Tag

cyber security

InnoTech San Antonio 2018

InnoTech San Antonio, the Business & Technology Innovation Conference & Exposition, creates an environment where education, innovation, peer-to-peer networking and the latest technology and business solutions are all available specifically for IT professionals. Last year, over 1500 business and technology professionals converged for the annual InnoTech San Antonio event. Use code DOJO99 to get free access to both days of InnoTech San Antonio!

Continue Reading

InnoTech SAT 2018 Sessions You Should Check Out

InnoTech San Antonio is back again with another great conference coming up, and the CyberDEF Dojo has partnered up with them to provide a security track on April 11 and a Security Engagement Series event on April 12. If you would like to learn more about the event, our events page has all of the details, including an offer code you can use to get in for free on both days.

On April 11, there will be several security track sessions that you all should definitely check out if you want to learn more about the state of security innovation today. Here’s a list of them:

STRATEGIES ON SECURING YOUR BANKS & ENTERPRISES. (FROM SOMEONE WHO ROBS BANKS & ENTERPRISES FOR A LIVING!)

Presenter: Jayson Street

Most people who work on the defensive side of computer security only see the landscape from that perspective! In this talk Jayson will show how an attacker views your website & employees then uses them against you. We’ll start with how a successful spear phish is created. By using the information gathered from the companies own ‘about’ page as well as scouring social media sites for useful information to exploit employees. The majority of the talk will be covering successful counter-measures to help stave off or detect attacks. This discussion will draw on the speakers 15 years experience of working in the US banking industry on the side of defense. Also at the same time he’ll be drawing on over 6 years of doing engagements where he took on the role of the attacker. If everything turns out well everyone will have learned something new that they can immediately take back to their networks and better prepare it against attacks!

Autonomous Cyber Defense: AI and the Immune System Approach

Presenter: David Masson

From insiders to sophisticated external attackers, the reality of cyber security today is that the threat is already inside. Legacy approaches to cyber security, which rely on knowledge of past attacks, are simply not sufficient to combat new, evolving attacks, and no human cyber analyst can watch so much or react quickly enough. A fundamentally new approach to cyber defense is needed to detect and respond to these threats that are already inside the network – before they turn into a full-blown crisis.

Self-learning systems represent a fundamental step-change in automated cyber defense, are relied upon by organizations around the world, and can cover up to millions of devices. Based on machine learning and probabilistic mathematics, these new approaches to security can establish a highly accurate understanding of normal behavior by learning an organization’s ‘pattern of life,’. They can therefore spot abnormal activity as it emerges and even take precise, measured actions to automatically curb the threat.

Discover why autonomous response and machine learning is the future of defense and how the ‘immune system’ approach to cyber security provides complete network visibility and the ability to prioritize threats in order to better allocate time and resources.

Automating Security in the Cloud

Presenter: Aaron Lennon

The dynamic nature of cloud environments and increased importance on speed and agility bring new challenges with regards to security. In this presentation I will discuss methods that can be used to automate security control validation and incident detection & response activities to maximize effectiveness while minimizing the impact to development activities.

Incident Response Tabletop Exercise

Presenters: Rob Dodson and Jeff Reich (CyberDEF Dojo represent!)

In a very interactive session Jeff will facilitate an incident response tabletop exercise.  You will see an incident from different perspectives, determine actions needed in these scenarios, respond to the injects and identify the gaps in the situation and how it relates to your organization. If you want to volunteer, contact Jeff or Rob via our Slack channel (cyberdefdojo.slack.com).

Smarter Security: Edge to Edge

Presenter: Chuck Jenson

With the Growth of the “Internet of Things device usage, your security trends in 2018 go from securing the perimeter to securing everything. In this session, we will talk about knowing your “Things”, controlling your “Things” and securing your “Things”.

The Paradox of Cyberthreats

Presenter: Ben Mungkornpanich

As environments become progressively interconnected, threats become increasingly complicated. The top security events of the past year make this apparent — and their repercussions make the implementation of smart protections all the more important.

The following sessions will be for CyberDEF Dojo Day on April 12. This is our Security Engagement Series extended event at InnoTech, and the theme for this series will be the future of security.

The Gathering Storm: CISOs as Transformational Leaders

Presenters: Shelly Carlin and Fred Ritch

In this presentation, you’ll get insight into the unprecedented opportunity that Chief Information
Security Officers (CISOs) have to transform their profession and make significant strategic
contributions to their organization. Starting with an analysis of how rapidly accelerating spending
on InfoSec programs will eventually threaten a company’s bottom line, we’ll illustrate how the
skills and capabilities CISO need to be successful are rapidly evolving – and how those who
make the transition from technocrat to business partner can more effectively help their
organizations address both the operational and financial impact of an accelerating threat
environment.

