2020 Virtual Events
November 19 Virtual Presentations
Thursday, November 5th, 2:00 PM
Please join us for the fourth in our series of Fall 2020 virtual events. Our speakers will be Miju Han, Dave Shore, and Marty Poniatowski.
Hacker-Powered Data: The Most Common Security Weaknesses and How to Avoid Them
Security teams often see a deluge of incoming vulnerabilities from scanners, pen tests, and bug bounty programs. Using eight years of never before seen data from 1,800+ bug bounty programs and over 160,000 valid vulnerabilities found, this talk offers a focus for security teams based on analysis of what hackers actually exploit in the wild and what companies actually value. Attendees will discover common weaknesses such as Violation of Secure Design Principles, Information Disclosure, Denial of Service, VPN and Cryptographic Issues, and how attackers could exploit these prevalent vulnerabilities. Walk away with insights into the most common security weaknesses to better defend against them.
Miju Han is the Director of Product Management at HackerOne, the #1 hacker-powered security platform, where she leads a team of product managers, data scientists, and engineers to build and launch practical and actionable tooling for security teams. With a background in both data and security, Miju has a keen eye for spotting increased efficiency and automation in modern security practices. Miju previously served as a Director of Product at GitHub, where she pitched and launched security alerts on top of the dependency graph, one of the first large-scale efforts to embed security best practices into core development tooling. GitHub’s security alerts won a 2018 technology of the year award from InfoWorld, and more importantly, have lead to the patching of almost ten million vulnerabilities. Miju began her career working on data science at content platforms such as YouTube, Beats Music/Apple, and TuneIn.
Dave Shore & Marty Poniatowski
Splunk Container-as-a-Service Powered by HPE GreenLake
Enterprises in all industries and of all sizes leverage solutions to provide insight into machine-generated data. As enterprises grow, so does the volume of such data and the need to analyze, identify data patterns, provide metrics, diagnose problems and provide intelligence for business operations. Until recently, expanding daily ingest rates required significant investment of time and capital. The infrastructure and operational costs associated with industry leading SIEM solutions often increase the investment cost by 4X above the cost of the software.
Hewlett Packard Enterprise (HPE) has developed a breakthrough solution that has helped the third largest bank in the United States (by Total Assets) scale its machine-generated data ingestion rates from 150TB/day, where its legacy system was breaking, to 400 TB/day, with 99.999% system availability and 99.999999999% data durability. This solution is now scalable and available to meet the requirements of enterprises of all sizes.
Join Dave Shore, Director of HPE GreenLake Cloud Services, and Marty Poniatowski, Senior Director and HPE Chief Technologist, to learn about HPE’s optimized solution for Splunk and its feature benefits, including:
- A flexible consumption delivery model available as-a-Service, or hosted, allowing organizations to optimize cash flow and focus on their business
- A unified, scalable solution that eliminates security blind spots with up to 109x the ingestion rate
- An efficient loosely-coupled architecture that optimizes the footprint and cost with the independent scaling of search heads, indexers, cache storage, and permanent storage
- The ability to rapidly add new use cases deploying open-source containerized Splunk indexers and search heads in minutes
- Support for Splunk’s SmartStore architecture of hot as cache and open standard S3 object storage as the system of record
November 5 Virtual Presentations
Thursday, November 5th, 2:00 PM
F. Paul Greene, Esq. & Daniel Altieri, Esq.
The Essential Legal Toolkit for Surviving Your Next Ransomware Attack
F. Paul Greene is a partner and the Privacy & Data Security practice group leader at Harter Secrest & Emery LLP. Paul represents clients in a wide range of industries concerning all aspects of proactive preparation and risk management, including security and vulnerability assessments, policy and procedure review, breach response planning and drills, as well as board and management education on cyber risk and privacy issues. Post-breach, Paul and his team provide a full array of reactive services, including breach coaching and response, crisis management and communication, internal and governmental investigations, breach notification, and potential litigation or regulatory action including under the EU’s General Data Protection Regulation (GDPR), the Personal Information Protection and Electronic Documents Act (PIPEDA), and the upcoming California Consumer Privacy Act (CCPA).
