Come Join us for our June Meeting: Threat Intelligence & Officer Elections

Meeting Time: 11:30 am to 1:00 pm

Speaker: Scott Williams, Anomali

About Anomali: Anomali delivers earlier detection and identification of adversaries in your organization’s network by making it possible to correlate tens of millions of threat indicators against your real time network activity logs and up to a year or more of forensic log data. Anomali’s approach enables detection at every point along the kill chain, making it possible to mitigate threats before material damage to your organization has occurred.To learn more, visit www.anomali.com and follow us on Twitter: @anomali.

Speaker Bio: (Check Back Soon)

Topic: Threat Intelligence & Officer Elections

We will also be holding elections for:

  • Vice President
  • Treasurer
  • Secretary

https://www.eventbrite.com/e/issa-portland-june-2017-threat-intelligence-officer-elections-tickets-34761169594

Posted in Uncategorized | Comments Off on Come Join us for our June Meeting: Threat Intelligence & Officer Elections

May Chapter Meeting: Getting Physical with Red Team

Come Join us for our May Meeting: Getting Physical with Red Team

From: 11:30 am to 1:00 pm

As the landscape of cyber security evolves, offensive security has become the tip of spear. The industry is utilizing more advanced offensive security exercises to compete with present day attackers.  Red Teaming is one of those tools in our toolkit that can provide great insight into the true capabilities of an organization to the thwart an attack.  Matt Mosley of Tevora will discuss one of the three elements of Red Team engagements. Matt’s focus will be on the physical aspect of Red Team engagements which involves bypassing physical controls such as locks, gates, badge systems, alarm systems, and security guards with an overview of tools and techniques used today and stories from actual engagements.

Speaker: Matt Mosley

Speaker Bio:

Matt is the Director of Incident Response & Threat Services at Tevora with expertise in penetration testing, development of security intelligence solutions, digital forensics, and incident response. Matt was also former adjunct professor at UCLA, teaching offensive security tools & techniques.

https://www.eventbrite.com/e/issa-portland-may-getting-physical-with-red-team-tickets-33123690851

Posted in Uncategorized | Comments Off on May Chapter Meeting: Getting Physical with Red Team

Hackathon, HACKED! good job team

Our March meeting was a 1/2 day Hackathon, with the platform provided by Security Innovation. The event was a great success!

The event was a gamified, safe hacking space. Our first and second place winners went on and fully owned the site! This was outside the initial scope and plan, but was still a safe place to run these exercises.

Alexei and Alex, the 2 winners, wrote up their experience and how they were able to own the entire site. It is a good read, showing the details of their attack. I encourage each of you to read.

http://www.aspectsecurity.com/blog/shadow-bank-pwn-hackathon

 

Posted in Announcements, Chapter Meetings, Events, News, Training | Comments Off on Hackathon, HACKED! good job team

PDX Cyber Camp!

LEARN CYBERSECURITY NOW!

Join us at PDX Cyber Camp 2017! The camp will give you and other high school students a hands-on, introductory experience to cybersecurity principles, including hands-on implementation in Windows and Ubuntu.

Cybersecurity is one of today’s hottest technical fields, with some experts forecasting a shortage of up to 1 million trained professionals in the coming years. Cybersecurity careers can be incredibly rewarding and high-paying. By participating in this cyber camp, you’ll receive valuable experience that can help you pursue cybersecurity internships.

PDX Cyber Camp Details

Date: Monday July 17 through Friday July 21, 2017
Camp Times: Monday-Thursday 9 a.m. to 4 p.m., Friday 9 a.m. to 1 p.m.
Camp Reception: Thursday, July 20th
Location #1: (Girls Only) Lincoln High School, 1600 SW Salmon St, Portland, Rm #223
Location #2: (Co-Ed) Center for Advanced Learning, 1484 NW Civic Dr., Gresham
Location #3: (Co-Ed) Mentor Graphics: 8005 Boeckman Rd, Wilsonville, OR
Cost: $150 with scholarships available based on financial need

Curriculum and Highlights

  • Introduction to cybersecurity and ethics
    • Introduction to VMware Player
    • Hands on security configuration of Windows and Ubuntu
    • Mock cyber competition
    • Guest speakers from leading cybersecurity companies including McAfee by Intel Security, Cylance and many more
    • Networking reception with security business professionals and educator

APPLY NOW!

www.softwarediligence.com/pdxcybercamp/

Title Sponsor

PacStar

Platinum Sponsors

IBM
McAfee by Intel Security
Mentor Graphics
Galois

Gold Sponsors

Absolute Software
Cylance
Hueya
New Relic

PDX Cyber Camp 2017 is a program organized and managed by EnergySec (www.energysec.org) and Lincoln High School Coding Club

PDX Cyber Camp 2017 is non-profit and volunteer driven. All proceeds and sponsor-ships go only toward direct expenses such as curriculum, supplies, and outreach.

