Austin ISSA

Containers and Kubernetes Security

Wednesday, October 16, 2019, Austin ISSA Chapter Meeting

Register Here

Register by October 9, 2019 to avail ISSA member discount !

Containers are relatively new to IT; they package software and dependencies in a single binary which are able to run reliably in multiple environments. Containers have grown in popularity to a point where Kubernetes have been created as an open-source container management system.

Like many other IT resources, Containers and Kubernetes are reliable only if configured properly by knowledgeable IT personnel. Without adequate safeguards, they open vulnerabilities that enable attackers to compromise critical systems.

This presentation will address common threats to Containers and Kubernetes and solutions to mitigate those threats. Basic demonstrations will be included.

About Our Speaker

Larry More, GRC Architect and vCISO Pivot Point Security

Larry Moore has been serving in the information security field for over twenty years. Prior to security, Larry was a software engineer starting in NASA and migrated to device drivers and kernel extensions for personal computing operating systems such as OS/2, Windows, AIX and other Unix variants.

Larry has served in numerous roles in security. He was a penetration tester, network administrator, security architect, risk assessor auditor, secure code evaluator and part-time social engineer. Larry has worked in both the private and public sectors and his work in architecture and audits included data centers in the U.S. and around the world.

Larry currently works as a GRC Architect and vCISO for Pivot Point Security (pivotpointsecurity.com) where he performs risk assessments, ISO 27001, NIST, HIPAA and privacy assessments and solutions nationwide. His customers include software manufacturers, legal firms, healthcare, public sector and financial services.

Larry served the president of the Austin chapter of the Information Systems Security Association (ISSA) and was the former IT Sector Chief for the Austin chapter of Infragard. Larry is also very active in local security activities and serves as a mentor for rookies interested in entering the security field.

September 18, 2019 Recap

Presentation – Miguel Ortiz – Blockchain What will we solve together?

Miguel Ortiz – Blockchain Solutions Architect, IBM

Miguel Ortiz stepped in for Nitin Gaur, who was scheduled to speak on Blockchain was not able to attend due to unexpected work travel. Miguel talked about his current role as Blockchain Solution Architect where he advises startups on Blockchain technology and enabling them from concept to implementation of business solutions. He started out the presentation by talking about What is block chain and the key capabilities about it such as shared ledger, smart contract, permission and consensus. Discussed differences between permissioned block chain, UN-permission ed Blockchain, private blockchain, public blockchain. Permission-ed block chain can also be public. Bitcoin is an UN-permission ed and public. One can get started with block chain using open source and free Linux Foundation Project Hyper Ledger https://www.hyperledger.org/ Next he discussed about Blockchain use cases in every industry – Banking, Financial, Retail, Supply Chain, Healthcare, Manufacturing, Governance, Insurance. Talked about some projects such as IBM Food Trust that– Started with IBM and Walmart for solutions to problem of food supply chain. Project Tradelens (https://www.tradelens.com/) was another interesting project using blockchain for digitizing global supply chain. It was a very informative meeting about Blockchain use cases with some security related use cases such as De-Centralized Identity enabled by projects such as Sovrin (https://sovrin.org) and Hyper ledger Indy (https://www.hyperledger.org/projects/hyperledger-indy )

Presentation deck is available for ISSA members at ISSA web site. You will need to login first to access the slides. https://www.members.issa.org/global_engine/download.aspx?fileid=0C0C2D9A-8B1E-46C2-84E6-EA460F87AAB6&ext=pdf

Making Blockchain Real for Business

Wednesday, September 18, 2019, Austin ISSA Chapter Meeting

Register Here

Register by September 11, 2019 to avail ISSA member discount !

Blockchain is a trusted digital transaction system that has been getting a lot of attention and is being applied to a lot of business use cases. This presentation will address the trust divide between enterprise blockchain and the cryptocurrency world. It will survey the inspirations for real world uses cases and deployments. This is a must-attend event for all security professionals who would want to learn more about blockchain technology, its impact on business, and the new security challenges of shared business networks.

About Our Speaker

Nitin Gaur,
Director, IBM WW Digital Asset Labs

Nitin is a senior technology executive at IBM. He is a forward-thinking, business-minded executive with rich experience as a leader, strategist, and innovator entrenched in the design and development of enterprise infrastructures and applications—including leading-edge middle-ware and mobility solutions for Fortune 500 companies in 20+ countries. He has a Master of Business Administration (MBA), has a Master of Science (MS) in Management Information Systems, and is an IBM Master Inventor with 70+ patents to his credit.

