December 16, 2015 starting at at 5:30 PM

ISSA National Capital Chapter invites you to a special event:

ISSA -DC at SANS@Night Cyber Defense Initiative 2015 

 

The National Capital Chapter has partnered with the SANS Institute again this year to offer exclusive access for its members to SANS@Night events at Cyber Defense Initiative 2015. The chapter meeting will take place at Grand Hyatt Washington on Wednesday, December 16, 2015. 

Please note that the event is free but you must RSVP at least 24 hours before the event so we can have your badge ready for you. 

The chapter members and their guests will have access to the following events:

5:30pm - 7:30pm
Vendor Showcase — Vendor Event
7:15pm - 9:15pm
Malware Analysis for Incident Responders: Getting Started - Lenny Zeltser
7:15pm - 8:15pm
The Tap House Phil Hagen
8:15pm - 9:15pm
The Plinko Board of Modern Persistence Techniques - Alissa Torres
8:15pm - 9:15pm
Debunking the Complex Password Myth - Keith Palmgren
8:15pm - 9:15pm
ICS/SCADA Cyber Attacks - Fact vs. Fiction - Robert M. Lee

Malware Analysis for Incident Responders: Getting Started - Lenny Zeltser
Knowing how to analyze malware has become a critical skill for incident responders and forensic investigators. A good way to get started with such efforts involves examining how malicious software behaves in a controlled laboratory environment. In this two-hour seminar briefing, Lenny Zeltser demonstrates key aspects of this process, walking you through behavioral analysis of a malware specimen by using several free tools and even peeking into the world of code analysis.
You will see practical techniques in action and understand how malware analysis will help you to triage the incident to assess key capabilities of the malicious software. You will also learn how to determine ways of identifying this malware on systems in your environment by establishing indicators of compromise (IOCs). This seminar will help you start learning how to turn malware inside out.

The Tap House - Phil Hagen
Packets move pretty fast. The field of Network Forensics needs to move fast, too. Whether you are investigating a known incident, hunting unidentified adversaries in your environment, or enriching forensic findings from disk- and memory-based examinations, it's critical to stay abreast of the latest developments in the discipline.
In this @Night series, Phil Hagen will discuss some of the latest technologies, techniques, and tools that you will want to know in pursuit of forensication nirvana.
Phil is also an avid craft beer fan, so there's a good chance you will learn something about a new notable national or interesting local beer in the process.
This presentation will be helpful for those that wish to keep up-to-date on the most cutting-edge facets of Network Forensics.

The Plinko Board of Modern Persistence Techniques - Alissa Torres
No matter what techniques an attacker employs to hide and persist on compromised remote systems, we must be up for the challenge, to detect, analyze and remediate. This session focuses on the latest techniques modern malware is using to ensure continued presence in your network. As detailed in recently released industry threat intelligence reports, these methods are increasing in sophistication and are often times missed by forensics tools developed to only enumerate common autorun and service persistence methods. In this presentation, we will cover advanced detection techniques, pivoting from physical memory analysis to the examination of remnants found on the file system.

Debunking the Complex Password Myth - Keith Palmgren
Perhaps the worst advice you can give a user is "choose a complex password". The result is the impossible-to-remember password requiring the infamous sticky note on the monitor. In addition, that password gets used at a dozen sites at home, AND the very same password gets used at work. The final result ends up being the devastating password compromise. In this one-hour talk, we will look at the technical and non-technical (human nature) issues behind passwords. Attendees will gain a more complete understanding of passwords and receive solid advice on creating more easily remembered AND significantly stronger passwords at work and at home, for their users, for themselves and even for their children.

ICS/SCADA Cyber Attacks - Fact vs. Fiction - Robert M. Lee
Industrial Control Systems (ICS) play a huge role in almost every aspect of modern day life. Supervisory control and data acquisition (SCADA) as an example play a large role in monitoring and controlling the power grid, oil pipelines, and more. It's understandable then that they gain attention in national headlines when they come under attack. Due to this ability to grab attention and the complexity behind getting the technical details right though there have been cases where the stories have just been down right wrong. These inaccurate case-studies push hype and confusion which drives the investment of resources into trying to solve the wrong problem. The threat is real, but plenty of the stories are not.
In this presentation, Robert M. Lee, the ICS515 author and FOR578 co-author will break down a number of high profile stories that are fiction and then deconstruct real threats to show the actual issues in the community and what can be learned towards defense.