Dan advises clients on all aspects of commercial litigation from pretrial matters through trial and appeal. He has tried several cases to verdict and successfully argued before the Supreme Court of the State of New York Appellate Division. Clients trust Dan to resolve disputes swiftly—both in and out of the courtroom—to achieve their business and legal objectives.
As an integral part of HSE’s growing privacy and data security team, Dan quickly identifies any potential security issues and addresses them before they become a serious problem for the client. He provides guidance on best practices to avoid a data breach, security and vulnerability assessments, post breach response, due diligence in acquisitions, potential litigation or regulatory action, and more.
The Future of Cybersecurity: The Real Ways Data Science Will Transform SecOps
2:30pm – 3:30pm ET
Data science is already transforming many aspects of our business and personal lives, but many in the cyber security do not know how it will change the industry. In this brief talk, I explain how data science is being used to bridge the gap between the threat intelligence typically leveraged by security platforms and the threat intelligence that human experts use. I quickly explore what makes data science-based detection logic different from Boolean-based detection logic, why practitioners will move away from the SIEM event funnel, and how frameworks like MITRE ATT&CK are critical to creating efficiencies for people and machines.
Matt DeMatteo is a Sr. Principal Engineer focused on Secureworks’ Security Products and Services. Matt joined Secureworks in 2007 as a Security Analyst in the Providence, RI SOC. Matt has been working directly with customers for the past ten years as a Presales Engineer, Principal Engineer, Account Manager, and Global Solution Lead for MSS and MDR. His goal is to help customers protect their organizations by aligning threat actor risk with modern SecOps practices. Matt works with Secureworks’ global sales force, product development teams, and partners to promote best practices in solution design. Matt has a passion for understanding customers’ business needs and unique risks. Matt holds a BS in Computer Science from the University of Rhode Island, where he also was the Director of the Digital Forensics Lab.
October 29 Virtual Presentations
Thursday, October 29nd, 2:00 PM
The Zero Trust Challenge for Hybrid Cloud
2:00pm – 2:30pm ET
The hybrid cloud now handles much that was formerly done by the in-house IT organization. From an infrastructure and operations perspective however, oversight and management are more challenging than ever. During this talk, we will discuss the elements of conventional I&O that must remain – although transformed – when migrating increasing portions of an organization’s workload to hybrid cloud. We will focus on information security, and in particular the architectural challenge that zero trust places on conventional information security architectures, procedures, staffing, and audit. We will close with some hints and tips to smooth the passage to this superior cybersecurity approach.
William Malik is VP of Infrastructure Strategies at Trend Micro. As a founder of Gartner’s Information Security Strategies service, Bill has deep expertise in information security matters. He has spoken internationally on information security, identity management, privacy, business continuity, and enterprise architecture. During his IBM career he guided the mainframe operating system zOS (then MVS) through the process leading to a NIST/NSA B1-level security rating. He taught a graduate class on Information Security Policy at Georgia Tech and authored the chapter “Information Security Policy in the US National Context” for the text “Information Security: Policy, Processes, and Practices,” Detmar Straub, et al., editors. M. E. Sharpe, 2008.
Hardening HTTPS and SSH
2:30pm – 3:30pm ET
We will talk about the inner workings of the TLS and SSH protocols and the security properties they offer. Attacks against the TLS protocol versions will be analyzed, along with weak ciphersuites and other options. Similarly, attacks on SSH and various common cryptographic settings will also be discussed. Open-source and free tools will be demonstrated to audit TLS & SSH services. Hardening techniques for achieving optimal security settings for both protocols will be covered in detail.
As a seasoned security consultant, Testa brings over 15 years of experience to the business. He specializes in penetration testing, server & network hardening, source code auditing, and social engineering. A strong supporter of open-source technology, he is the author and maintainer of the Rainbow Crackalack, SSH-MITM, and Bitclamp projects.