In his role as Director of IBM Blockchain Labs he was involved in instituting a body of knowledge and an organizational understanding around blockchain technology and its industry specific applications. He pioneered an enterprise blockchain strategy and advised IBM, business partners, and clients. He is also a co-author of the book “Hands-On Blockchain with Hyper-ledger”.

August 21 2019 Recap

Presentation – Jose Alvarez, DevSecOps – Security as Code, Beyond the Pipeline

Jose Alvarez is a DevSecOps Engineer

First, Jose defined DevSecOps and talked about some of the reasons security teams might want to go “agile.” He recommended reading The Phoenix Project by Gene Kim, Kevin Behr, and George Spafford. Next, he explained some of the more useful tools for automation—such as Jenkins, Ansible, Puppet, and Chef—and some useful security tools—which include nmap, Nikto, the OWASP Dependency checks, and Metasploit.

The best part was the demonstration he did using Jenkins with the Blue Ocean plugin to run automated tests.

It was a very informative meeting!

Slides will be available for this meeting at https://www.members.issa.org/resource/collection/DA59637C-851B-4DB2-8B5B-977AB3118D4C/Dev-Sec-Ops_Presentation__1_.pptx

DevSecOps (Security as Code)

Upcoming 21 August 2019, Austin ISSA Chapter Meeting

Register Here

Register by August 14, 2019 to avail ISSA member discount !

This presentation will cover a high-level overview of the emerging DevSecOps culture, methodologies, practices, tools and tactics. Furthermore, the DevSecOps presentation will go over high level implementations regarding CI/CD security pipelines and where to implement security tools and why security practitioners need to become more agile through automation.

About Our Speaker

Jose Alvarez is a DevSecOps Evangelist & Enthusiast who has 19 plus years of experience in Information Technology with an Associates of Applied Science in Computer Science & a Bachelors in Cyber Security (Graduated Summa Cum Laude). Jose has worked for 4 years in the newly evolving DevSecOps field. Jose has been educating and promoting best practices and awareness regarding the evolution of DevOps into DevSecOps. Jose Has several certifications including Splunk (multiple), Ansible, YAML, DevSecOps, CompTIA, Fiber Optics & GCP Cloud Security. He has developed new ways of developing Security as Code Pipelines that increase operational tempo as well as security by leveraging DevOps automation tools and lean manufacturing principles. He has developed new workflows that don’t interfere with existing pipelines and found new and creative ways to transform security teams from only being a cost center into a savings and possibly a profit center using DevSecOps as a defensive competitive advantage.

July 2019 Recap

Presentation – Dan Teal, How New Features Affect the Windows 10 Attack Surface

Dan Teal is currently a principal engineer at Sophos working on Sophos for Windows. He has been very involved in information security since he helped develop techniques for offensive and defensive information warfare during his career as a US Air Force officer in the early 1990s. Since leaving the Air force, he was a co founder and CTO of CoreTrace Corporation and has also worked at Cisco, Trident Data Systems, WheelGroup Corporation, and Lumension Security.

One of the first things to understand about Windows 10 is that it is a service. Microsoft has added many new security features and continues to add new ones at a rapid pace. Most of these new security features are turned off by default. The list of optional features is available by choosing Control Panel, Programs and Features, and finally, click on Turn Windows features on or off. The features available will vary according to the version of Windows 10 running on your computer. To discover information on version of Windows 10 running on your computer, hit the Windows key+I, choose System > About. There you will find the edition of Windows, Version, OS build, and other information about your computer.

It was a very informative meeting! Presentation available from ISSA member site : https://www.members.issa.org/members/group_content_view.asp?group=90291&id=152524

Raffle

Don’t forget that the Austin ISSA chapter meeting has a raffle every month for chapter members. Someone is going to win! Join us next month and it could be you.

How New Features Affect the Windows 10 Attack Surface

Upcoming 17 July 2019, Austin ISSA Chapter Meeting

Click to Register here.

ISSA Members avail early bird discount. New to Austin ISSA? Send an mail to our membership director for a complimentary code for registration

Microsoft released Windows 10 to the public four years ago and the operating system has evolved rapidly since then. This presentation will provide an overview of several features that have been introduced and how they increase or decrease the operating system attack surface.