 

Please RSVP if you plan to attend.
Non-members are welcome without charge! Light refreshments will be served.

 

Wednesday, December 16, 2015 starting at 5:30 PM

Grand Hyatt Washington
1000 H Street NW
Washington, DC 20001 US

January 18, 2011

The Armitage Project
Armitage - Cyberattack Management for Metasploit
by Raphael Mudge

 

Abstract
How are your hacking chops? This month, Raphael introduces us to Armitage, a new graphical user interface for Metasploit. Armitage makes it easy for security professionals to carry out complex cyber attacks. In this session, Raphael will show us how to scan our network, choose the right exploit, and compromise our own hosts. He will also show us how to launch attacks from a compromised host and carry out sophisticated post-exploitation activities. Whether you're a CSO responsible for network security or a practitioner who uses Metasploit every day, you'll want to see the Armitage perspective on the network attack process. You can find more on the open source Armitage project at http://www.fastandeasyhacking.com

 

About the speaker
Raphael is a Washington, DC based penetration tester and the developer of Armitage. He also created and sold, After the Deadline, an artificial intelligence that checks grammar and spelling for WordPress.com users and other internet sites. Previously, he was a USAF Communications Officer involved in network operations and cyber security research. You can find more about Raphael at http://www.hick.org/~raffi/

 Please RSVP if you plan to attend.

January 18, 2011 6:30 PM

Government Printing Office
Room A138
732 N. Capitol St.
Washington, DC, 20401

Click here for details

December 21, 2010 .

The State of Software Security
by Jeff Ennis, Veracode, Inc.
 

 

Abstract
Application vulnerabilities are steeply on the rise. At $350 billion per year software is the largest manufacturing industry in the world yet there are no uniform standards or insight into security, risk or liability of the final product.  The development environment is becoming increasingly complex - application origin ranges from internally developed code, outsourced, 3rd party, Open Source, and Commercial Off the Shelf software.  Ensuring that these entities are creating secure software is becoming a daunting task.  Lots of emphasis is placed on IT controls, patching, etc, but the new attack vector is your application.  During this presentation we will review the state of software security today, discuss some initiatives which are requiring application risk management, and provide suggestions on how you can begin managing the application risk at your organization.

 

About the Speaker

Jeff Ennis is a Solutions Architect for Veracode, Inc.  He has more than 20 years experience in information technology.  He recently served as Security Solutions Manager for the Federal Division of IBM Internet Security Systems, where he and his team of security architects assisted DoD, Civilian, and Intel agencies with addressing their security requirements as  they dealt with an ever-changing threat landscape. Throughout his career he has represented both the end user and vendor communities, including Nortel Networks, UUNET, and Lockheed Martin. 

 Please RSVP if you plan to attend.

December 21, 2010 6:30 PM

Government Printing Office
Room A138
732 N. Capitol St.
Washington, DC, 20401

Click here for details

 

November 16, 2010

How I learned to stop worrying and love compliance

Ron Gula - Chief Executive Officer and Chief Technical Officer Tenable

 

Abstract
Ron Gula will discuss how the use of compliance standards can be used to simplify your network management and auditing with many real-world examples. 

 

About the Speaker
Mr. Gula is known in the global security community as a visionary, innovator and engineer of extraordinary talent. He traces his passion for his work in security to starting his career in information security at the National Security Agency conducting penetration tests of government networks and performing advanced vulnerability research.

Since co-founding Tenable in 2002, Mr. Gula has been CEO and CTO at Tenable, maker of the world renowned Nessus Vulnerability Scanner and Unified Security Monitoring enterprise solution. As CEO/CTO of Tenable, he is responsible for product strategy, research and development, and product design and development. Mr. Gula is also a leader in his community and a passionate advocate for education and scientific research.

