not* the "main"
Nike campus, but is nearby.  There is plenty of parking, and the ISSA event
will be held on the first floor.  We will have a check-in desk visible for
visitors.



*Presentations:*

This symposium will feature several intriguing and educational
presentations by experts in the area of *Open Source Security*.  Speakers
will explore specific skills that security practitioners can take away in
terms of using open source tools to achieve security, as well as provide an
overview of where open source tools fit in with the commercial products in
the marketplace.


*Confirmed speakers include:*

*Vincent Stoffer* is a Cyber Security Engineer at Lawrence Berkeley
National Lab. Vincent has over 15 years of experience in computer security
and networking with a focus on network forensics. As part of Berkeley Lab's
information security team, Vincent performs network traffic analysis,
incident response, and technical consulting to improve the Lab's cyber
protections. Vincent has presented at technical conferences around the
country on a variety of networking and security topics. Prior to coming to
Berkeley Lab, Vincent spent 12 years at Reed College in Portland, OR as the
Network and Security Administrator. Vincent holds the CISSP, GCIH and GCIA
certifications. He attended Pitzer College in Claremont, CA and graduated
with a BA in Humanities from University of Oregon.

Vincent will be presenting *Eyes Wide Open: Open Source Network Security
Monitoring with Bro and Time Machine.*  In this presentation, we will
explore the powers of the Bro Network Security Monitor and Time Machine,
two open source software projects which provide extensive logging, event
alerting and packet capture for networks of all sizes. We will begin with
an overview of network monitoring and some considerations for monitor
placement. Then we will examine Bro and its origins before moving into an
in depth look at the features and capabilities of Bro and Time Machine.  We
will walk through demonstrations of custom Bro policies and show how Bro's
extensive logging can greatly enhance your incident response and network
forensics toolkit. We will end with some real world examples of how
Berkeley Lab is scaling up its Bro clusters (built on commodity hardware
and running FreeBSD) to handle a 100G connection.

----

*Chris Orr* is a Senior Field Systems Engineer with Tripwire, Inc, where he
has worked since September 2000. Initially hired to develop and deliver
training materials for such golden oldies as Tripwire for Servers and
Tripwire for Routers, Chris quickly moved on into the Systems Engineering
group where he has been ever since. His role initially required him to
provide technical assistance to regions covering 27 states and all of the
Federal government, but as the company has grown his territory has been
whittled down to the Pacific Northwest, Western Canada and Western
Enterprise (which...when he thinks about it...is still the largest geographic
territory in the company...). Currently based out of scenic Lake Stevens, WA,
when not flying to such lovely places as Winnipeg or Boise, Chris is
teaching his daughter how to play guitar or going on Scouting trips with
his son.  *Bowe Hoy* is the Regional Director with Sword & Shield
Enterprise Security, where he provides business development, consulting and
project management, client relationship management, and operational
services to support Sword & Shield's growing information security and
compliance practice. Bowe also serves as the Vice President for the
Portland ISSA chapter.

Chris and Bowe will be presenting on *the SANS Top 20 Critical Security
Controls*;  These controls provide a prioritized framework organizations
should have in place to effectively mitigate security risks in their
environment. The presentation will include an analysis of some *key open
source tools* used to implement these controls.

----

*Michael Montecillo* is the IBM Security Services North America Director of
Security Intelligence. He has more than ten years of experience in
information security, during which he has served as a Senior Threat
Researcher on the X-Force Threat Analysis team, as a Vulnerability
Management Coordinator and Forensic Investigator for state governments as
well as a consultant and Principal Security Analyst for an industry
analysis firm. Testament to Michael's efforts he has won two State Police
awards for Professional Excellence and has published more than 30 research
articles. As the Threat Research and Intelligence Principal within IBM
Security Services conducts research on emerging threat trends and works to
ensure that client security needs are met with standard offerings.

Michael will be presenting *The Open Nature of Security Intelligence*. This
talk will cover intelligence information developed from IBM's security
analysis. Methods for the development and integration of actionable
information utilizing several open-source tools, techniques, and processes
will be discussed.  Michael will explore the applicability of Threatparser,
an open-source blacklist consolidation tool to show the simplicity with
which information can be integrated into daily operations. The talk will
finish by discussing pitfalls and how IBM integrates open-source security
intelligence into daily operations.

*Price:  *

The symposium is  subsidized by chapter memberships and sponsors.  A
nominal fee of $10 (member) / $15 (non-member) / $20 cash will be charged
at the door.

*CPEs:*


The chapter maintains proof of attendance for members but it is the members
responsibility to ensure that these CPE's are credited to their respective
accounts. This symposium will offer between 3-4 CPE hours.

*Agenda:*

8:30 - Doors open and networking
9:00 - 10:30 - Eyes Wide Open: Open Source Network Security Monitoring with
Bro and Time Machine
10:40 - 11:30 - Using Open Source Tools to Accomplish SANS Top 20
11:40 - 12:30 - The Open Nature of Security Intelligence
12:30 - 1:30 - Lunch and networking opportunity



*Chapter Sponsors *
ISSA Portland would like to thank our 2013-2014 program year sponsors, who
help make high quality programs like this possible:

*Platinum Sponsor:* [image: Inline image 1]

*Gold Sponsor:*  IBM

*Silver Sponsor:*  Sword & Shield Enterprise Security



_______________________________________________
ISSA-Members mailing list
ISSA-Members at portland.issa.org
http://two.pairlist.net/mailman/listinfo/issa-members
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-portland/attachments/20140305/9a2880dd/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.jpg
Type: image/jpeg
Size: 1369 bytes
Desc: not available
URL: <http://lists.owasp.org/pipermail/owasp-portland/attachments/20140305/9a2880dd/attachment-0002.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 6180 bytes
Desc: not available
URL: <http://lists.owasp.org/pipermail/owasp-portland/attachments/20140305/9a2880dd/attachment-0003.jpg>


More information about the Owasp-portland mailing list