Most of the features addressed in this presentation are available in all Windows 10 editions and Windows Server 2016 and 2019. We will especially focus on Containers and the Windows Subsystem for Linux and how these features can help or hinder your security posture.

Speaker for July,2019 – Dan Teal, Principal Engineer, Sophos

Dan is a consummate computer security professional. He has watched the security field grow over his career and is accomplished in many of the facets of security today. As a US Air Force Officer in the early 1990s, he helped develop the technologies and techniques for offensive and defensive information warfare. Dan has long proposed that you cannot adequately secure something unless you know how to attack it. He has developed penetration testing tools; researched and developed host and network-based intrusion detection systems, tested the efficacy of security products, architected next generation security products, and mentored security development teams. Dan’s primary objective is to develop advanced security products to stop the threats of today and mitigate the threats of tomorrow..

June 19, 2019 Chapter Meeting Recap

Sponsor – Kudelski Security

Patrick Charters gave a short presentation on Kudelski Security. He can be reached at 512-740-6502 or Patrick.Charters@KudelskiSecurity.com.

Presentation – Daniel Crowley, Intro to Python for Security Professionals

Daniel Crowley is the Research Baron at IBM X-Force Red. He belongs to Austin Hacker’s Anonymous and encouraged our membership to attend a meeting. Information about AHA meetings is posted at http://takeonme.org/.

He gave an introduction on Python, which was geared toward someone who knew at least 1 language. He introduced several terms, such as “duck typing,” which means that type declarations are not used. He recommended reading the official Python documentation at https://www.python.org/doc/. He discussed differences between Python 2 and Python 3. He showed some methods for converting Python 2 code to Python 3. Then he segued into how to leverage that into scripts than an Infosec professional would find useful, such as how to fingerprint a server, write Scapy modules (documentation available here: https://scapy.readthedocs.io/en/latest/), build a ICMP tunnel to send data, which could evade detection, and how to print all ICMP payloads. It was a fascinating overview! Slides are not available for this meeting.

Raffle

Don’t forget that the Austin ISSA chapter meeting has a raffle every month for chapter members. Someone is going to win! Join us next month and it could be you.

Introduction to Python for Security Professionals

Upcoming 19 June 2019 Austin ISSA Chapter Meeting

Register here today! If you are new to Austin, TX or Austin ISSA and wants to check out our meeting before becoming a member, send a note to membership@austinissa.org for information on getting a complimentary ticket.

Python is a popular scripting language with a wide range of useful features for many tasks. Notably, there are several security-focused Python modules with no equivalent in other languages. This presentation will provide an introduction to Python and its idioms, with mention of some “gotchas” that may surprise even people already familiar with one or more programming languages. Following that, we will discuss several useful security-related Python modules and how to use them.

About Speaker

Daniel Crowley is the head of research and a penetration tester for X-Force Red. Daniel denies all allegations regarding unicorn smuggling and questions your character for even suggesting it. Daniel is the primary author of both the Magical Code Injection Rainbow, a configurable vulnerability testbed, and FeatherDuster, an automated cryptanalysis tool.

Daniel enjoys climbing large rocks and is TIME magazine’s 2006 person of the year. Daniel has been working in the information security industry since 2004 and is a frequent speaker at conferences including Black Hat, DEF CON, Shmoocon, and SOURCE. Daniel does his own charcuterie and brews his own beer. Daniel’s work has been included in books and college courses. Daniel also holds the noble title of Baron in the micro nation of Sealand.

CHAPTER MEETING LOCATION: Norris Conference Center, 2525 W Anderson Ln #365, Austin, TX 78757

May 15 Meeting Recap

Scott Parker – Symantec Internet Security Threat Report

Scott Parker, Sr Principal Systems Engineer at Symantec, presented some of the intriguing findings from the 24^th Symantec Internet Security Threat Report. He compared last year’s results with previous years. He explained 2018 highlights, such as supply chain, Web, and targeted attacks, as well as form jacking and ransomware, crypto jacking attacks are on the increase. He also examined attack timelines and the increase and decrease of different types of attacks.

ISSA members can download his slides here. The actual report, as well as other information, can be downloaded here.

Austin ISSA President Seth Robertson (L) thanks Scott Parker (R) for his presentation

Raffle

Don’t forget that the Austin ISSA chapter meeting has a raffle every month for chapter members. Someone is going to win! Join us next month and it could be you. Ben Flores was the lucky winner for the May 2019 meeting.