Posted in Announcements, News, Training | Comments Off on PDX Cyber Camp!

March Symposium presenting the topic of: Half-Day Hackathon

Please join ISSA Portland March Symposium presenting the topic of:  Half-Day Hackathon

(This is the same event that was to happen in December 2016 but was cancelled the day of due to ice and snow)

You can register at the link below until Tuesday March 21, 2017 for the early registration pricing.

https://www.eventbrite.com/e/issa-portland-december-12-day-hackathon-symposium-tickets-32239381859

Space is limited, so please register soon.

When: 

Thursday – March 23, 2017

Agenda:

8:30am – Doors open

9 AM – Overview & Training Session

10 AM – Hacking begins

12-1 PM – Lunch Is Served

1-1:30 PM – Wrap Up Session – Announce Winner!

Where:

Nike Victory (EDO)

15475 SW Koll Pkwy

Beaverton, OR 97006

Presentation:

Come to the first-ever hands-on ISSA website hackathon.  We are partnering with SecurityInnovation to provide an immersive hands-on hacking experience for our ISSA symposium.

Compete against your fellow ISSA Portland members in a contest of hacking skills in a fun environment.

This event will provide value for everyone from a non-coder with zero hacking experience to a seasoned penetration tester.  There are challenges for all skill levels and interest built into the game and we will have expert help on hand to help anyone who wants it.

We will provide some initial training, lunch and the vulnerable infrastructure for you to test your skills against.

You will need to bring a laptop with the following:

Price:

The chapter meeting is subsidized by chapter memberships and sponsors.  There is a nominal fee of $10 (member) or $25 (non-member) for preregistered attendees.  Walk in attendee’s are welcome but will be charged $30 at the door.  If you wish to become a member, please visit http://portland.issa.org/join-issa-portland/ for additional details.

CPEs:

The chapter maintains proof of attendance for members but it is the member’s responsibility to ensure that these CPE’s are credited to their respective accounts. This luncheon will offer 1 CPE per hour of attendance.

Chapter Sponsors:

ISSA Portland would like to thank our program sponsors, who help make high quality programs like this possible.

Platinum Sponsor: Vectra

GOLD Sponsor:  Optiv, Tenable, Netskope

SILVER Sponsor: FireEye, RiskIQ, OBS

Posted in Announcements, Chapter Meetings, Events | Comments Off on March Symposium presenting the topic of: Half-Day Hackathon

How AI Works: Recent examples of AI

Please join us for the February luncheon meeting!!!!

Presenting the topic of Artificial Intelligence and Machine Learning in Security: Move from Detection to  Prevention.”

 

How AI Works – Recent examples of AI

Why AI and ML are well suited for security
Details on how AI and ML work
Impact on Operations, User, and Business
Demo of AI in action (detect only and predict and prevent)

 

Posted in Events | Comments Off on How AI Works: Recent examples of AI

Sticky: Educational Update for 2017

Last Fall, James Trumper and I led a successful CISSP class through PCC. James and I really enjoyed the opportunity and the class participants got a lot out of it. I hope we can put together another course. PCC was a great venue and the cost was much lower than any bootcamp or other intensive I have found. Let me know if you are interested in a local CISSP course, so we prioritize this appropriately.

What else is out there? As you know, I teach for SANS, so I looked into what SANS courses are coming to town. Here is what I found:

  • MGT512: Security Leadership Essentials For Managers with Knowledge Compression™    Apr 10, 2017 – Apr 14, 2017
  • SEC401: Security Essentials Bootcamp Style    Jun 12, 2017 – Jun 17, 2017
  • SEC501: Advanced Security Essentials – Enterprise Defender    Jul 17, 2017 – Jul 22, 2017

These are each great options to avoid travel and get high value training locally. Here is the link: https://www.sans.org/security-training/by-location/north-america/oregon

In my sticky post to the Training page on the Portland ISSA webpage (http://portland.issa.org/category/training/), I mentioned the programs at Mt. Hood Community College, as well as Cybrary.it. These are both very good resources. The first has a number of 2-year programs for Information Security and the latter is continually adding new materials and certifications for self-study.

