All Posts By

Omar

Texas Cyber Summit 2018 — The Great Gift to San Antonio Info Sec

I have been wanting to start a security conference in San Antonio that was focused on the security practitioner rather than on the decision-makers and business managers. The management roles just as important as the security practitioner, but there are great conferences out there that focus on them. Conferences like InnoTech have taken an innovative approach to reach out to community leaders and have them create and manage content that would be of interest to local business leaders. The CyberDEF Dojo has played a role in the past three years in creating security content for the San Antonio audience at InnoTech. We like to focus on the practitioners and share talks that are both technical and higher level in nature around security. In the back of my mind, though, I knew that we needed more than a monthly meetup, quarterly Security Engagement Series, and the CyberDEF Dojo day at InnoTech. We needed a conference that was solely about learning, experimenting, and hacking.

I learned about the Texas Cyber Summit earlier this year, and it was pitched to me as “San Antonio’s DEFCON.” People who have been to DEFCON before usually dismiss that comparison, but I felt that was a great way to sell it. DEFCON has its strong appeal and excitement, but the most important aspect of DEFCON is that you can learn more about information security, and you are challenged by your peers to innovate on your processes of discovering the attackers by becoming an attacker. Hacking is exciting because it is a competition; it is the e-sport before e-sports were a thing. Much like in sports, it’s about pushing yourself as an athlete, to learn the game at a deep level, and to perform at a high level, putting all of your learning, tools, and techniques to the test at game time. At the end, you learn more about what you could have done, and others are ready to share what they have learned with you, so you are that much better.

As a Python programmer and now sales engineer, learning is something that excites me, not because I want to be smarter than anyone else, but because the more I know, the more I can share with others and the more valuable I am in my community. When I can teach someone something that I had learned before, I have accelerated their learning and pushed them to the next step in their discovery of a solution to a problem they are facing or a new technology that they can learn more about to solve problems later. There is a great deal of joy in that. This is the main reason why I was so excited to volunteer at the Texas Cyber Summit for its first year, and although there were some hiccups as with organizing any other conference, I found a great deal of joy being around other information security professionals, students, teachers, and companies supporting the effort.

The conference was from October 12 to 14, and it featured 78 hours of presentations and 67 speakers. Some of the notable speakers were Rob Joyce, Robert M. Lee, Jeff Moss, Ben Ten, Chris Gerritz, Russ Morris, Angel Crockett, Cherise Esparza-Gutierrez, Paula Gold-Williams , and so many more gracious and knowledgeable people willing to spend their time sharing their experience and skills with the attendees. Additionally, there was a Hacker Haven where attendees could test their skills on a capture the flag exercise and five tracks covering different aspects of security, such as Red Teaming, Blue Teaming, SCADA and ICS security, cyber security 101, and policy and risk management. Some of the sessions and keynotes were recorded, and those should be released at a later date.

We are still waiting to hear feedback from attendees, but as someone who volunteered their time and spoke with a lot of different people about security at the event, I enjoyed every minute of it. The few talks I was able to attend were fantastic. This was the conference San Antonio needed to have, and I am so glad that Joseph Mlodzianowski decided to put this conference together. The more knowledge and skills we share in information security, the better we become as practitioners and as professionals.

I cannot wait for next year! See you all there. #TCS2019

One last thing: if TCS did not scratch your itch for security learning and communal learning, I suggest checking out BSides San Antonio, as well. That conference is 100% organized by the community for the community, and I am a big proponent for that conference.

InnoTech SAT 2018 Sessions You Should Check Out

InnoTech San Antonio is back again with another great conference coming up, and the CyberDEF Dojo has partnered up with them to provide a security track on April 11 and a Security Engagement Series event on April 12. If you would like to learn more about the event, our events page has all of the details, including an offer code you can use to get in for free on both days.

On April 11, there will be several security track sessions that you all should definitely check out if you want to learn more about the state of security innovation today. Here’s a list of them:

STRATEGIES ON SECURING YOUR BANKS & ENTERPRISES. (FROM SOMEONE WHO ROBS BANKS & ENTERPRISES FOR A LIVING!)

Presenter: Jayson Street

Most people who work on the defensive side of computer security only see the landscape from that perspective! In this talk Jayson will show how an attacker views your website & employees then uses them against you. We’ll start with how a successful spear phish is created. By using the information gathered from the companies own ‘about’ page as well as scouring social media sites for useful information to exploit employees. The majority of the talk will be covering successful counter-measures to help stave off or detect attacks. This discussion will draw on the speakers 15 years experience of working in the US banking industry on the side of defense. Also at the same time he’ll be drawing on over 6 years of doing engagements where he took on the role of the attacker. If everything turns out well everyone will have learned something new that they can immediately take back to their networks and better prepare it against attacks!

Autonomous Cyber Defense: AI and the Immune System Approach

Presenter: David Masson

From insiders to sophisticated external attackers, the reality of cyber security today is that the threat is already inside. Legacy approaches to cyber security, which rely on knowledge of past attacks, are simply not sufficient to combat new, evolving attacks, and no human cyber analyst can watch so much or react quickly enough. A fundamentally new approach to cyber defense is needed to detect and respond to these threats that are already inside the network – before they turn into a full-blown crisis.

Self-learning systems represent a fundamental step-change in automated cyber defense, are relied upon by organizations around the world, and can cover up to millions of devices. Based on machine learning and probabilistic mathematics, these new approaches to security can establish a highly accurate understanding of normal behavior by learning an organization’s ‘pattern of life,’. They can therefore spot abnormal activity as it emerges and even take precise, measured actions to automatically curb the threat.

