Wednesday, 15 January, 2020, Austin ISSA Chapter Meeting

Click here to Register for Free

Adding Security to the DevOps Pipeline

With the speed of modern software development, code is being pushed into production faster than ever…. and with it Security Vulnerabilities. Most of these vulnerabilities stem from a small set of common programming errors, which can be easily resolved.

This presentation will go over the different security scans which can be added to your pipeline, and how they lead towards more secure code. It will cover Static Application Security Testing, Dynamic Application Security Testing, Container Scanning, Dependency Scanning, and License Scanning.

About the Speaker

Fernando Diaz is a Technical Marketing Manager at GitLab. He is involved in managing content for GitLab’s set of Security Products. He is an active contributor to Kubernetes, mainly focusing on Ingress-Nginx.

In the past Fernando was an IBMer working as a Software Engineer for IBM’s public cloud. He was also an OpenStack Core Contributor, focusing on Barbican(Key Management) Development. He has spoken and held workshops at several OpenStack Summits.

Born and raised in Miami, Florida, Fernando received his B.ASc. in Computer Science at Florida International University. Currently resides in Austin, Texas and helps keep Austin weird. He loves hanging out with his dog “Oreo” and enjoying nature.

Sponsor for this month – COLORTOKENS

Wednesday, December 11, 2019, Board Member Elections, Speaker of the Year Award, Special Holiday Meal

Register Here

Join us on Wednesday, December 11, 2019 to celebrate another year of promoting information security in the Austin community. We are beta testing remote attendance for the meeting via Zoom. ISSA members can join using Zoom link that is available via this link. You need to log in to the ISSA website with your user id and password to retrieve the Zoom link and password.

5 of our 10 board member positions are up for election, we encourage anyone and everyone to apply by sending an email to elections@austinissa.org.  The positions up for election are:

• Vice President
• Marketing Director
• Membership Director
• Operations Director
• Recording Secretary

More details on these positions is available at https://austinissa.org/chapter-info/

Agenda
11:30 – Networking
11:45 – Chapter Business Update
11:50 – Sponsor
12:00 – Presentation
12:50 – Q&A

Chapter Meeting Location

Norris Conference Center
Located in:  Northcross Mall
Address:       2525 W Anderson Ln #365
                      Austin, TX 78757
Phone:          (512) 451-5011

Sponsor for this month – Thales Security

Register here: https://events.thepulsenetwork.com/Attendee/Default.aspx?C=70000088&M=30000227&Mode=HTML

If you have subscribed to our newsletters, check the most recent mailings from us for free and discounted codes.

We are looking for moderators for each table during the InnoTech Security luncheon round table discussions. Are you interested, or do you know anyone who is interested? If so, please contact the Austin ISSA Treasurer at treasurer@austinissa.org

NOTE: Austin ISSA November 2019 Chapter Meeting regularly scheduled for November 20, 2019 will not be held. Instead we encourage you to register for this event.

Security Expo Sponsors

• Check Point Software
• Cisco Umbrella
• Conducive Consulting
• Critical Start
• Kudelski Security
• Optiv
• Trend Micro

Security Speakers and Topics

How Next-Generation Data Protection Accelerate Innovation Cycles – Real Life Use Case for Blockchain –Lou Senko,  Senior Vice President of Hosting & Chief Information Officer, Q2

Strategic Tool Stacks: Security is More Than Amassing Blinking Lights and Alerts – Tommy Scott, Senior Solutions Consultant, Critical Start

Continuous Security: Using Automation to Expand Security’s Reach –
Matt Tesauro, Senior Partner, 10Security

Digital Extortion & Trend Micro Security Predictions for 2019/2020 
Jesse Brown, Trend Micro

The Current Privacy Policy Landscape – Why Should I Care About CCPA and What is Next? Elizabeth Rogers, CIPP/US, Partner, Michael Best Friedrich, LLP

Security within a Multi Cloud Environment –  Jordan Gackowski, SE Manager, Cisco Cloud Security Jeff Reich, Co-Founder & Chief Risk Officer & Chief Operating Officer, LexAlign, PBC

Cloud and Legacy Security Strategies, How to Find Alignment – Wayne Reynolds, Advisory CISO, Kudelski Security

Securing the Technology Supply Chain – Yi Mao, Ph.D., CISSP, Vice President, atsec Labs, atsec Information Security Corporation, 

For all the latest conference session additions, or to register visit: https://www.innotechaustin.com/securitysummit

ISSA War Game Exercise

To promote education and preparedness in the community, security, technology, and management professionals are invited to participate in a cybersecurity war game exercise. All resources and materials used during the exercise will be provided to attendees to bring back to their organization to launch a program for conducting cybersecurity war game exercises internally.