The presentation will examine four key capabilities that CISOs will need to deliver strategic
value to their organizations in the future: Financial Acumen, Risk Management, Collaboration,
and Communication. Examples of how each capability will be essential to the CISO of the future
will be used to illustrate the key Points.

How Quantum Computing Will Impact Your Present Identification Tools and Methods

Presenter: Dr. Jim Keeler

Quantum computing is a new initiative that will change computing forever.  This talk will present an overview of quantum computing, how it works and how it may be used to bypass current authentication controls, steal your identity, and what you can do about it.

Defense in Depth is Dead – Evolving Your Security Approach

Presenter: Chris Gerritz

Reports of network intrusions have spiked in recent years resulting in millions in financial loses, theft of intellectual property, and exposure of customer information. The groups responsible for these attacks are organized and can persist in your organization’s systems and endpoints without detection for 6 months on average – sometimes years. The approach many organizations take to prevent these attacks is to simply layer on increasing numbers of defensive solutions – clearly this approach is no longer sufficient.
Learn why the current defense in depth model, as it is applied in many organizations, leaves critical gaps which allow attackers to remain undetected. Chris Gerritz, Infocyte’s Founder and the former Chief of Defensive Counter Cyberspace Operations for the U.S. Air Force AFCERT team, will discuss:

  • The Defense in Depth model from an attacker kill chain perspective
  • Why defense is important, but it is not the only factor to deliver security
  • Where threat hunting and post-compromise detection fit in the model

Deep Dive into Blockchain Uses

Presenter: Kurt Kelley

Have you heard Blockchain is going to disrupt every industry? In this talk, I will give you real answers to what use cases and case studies are proving out. We will discuss use cases for IoT, Cybersecurity, Supply Chain, E-commerce, segments along with vertical case studies.

The Future Security Professional

Presenters: Dr. David Damper, Rob Dodson, Jacob Stauffer, and moderated by Omar Quimbaya

Learn about what is coming next in security and what professionals need to know to be ready for it. We will be ending CyberDEF Dojo day with a panel discussion what the things you need to know to prepare for tomorrow. Expect to have a better idea of what to study next after this session.

Hope to see you all at InnoTech this year!

Security Engagement Series: Security Hygiene

With the recent breaches in Equifax, Deloitte, and Sonic, our personal, private information has not been private. Organizations working with personally identifiable information from their users or clients are searching for the best defense against the next attack, and it is no longer a matter of if they will be breached but when. This begs the question: what can I as an individual do to protect myself and my private data from getting into the wrong hands? How do I minimize the damage when bad things happen to me electronically? The CyberDEF Dojo is proud to present the next edition of the Security Engagement Series, focusing on improving security hygiene.

Continue Reading

Cyber Security 101: Building a Virtual Lab with Charles Weissenborn

Charlie W

Want to get started in the world of cybersecurity, but don’t know where to begin? Heard the latest buzz words like “cyber range,” “pen-test lab,” and others, but don’t know what it takes to play?

Bring your computer and come prepared to get hands-on as we walk through the steps to build a virtual training lab that can be used to do everything from learning cutting-edge tools, developing test architectures, penetration testing, and more!

No software required (unless you want to deploy virtualized Windows servers or workstations); we’ll provide it all (and we’ll try to keep Omar’s hands off the images so you only have to AV scan them once). Learn important security considerations, discuss virtualized networking, and leave with a (hopefully) robust training lab you can build and modify to your hearts content.

Charlie Weissenborn is member of the Texas Army National Guard and is actively involved in the DoD and local cyber communities. He has served in the military for the past 14 years while occasionally getting to do interesting things like play with high-frequency radio communications, missile launchers, and digging holes in the woods for no reason at all.

He is the recipient of the Bronze Star Medal, the Meritorious Service Medal, the Bronze Order of Mercury, and various other campaign and achievement medals.

Charlie is the Vice President, Young AFCEA, for the Alamo Chapter of AFCEA. He is also a Board Member of the National Guard Association of Texas. He is a member of the Military Cyber Professionals Association, the US Army Signal Corps Regimental Association, and the San Antonio CyberDEF Dojo. An avid volunteer, he also mentors and teaches local San Antonio middle and high school students preparing for the CyberPatriot Competition.

Where to find us:

We will be on the 9th floor of the building. Park on the second floor of the parking garage and enter through the door on the second floor walkway. Take the elevators up to the 9th floor, and you’ll see SecureLogix.

Cyber Security 101

What does it take to be a cyber security professional from a technical standpoint? What are some tools that a person can use in order to learn more about it and get some practice? Charles Weissenborn will be speaking on that topic in the upcoming CyberDEF Dojo meetup! Be sure to RSVP now to get your spot because space is limited!

September 13, 2017, from 6:30pm to 8:00pm @ SecureLogix.

RSVP Here