Austin ISSA

Introduction to Python for Security Professionals

Upcoming 19 June 2019 Austin ISSA Chapter Meeting

Register here today! If you are new to Austin, TX or Austin ISSA and wants to check out our meeting before becoming a member, send a note to membership@austinissa.org for information on getting a complimentary ticket.

Python is a popular scripting language with a wide range of useful features for many tasks. Notably, there are several security-focused Python modules with no equivalent in other languages. This presentation will provide an introduction to Python and its idioms, with mention of some “gotchas” that may surprise even people already familiar with one or more programming languages. Following that, we will discuss several useful security-related Python modules and how to use them.

About Speaker

Daniel Crowley is the head of research and a penetration tester for X-Force Red. Daniel denies all allegations regarding unicorn smuggling and questions your character for even suggesting it. Daniel is the primary author of both the Magical Code Injection Rainbow, a configurable vulnerability testbed, and FeatherDuster, an automated cryptanalysis tool.

Daniel enjoys climbing large rocks and is TIME magazine’s 2006 person of the year. Daniel has been working in the information security industry since 2004 and is a frequent speaker at conferences including Black Hat, DEF CON, Shmoocon, and SOURCE. Daniel does his own charcuterie and brews his own beer. Daniel’s work has been included in books and college courses. Daniel also holds the noble title of Baron in the micro nation of Sealand.

CHAPTER MEETING LOCATION: Norris Conference Center, 2525 W Anderson Ln #365, Austin, TX 78757

May 15 Meeting Recap

Scott Parker – Symantec Internet Security Threat Report

Scott Parker, Sr Principal Systems Engineer at Symantec, presented some of the intriguing findings from the 24^th Symantec Internet Security Threat Report. He compared last year’s results with previous years. He explained 2018 highlights, such as supply chain, Web, and targeted attacks, as well as form jacking and ransomware, crypto jacking attacks are on the increase. He also examined attack timelines and the increase and decrease of different types of attacks.

ISSA members can download his slides here. The actual report, as well as other information, can be downloaded here.

Austin ISSA President Seth Robertson (L) thanks Scott Parker (R) for his presentation

Raffle

Don’t forget that the Austin ISSA chapter meeting has a raffle every month for chapter members. Someone is going to win! Join us next month and it could be you. Ben Flores was the lucky winner for the May 2019 meeting.

Seth Robertson (R), Austin ISSA President, congratulates Ben Flores (L) on winning this month’s Amazon Gift Certificate.

Symantec Internet Security Threat Report (ISTR) 2019

Upcoming 15 May 2019 Chapter Meeting

Click here to Register today !

Symantec’s Internet Security Threat Report (ISTR) 2019, Vol. 24 has been released! If you’re not familiar with the report, it’s a crown jewel of intelligence Symantec publishes each year, which provides an overview and analysis of the year in global threat activity. The report is based on intel from the world’s largest civilian threat network, including 123 million sensors which record thousands of threat events per second from 157 countries and block 142 million threats daily. The 2019 Internet Security Threat Report takes a deep dive into the latest trends in cyber security attacks, including:

Formjacking: The Breakthrough Threat of 2018
Living Off the Land Attacks and Supply Chain Weaknesses are Here to Stay
Cryptojacking Down, But Certainly Not Out
Cloud Security is Organizations’ Achilles Heel
IoT in the Crosshairs of Cyber Criminals and Attack Groups

About our Speaker for May 2019

Scott Parker, CISSP, CISM, SCS Sr Principal Systems Engineer ISSA Distinguished Fellow Symantec Corporation

Scott has been with Symantec for 20 years and is an Information Systems Security Association Distinguished Fellow with over 30 years of tactical and strategic information security experience across multiple control points – data centers, endpoints, and gateways with a focus on threat protection, information protection, cyber security services and security analytics.

April 17, 2019 Recap

We had a full house for our April 2019 Chapter Meeting. Thanks for a great attendance.

Rick Handley, Data Security Manager at Schlumberger, gave an interesting and informative overview on steps to protect data in Microsoft Office 365. He covered licensing, the ecosystem of Office 365, SharePoint, recommended practices and available tools (Azure Rights Management Services, Information Rights Management, Azure Information Protection, and DRM), and leak opportunities and mitigation. Lastly, he went over lessons learned during Schlumberger’s implementation.