Prior to Tenable, Mr. Gula was the original author of the Dragon IDS and CTO of Network Security Wizards which was acquired by Enterasys Networks. At Enterasys, Mr. Gula was Vice President of IDS Products and worked with many top financial, government, security service providers and commercial companies to help deploy and monitor large IDS installations. Mr. Gula was also the Director of Risk Mitigation for US Internetworking and was responsible for intrusion detection and vulnerability detection for one of the first application service providers. Mr. Gula worked for BBN and GTE Internetworking where he conducted security assessments as a consultant, helped to develop one of the first commercial network honeypots and helped develop security policies for large carrier-class networks. Mr. Gula began his career in information security while working at the National Security Agency.

 

Mr. Gula has a BS from Clarkson University and an MSEE from the University of Southern Illinois. Ron Gula was the recipient of the 2004 Techno Security Conference "Industry Professional of the Year" award. In SC Magazine's 20th Anniversary Edition, he was named as one of the top market entrepreneurs for the past 20 years. 

 

 Please RSVP if you plan to attend.

November 16, 2010 6:30 PM

Government Printing Office
Room A138
732 N. Capitol St.
Washington, DC, 20401

Click here for details

 

October 21, 2008

Our October meeting will be a presentation by CoreTrace CTO and Founder Daniel Teal. He will discuss why the 'old' blacklisting and attack signature approaches are falling short and a fresh approach to protecting network endpoints.

Come to learn about new and effective methods to protect your organization's valuable systems and data. And bring a colleague! There is no cost except some time and the results could easily be worth your investment. We'll have light refreshments..

Endpoint Security 2.0: The Emerging Role of

Application Whitelisting Solutions

Daniel Teal

CoreTrace CTO and Founder

Traditional endpoint security solutions are becoming less effective against the constantly changing threats of today. Anti-virus, anti-adware, host IPS, and other solutions have been defeated by skilled attackers and insider threats. This session will review the limitations of current generation products and present new technologies being developed by the security industry-most notably application whitelisting solutions--that can address the ever changing threats organizations face.

Tuesday October 21, 2008

6:30 PM - 8:00 PM


Location

Radio Free Asia

2025 M St. NW Washington DC

First Floor Conference Room



 

Presenter: CoreTrace CTO and Founder Daniel Teal

A true technology visionary, Dan has been innovating in the computer security field for over 20 years. As a founder and chief scientist of WheelGroup Corporation, he designed the first commercially available intrusion detection system, NetRanger. WheelGroup was acquired by Cisco Systems in March 1998. Prior to WheelGroup, Dan worked as an information warfare officer at the Air Force Information Warfare Center (AFIWC).

January 13, 2009

.

The less known side of identity theft:
What every InfoSec professional should know about identity theft
by Branko S. Bokan

Branko S. Bokan, CISSP

IT Officer U.S. Treasury Department's Office of Technical Assistance

Contrary to many commonly held beliefs identity theft is not a modern crime. It has existed for centuries and its growth does not correlate to development of modern technologies and the Internet.

While conducting academic research of identity theft in the United States, the author discovered that in spite of the popularity of the topic, the crime remains poorly understood. Consequently, many strategies for prevention, detection, and recovery fail to properly address the problem.

The aim of this presentation is to help security professionals to better understand identity theft, and to differentiate it from other related crimes. The presentation begins by describing the history of identity theft and explains how the process takes place. It introduces the notion of identity theft enablers, and identifies those that make the United States the most seriously affected country by this crime. We will see how legislation deals with the problem and how official statistics fail to properly account for the magnitude of the crime. Finally, we will learn about the real costs and recovery of the crime; both tangible and intangible.

Tuesday, January 13, 2009

6:30 PM - 8:00 PM

Location

Radio Free Asia

2025 M St. NW Washington DC

First Floor Conference Room

 

An accurate headcount really helps our planning.
Please RSVP to  mail   



Presenter: Branko S. Bokan, CISSP - IT Officer ? U.S. Treasury Department's Office of Technical Assistance

Branko S. Bokan, CISSP holds a masters degree in Information Security from Royal Holloway, University of London. Branko has many years of experience in government sectors all over the world. Currently, he works as an IT Officer for Treasury Department?s Office of Technical Assistance. Branko?s security thinking is heavily influenced by Bruce Schneier. His most recent research was in the area of identity theft in the United States.