BSides events combine security expertise from a variety of platforms in search of the “next big thing” in information security. BSides is an open platform that gives security experts and industry professionals the opportunity to share ideas, insights, and develop longstanding relationships with others in the community.
Cyber attack attribution efforts today are fraught with danger. Currently, the focus is on typical law enforcement techniques designed to gather evidence to prosecute the miscreant. Most of this evidence is technical in nature and thus attribution is dependent on the skill of the investigator and the skill level of the attacker. And currently, the advantage is generally in favor of the skilled attacker, an individual who spoofing it identity.
In a fireside chat, we will review some of these techniques and dive into a discussion on why pentesting does not provide a realistic view of what an attacker may do. I will provide real world examples of the difficulty and outline some potential methods of reducing the uncertainty of identifying an attacker.
Rob Dodson is currently the Executive Director of Redcell San Antonio a non-profit working to promote information security and technology careers. Working with high schools, he is developing programs to bring students into the workforce. Working with individuals who have a desire to embark on a cybersecurity career, Rob is working to form experience opportunities that increase their appeal to employers.
Rob’s background includes a significant amount of time in the government (both in the military and as a contractor) as well as time spent with some of the larger security organizations, including Symantec and Hewlett Packard Enterprises.
InnoTech San Antonio, the Business & Technology Innovation Conference & Exposition, creates an environment where education, innovation, peer-to-peer networking and the latest technology and business solutions are all available specifically for IT professionals. Last year, over 1500 business and technology professionals converged for the annual InnoTech San Antonio event. Use code DOJO99 to get free access to both days of InnoTech San Antonio!
Xconomy’s first public event in San Antonio will focus on the region’s top high-tech trends, players, and companies—and their plans for future growth and impact in areas from cloud computing to cybersecurity, healthtech, and beyond. Through interactive chats, panels, keynotes, and more, the half-day forum will shine the spotlight on what makes San Antonio unique, with an eye toward probing how the region can build relationships and get to the next level as a national technology leader.
Use code DOJO to get $150 off the price of the ticket!
What: All Day DevOps, Live Online
When: October 24, 2017 (24 hours)
Where: From your desktop, laptop, or mobile device
Free Registration: All Day DevOps Registration
Video: All Day DevOps 2017 – 96 Sessions, 4 Keynotes, 24 hours
On October 24th, CyberDEF Dojo will be supporting the Live Online All Day DevOps Conference. This is a 24 hour event with 5 simultaneous tracks, delivering 96 sessions and 4 keynotes in 38 time zones. Session tracks include Automated Security, CI/CD, Modern Infrastructure, DevOps in Government, and the Tech Crawl, where companies will take you behind the scenes of their DevOps working environments.
Featured speakers include Gene Kim, John Willis, Dave Farley, Patrick Dubois, James Wickett, Shannon Lietz, Damon Edwards, and Jez Humble. Registration is free. Full details are located at AllDayDevOps.com or watch this 40 second video to see what it’s all about.
Be on the lookout for details regarding the CyberDEF Dojo watch party for All Day DevOps!
The San Antonio IT Symposium is a conference about IT in San Antonio, as if the title did not give that away. The cool thing about this, though, is that some CyberDEF Dojo members will be speaking at the event, so if you want to come to a free event about IT in San Antonio and check out some Dojo member presentations, please feel free to RSVP (for free) and enjoy the symposium! You’ll probably learn something!
According to the website, here are some things that they have to offer:
CxO Executive Panel Presentations
With the recent breaches in Equifax, Deloitte, and Sonic, our personal, private information has not been private. Organizations working with personally identifiable information from their users or clients are searching for the best defense against the next attack, and it is no longer a matter of if they will be breached but when. This begs the question: what can I as an individual do to protect myself and my private data from getting into the wrong hands? How do I minimize the damage when bad things happen to me electronically? The CyberDEF Dojo is proud to present the next edition of the Security Engagement Series, focusing on improving security hygiene.
Want to get started in the world of cybersecurity, but don’t know where to begin? Heard the latest buzz words like “cyber range,” “pen-test lab,” and others, but don’t know what it takes to play?
Bring your computer and come prepared to get hands-on as we walk through the steps to build a virtual training lab that can be used to do everything from learning cutting-edge tools, developing test architectures, penetration testing, and more!
No software required (unless you want to deploy virtualized Windows servers or workstations); we’ll provide it all (and we’ll try to keep Omar’s hands off the images so you only have to AV scan them once). Learn important security considerations, discuss virtualized networking, and leave with a (hopefully) robust training lab you can build and modify to your hearts content.
Charlie Weissenborn is member of the Texas Army National Guard and is actively involved in the DoD and local cyber communities. He has served in the military for the past 14 years while occasionally getting to do interesting things like play with high-frequency radio communications, missile launchers, and digging holes in the woods for no reason at all.
He is the recipient of the Bronze Star Medal, the Meritorious Service Medal, the Bronze Order of Mercury, and various other campaign and achievement medals.
Charlie is the Vice President, Young AFCEA, for the Alamo Chapter of AFCEA. He is also a Board Member of the National Guard Association of Texas. He is a member of the Military Cyber Professionals Association, the US Army Signal Corps Regimental Association, and the San Antonio CyberDEF Dojo. An avid volunteer, he also mentors and teaches local San Antonio middle and high school students preparing for the CyberPatriot Competition.
Where to find us:
We will be on the 9th floor of the building. Park on the second floor of the parking garage and enter through the door on the second floor walkway. Take the elevators up to the 9th floor, and you’ll see SecureLogix.
Stuxnet, Havex, Blackenergy and CrashOverride represent the first four known targeted attacks against industrial control system targets. This talk will focus specifically on the tools dubbed CrashOverride used during the 2016 Ukrianian power outages. We will do a quick overview of electrical substation architecture, talk about the design of the tools used in the outage and then do a live demo of the tools.
Dan Gunter is a Senior Threat Hunter at the industrial cyber security company Dragos, Inc. where he discovers, analyzes and neutralizes threats inside of ICS/SCADA networks. In this capacity he performs threat hunting, incident response, and malware analysis mission for the industrial community.
Previous to his role at Dragos, Dan served in a variety of Information Security roles as an Cyber Warfare Officer in the United States Air Force with duties ranging from Incident Response at the Air Force Computer Emergency Response Team to developing innovative capabilities for multiple Department of Defense partners. Dan has over 12 years’ experience and has obtained the CISSP, GIAC GSEC, EC Council CEH and CompTIA Security+ certifications. He also holds a Bachelor of Science in Computer Science from Baylor University and a Master of Science in Computer Science from the University of Louisville. Dan previously presented at Blackhat and Shmoocon.
Where to find us:
We are on the 9th floor of the building. Park in the parking garage and enter the building on the second floor.