Discover why autonomous response and machine learning is the future of defense and how the ‘immune system’ approach to cyber security provides complete network visibility and the ability to prioritize threats in order to better allocate time and resources.

Automating Security in the Cloud

Presenter: Aaron Lennon

The dynamic nature of cloud environments and increased importance on speed and agility bring new challenges with regards to security. In this presentation I will discuss methods that can be used to automate security control validation and incident detection & response activities to maximize effectiveness while minimizing the impact to development activities.

Incident Response Tabletop Exercise

Presenters: Rob Dodson and Jeff Reich (CyberDEF Dojo represent!)

In a very interactive session Jeff will facilitate an incident response tabletop exercise.  You will see an incident from different perspectives, determine actions needed in these scenarios, respond to the injects and identify the gaps in the situation and how it relates to your organization. If you want to volunteer, contact Jeff or Rob via our Slack channel (cyberdefdojo.slack.com).

Smarter Security: Edge to Edge

Presenter: Chuck Jenson

With the Growth of the “Internet of Things device usage, your security trends in 2018 go from securing the perimeter to securing everything. In this session, we will talk about knowing your “Things”, controlling your “Things” and securing your “Things”.

The Paradox of Cyberthreats

Presenter: Ben Mungkornpanich

As environments become progressively interconnected, threats become increasingly complicated. The top security events of the past year make this apparent — and their repercussions make the implementation of smart protections all the more important.

The following sessions will be for CyberDEF Dojo Day on April 12. This is our Security Engagement Series extended event at InnoTech, and the theme for this series will be the future of security.

The Gathering Storm: CISOs as Transformational Leaders

Presenters: Shelly Carlin and Fred Ritch

In this presentation, you’ll get insight into the unprecedented opportunity that Chief Information
Security Officers (CISOs) have to transform their profession and make significant strategic
contributions to their organization. Starting with an analysis of how rapidly accelerating spending
on InfoSec programs will eventually threaten a company’s bottom line, we’ll illustrate how the
skills and capabilities CISO need to be successful are rapidly evolving – and how those who
make the transition from technocrat to business partner can more effectively help their
organizations address both the operational and financial impact of an accelerating threat
environment.

The presentation will examine four key capabilities that CISOs will need to deliver strategic
value to their organizations in the future: Financial Acumen, Risk Management, Collaboration,
and Communication. Examples of how each capability will be essential to the CISO of the future
will be used to illustrate the key Points.

How Quantum Computing Will Impact Your Present Identification Tools and Methods

Presenter: Dr. Jim Keeler

Quantum computing is a new initiative that will change computing forever.  This talk will present an overview of quantum computing, how it works and how it may be used to bypass current authentication controls, steal your identity, and what you can do about it.

Defense in Depth is Dead – Evolving Your Security Approach

Presenter: Chris Gerritz

Reports of network intrusions have spiked in recent years resulting in millions in financial loses, theft of intellectual property, and exposure of customer information. The groups responsible for these attacks are organized and can persist in your organization’s systems and endpoints without detection for 6 months on average – sometimes years. The approach many organizations take to prevent these attacks is to simply layer on increasing numbers of defensive solutions – clearly this approach is no longer sufficient.
Learn why the current defense in depth model, as it is applied in many organizations, leaves critical gaps which allow attackers to remain undetected. Chris Gerritz, Infocyte’s Founder and the former Chief of Defensive Counter Cyberspace Operations for the U.S. Air Force AFCERT team, will discuss:

  • The Defense in Depth model from an attacker kill chain perspective
  • Why defense is important, but it is not the only factor to deliver security
  • Where threat hunting and post-compromise detection fit in the model

Deep Dive into Blockchain Uses

Presenter: Kurt Kelley

Have you heard Blockchain is going to disrupt every industry? In this talk, I will give you real answers to what use cases and case studies are proving out. We will discuss use cases for IoT, Cybersecurity, Supply Chain, E-commerce, segments along with vertical case studies.

The Future Security Professional

Presenters: Dr. David Damper, Rob Dodson, Jacob Stauffer, and moderated by Omar Quimbaya

Learn about what is coming next in security and what professionals need to know to be ready for it. We will be ending CyberDEF Dojo day with a panel discussion what the things you need to know to prepare for tomorrow. Expect to have a better idea of what to study next after this session.

Hope to see you all at InnoTech this year!

The CyberDEF Dojo Bylaws RFC

The CyberDEF Dojo has announced that they are releasing their bylaws for the organization to a community-wide RFC, meaning that if anyone within the community wishes to provide feedback and comments on the proposed bylaws for the CyberDEF Dojo, they may do so in an open and transparent fashion.

If you want to provide your feedback on how our structure will be built, you can go to the link below and provide your input.

Thank you, and we are excited to hear from you!

https://docs.google.com/document/d/1vuKYQn2JoXdMqWleIh_yW5VaCXeZaUU76h0f9pHEQjc/edit?usp=sharing

Cyber Security 101

What does it take to be a cyber security professional from a technical standpoint? What are some tools that a person can use in order to learn more about it and get some practice? Charles Weissenborn will be speaking on that topic in the upcoming CyberDEF Dojo meetup! Be sure to RSVP now to get your spot because space is limited!

September 13, 2017, from 6:30pm to 8:00pm @ SecureLogix.

RSVP Here