Prior to founding Positron Security, Testa excelled as a security researcher and vulnerability test programmer for Rapid7. He holds a Master of Science degree in Computer Security and Information Assurance from the Rochester Institute of Technology, along with a Bachelor of Science degree in Psychology and Computer Science from the University of Maryland at College Park.
October 22 Virtual Presentations
Thursday, October 22nd, 2:00 PM
In lieu of the annual Rochester Security Summit, please join us for the first in our series of Fall 2020 virtual events.
Delving into Digital Fraud – Report Reveals Trends
2:00pm – 2:30pm ET
Digital transformation is making it easier not only for legitimate organizations to expand their reach but also for fraudsters and other bad actors to expand theirs. Hear the results of a research study into the digital developments, market forces and regulatory pressures that are driving this shift in how fraudsters and others commit their crimes, as well as how anti-fraud forces fight them. The session will cover three key trends gleaned from this research and provide an understanding of how digital transformation becomes both a critical contributing factor in the problem of growing cyber risks today.
Angel Grant is CMO, RSA Fraud and Risk Intelligence at RSA Security and current member of the Board of Advisors at the PCI Security Standards Council. Before that, she served as the Director of Product Marketing for the Identity, Fraud and Risk Intelligence at RSA. Grant has more than 20 years of experience in the security, eCommerce and financial services industries and is a visionary leader with a passion for developing security solutions to protect against cybercrime and make our digital world a safer place. She attended Bentley University and holds the CISSP certification.
Data Protection for the Work-From-Home Era
2:30pm – 3:30pm ET
Remember five or more years ago you were scoffing at the people who said the perimeter was gone? Well, now (almost) all your employees work from home, and guess what? Your “perimeter” encloses almost none of where your work gets done. So today we’ll have a survey of methods to protect data that don’t assume or require a perimeter in the traditional sense. DLP, DRM, and Cloud approaches that keep data movement controlled but flexible.
- Manager of IT Governance & Compliance at Constellation Brands …but I speak only for myself, not for my employer!
- Been doing Information Security for fifteen years, in IT of one sort or another for two score plus one
- Avid player of poker, enthusiastic-if-slow rider of a Trek.
- [masked] — also semi-findable on LinkedIn
Joint ISSA Chapter / Rochester Security Community Presentation
Thursday, June 4th, 6:00 PM
Cost: Included in ISSA Membership / Open to RSS Audience at No Cost Where: Please RSVP to email@example.com by Monday, June 1st (see below for Zoom link)
Topic: Accelerating and Securing Applications at the Edge
Presentation Summary: In today’s digital economy, the underlying applications and workflows that power organizations must be agile, secure and perform in an optimal manner. As workloads and data move closer to end users, development teams battle legacy infrastructures that are inflexible and unable to scale – slowing down innovation, constricting development cycles and reducing application security and performance. To accelerate and secure modern web experiences, we must rethink how we deploy end-to-end application defenses, ensuring availability and application layer security. Learn how containerized environments can be service-chained to build out a multilayered security policy, giving organizations the flexibility to customize security stacks across best-in-breed WAF, bot management and API protection solutions while delivering policies tailored to individual workflows.
Who: CenturyLinks’ Peter Brecl (Director of Product Management, Security Services)
Speaker’s Bio: Peter Brecl is director of product management for global security products at CenturyLink. He is responsible for the managed security services portfolio, specifically CenturyLink’s Distributed Denial of Service mitigation, web application protection, Security Log Monitoring and threat intelligence solutions, integral products for customers looking to protect their networks.
Peter has more than 20 years of experience in the telecommunications industry. Prior to joining CenturyLink, Peter held positions at Level 3, Qwest and US WEST, Inc. managing business, wholesale and consumer products. His deep industry experience includes product management and development of CenturyLink’s managed security services, data networking, wireless, Fixed Mobile Convergence, VoIP, broadband and IP products.