• On the stage will be participants with tech and management experience who will play various roles at a fictional company, and they will be led through a narrative series of events that result in a cybersecurity breach.
• Members of the audience will be given a dossier on their role as a customer or investor of the fictional company when they arrive, and they will submit feedback to the fictional company via their mobile device. Winning submissions as determined by audience vote will be used within the exercise, and prizes will be issued to select submitters.
• As a tabletop, there are no live systems, instead it’s like a D&D game with hackers and techies instead of dragons and wizards, supplemented with synthesized policies and logs from the fictional systems projected for everyone to see.
• After the event, there will be a panel of experts who will conduct a “hot wash” de-brief, analyzing how well the participants performed, and to what extent our exercise accomplished its objectives.
• Last year’s event received lots of positive feedback and drew attendees from as far as the SF Bay Area, and the Sli.do voting system we used ranked it among the top 10% most interactive events in North America in 2018!

Don’t Miss the ISSA at InnoTech Happy Hour!

5:00pm – 7:00pm Hosted by Kudelski Security A great opportunity to network and socialize with your security colleagues after the conference over free drinks and hors d’oeuvres!

Café Blue Downtown Austin 340 E 2^nd St Austin, TX 78701

Wednesday, October 16, 2019, Austin ISSA Chapter Meeting

Register Here

Register by October 9, 2019 to avail ISSA member discount !

Containers are relatively new to IT; they package software and dependencies in a single binary which are able to run reliably in multiple environments. Containers have grown in popularity to a point where Kubernetes have been created as an open-source container management system.

Like many other IT resources, Containers and Kubernetes are reliable only if configured properly by knowledgeable IT personnel. Without adequate safeguards, they open vulnerabilities that enable attackers to compromise critical systems.

This presentation will address common threats to Containers and Kubernetes and solutions to mitigate those threats. Basic demonstrations will be included.

About Our Speaker

Larry Moore has been serving in the information security field for over twenty years. Prior to security, Larry was a software engineer starting in NASA and migrated to device drivers and kernel extensions for personal computing operating systems such as OS/2, Windows, AIX and other Unix variants.

Larry has served in numerous roles in security. He was a penetration tester, network administrator, security architect, risk assessor auditor, secure code evaluator and part-time social engineer. Larry has worked in both the private and public sectors and his work in architecture and audits included data centers in the U.S. and around the world.

Larry currently works as a GRC Architect and vCISO for Pivot Point Security (pivotpointsecurity.com) where he performs risk assessments, ISO 27001, NIST, HIPAA and privacy assessments and solutions nationwide. His customers include software manufacturers, legal firms, healthcare, public sector and financial services.

Larry served the president of the Austin chapter of the Information Systems Security Association (ISSA) and was the former IT Sector Chief for the Austin chapter of Infragard. Larry is also very active in local security activities and serves as a mentor for rookies interested in entering the security field.

Wednesday, September 18, 2019, Austin ISSA Chapter Meeting

Register Here

Register by September 11, 2019 to avail ISSA member discount !

Blockchain is a trusted digital transaction system that has been getting a lot of attention and is being applied to a lot of business use cases. This presentation will address the trust divide between enterprise blockchain and the cryptocurrency world. It will survey the inspirations for real world uses cases and deployments. This is a must-attend event for all security professionals who would want to learn more about blockchain technology, its impact on business, and the new security challenges of shared business networks.

About Our Speaker

Nitin is a senior technology executive at IBM. He is a forward-thinking, business-minded executive with rich experience as a leader, strategist, and innovator entrenched in the design and development of enterprise infrastructures and applications—including leading-edge middle-ware and mobility solutions for Fortune 500 companies in 20+ countries. He has a Master of Business Administration (MBA), has a Master of Science (MS) in Management Information Systems, and is an IBM Master Inventor with 70+ patents to his credit.

   
In his role as Director of IBM Blockchain Labs he was involved in instituting a body of knowledge and an organizational understanding around blockchain technology and its industry specific applications. He pioneered an enterprise blockchain strategy and advised IBM, business partners, and clients. He is also a co-author of the book “Hands-On Blockchain with Hyper-ledger”.    

Upcoming 21 August 2019, Austin ISSA Chapter Meeting

Register Here

Register by August 14, 2019 to avail ISSA member discount !

This presentation will cover a high-level overview of the emerging DevSecOps culture, methodologies, practices, tools and tactics.  Furthermore, the DevSecOps presentation will go over high level implementations regarding CI/CD security pipelines and where to implement security tools and why security practitioners need to become more agile through automation.

About Our Speaker

Jose Alvarez is a DevSecOps Evangelist & Enthusiast who has 19 plus years of experience in Information Technology with an Associates of Applied Science in Computer Science & a Bachelors in Cyber Security (Graduated Summa Cum Laude). Jose has worked for 4 years in the newly evolving DevSecOps field.  Jose has been educating and promoting best practices and awareness regarding the evolution of DevOps into DevSecOps.  Jose Has several certifications including Splunk (multiple), Ansible, YAML, DevSecOps, CompTIA, Fiber Optics & GCP Cloud Security. He has developed new ways of developing Security as Code Pipelines that increase operational tempo as well as security by leveraging DevOps automation tools and lean manufacturing principles.  He has developed new workflows that don’t interfere with existing pipelines and found new and creative ways to transform security teams from only being a cost center into a savings and possibly a profit center using DevSecOps as a defensive competitive advantage.