My teaching schedule is here: https://www.sans.org/instructors/brian-ventura

I have a 2-day Critical Security Controls course outside of Spokane, WA in April and another in Cupertino for May, in case anyone wants to travel with me 🙂

I am partnering with Tenable to host a 5-part webcast series on the first 5 Critical Security Controls starting in May. I will post those up as they get closer.

Dont forget our upcoming March Hackathon 1/2 day symposium:

https://www.eventbrite.com/e/issa-portland-december-12-day-hackathon-symposium-tickets-32239381859

Happy 2017! Stay warm and I look forward to seeing you at the next event!

Posted in Training | Comments Off on Sticky: Educational Update for 2017

ISSA Portland December Hackathon Symposium

Come to the first-ever hands-on ISSA website hackathon!!

We are partnering with SecurityInnovation to provide an immersive hands-on hacking experience for our ISSA symposium.

Compete against your fellow ISSA Portland members in a contest of hacking skills in a fun environment.

This event will provide value for everyone from a non-coder with zero hacking experience to a seasoned penetration tester. There are challenges for all skill levels and interest built into the game and we will have expert help on hand to help anyone who wants it.

We will provide some initial training, lunch and the vulnerable infrastructure for you to test your skills against.

You will need to bring a laptop with the following:
· Recent version of Firefox installed with the FireBug Extension
· Recent Java Runtime installed

Space is limited, so please register soon.

Location:
Nike Victory (EDO)
15475 SW Koll Pkwy
Beaverton, OR 97006

Date:
December 15th, 2016

Agenda:
9 AM – Overview & Training Session
10 AM – Hacking begins
12-1 PM – Lunch Is Served
1-1:30 PM – Wrap Up Session – Announce Winner!

Event Tickets (click here)

 

Posted in Events | Comments Off on ISSA Portland December Hackathon Symposium

Cyber Hygiene – Critical Security Controls

 

FOR OUR FIRST MEETING OF THE FALL! We are happy to have Brian Ventura presenting Cyber Hygiene. With so many types of network attacks and so many tools/solutions to combat these attacks, you ask yourself which should I implement first? Which should I buy? Can I build it myself? The CIS Critical Security Controls are a prioritized approach to ensuring information security. As a general risk assessment, the Critical Security Controls address the past, current and expected attacks occurring across the Internet. In this introduction, we will discuss the benefits and application of the first five controls.

Presenter info:

Brian Ventura is an Information Security Architect at the City of Portland, Community Instructor for SANS and volunteers in the Portland ISSA chapter, working on educational opportunities for members. Brian teaches the Critical Security Controls regularly for SANS and through community events. The City uses the Critical Security Controls to prioritize the Information Security framework for the city.

 

Posted in Events, Uncategorized | Comments Off on Cyber Hygiene – Critical Security Controls

Portland Area Security Community Fall Mixer

Please join ISACA, ISSA, OWASP, ASIS and InfraGard as we kick-off the 2016-2017 programs year.  Details below.  Register today on the event page here!

Portland Area Security Community Fall Mixer September 14, 2016

 

ISACA, ISSA, OWASP, ASIS and InfraGard are hosting a joint event!

WE ARE EXCITED: This year’s event includes several regional associations. This is a great opportunity to network and meet other IT, Security and Audit professionals in our area.

JOIN THE FUN:  Once again we will be providing an array of appetizers and a full hosted bar. Each of the 5 associations will be announcing upcoming events, plans and certification offerings.

COST: The event is FREE. Parking vouchers for the Alder St. STAR PARK, will be available.

USE TRANSIT? The event is right on the max line.

Event Privacy Practices:  Registration information for this information will not be provided to event sponsors, and will be used only by the 5 associations co-sponsoring the event for membership, programs, and marketing purposes. Attendees are being registered in the ISACA attendee system, and contact information will be provided to any other association(s) whom the attendee identifies they are affiliated with during the registration process.

Posted in Announcements, Chapter Meetings, Events | Comments Off on Portland Area Security Community Fall Mixer