ISSA members can download his slides here.

Raffle

Don’t forget that the Austin ISSA chapter meeting has a raffle every month for chapter members. Someone is going to win. Join us next month and it could be you.

Seth Robertson (right), Austin ISSA President, Congratulates Ben Flores (left) on winning this month’s Amazon Gift Certificate!

Protecting Microsoft Office 365 Workloads, Find and Plug Your Data Leaks

Upcoming 17 April 2019 Meeting Topic

Click here to Register today.

Register by April 10, 2019 to avail ISSA member discounts!.

Microsoft Office 365 can represent an excellent opportunity to improve collaboration and productivity in your organization. The myriad of workloads (apps), development tools, connectors and sharing options also represent a great way to leak data.

During this session we’ll explore some of these opportunities to lose control of your data. You will also walk away with practical strategies for maintaining control, even if your budget isn’t big enough to purchase a top tier license.

Rick Handley, CISSP, Data Security Manager, Schlumberger

April 2019 – Speaker: Rick has been an Information Security practitioner for 20 years. Previous roles at Schlumberger include Integration Security Manager and Endpoint Security Manager. Prior to Schlumberger he was Director of Network Security and Integration for Smith International. Rick has also been a speaker at IBM’s Focus Conference and is currently Communications Director for South Texas ISSA having served on the board since 2012. Other interests include a passion for restoring and collecting Pontiac muscle cars, raising funds for wounded veterans, and working on family ancestry.

March 2019, Chapter Meeting Recap

Josh Van Cott was unanimously ratified as the Austin ISSA Sponsorship Director. Congratulations Josh!

Our presentation this month, given by Robert Kern, a Regional Sales Director for Tempered Networks, was called “Segmentation Made Simple, Utilizing Zero Trust via Host Identity Protocol (HIP).” The HIP protocol was developed in 1999 and ratified by the IETF in 2015. Instead of using an IP address for identity, this protocol identifies a device on the network based on a public key security infrastructure to create a provable machine identity. A very interesting presentation! Thank you very much Robert!

Robert Kern, March 2019 Speaker on Host Identity Protocol

If you’re an ISSA member, access the presentation slides from here.

Dietch Dietrich was the winner of the raffle this month. Congratulations!

Seth Robertson (right) Austin ISSA President, congratulates Dietch Dietrich on winning this month’s Amazon Gift Certificate

Segmentation Made Simple

Wednesday March 20, 2019

Learn how the industry is moving from ‘address defined networking’ to ‘identity defined networking’ and using provable machine identities instead of spoof-able IP addresses. Understand how segmentation through zero-trust networking cloaks your network while simplifying your environment. Learn about the Host Identity Protocol (HIP) that combines the powerful attributes of three different protocols (VXLAN, LISP and IPsec) into one -while eliminating their complexity and limitations. INTENDED AUDIENCE(S): IT Director, Network Architect, Security Architect, Enterprise Architect, CIO, CSO, Risk and Compliance Manager

Robert Kern, Director, Regional Sales Tempered Networks

About our speaker for March 2019 : Robert Kern is a Regional Sales Director for Tempered Networks with nearly thirty years of experience providing network and security solutions for customers in multiple market verticals throughout the central United States as well as Mexico. Robert has tenure with several notable and innovative companies, including SynOptics (Bay Networks) and F5 Networks. With his pioneering attitude and keen sense of business, Robert was instrumental in bringing their disruptive solutions to market. Based in Dallas, Robert has cultivated long-standing relationships with Fortune 500 accounts, from oil and gas to global transportation companies, and is well-respected for his ability to map solutions to meet critical business challenges.

Feb 2019, Chapter Meeting Recap

Jason Sheffield, Sr. Sales Engineer at Netskope, made several great points about how enterprises can implement cloud security. Some highlights included:

Data flows like water!
Data exposure from mis-configured settings that does not constitute a breach.
Is that cloud application your enterprise is thinking about using really enterprise ready?
Think about shadow IT:
- Who’s buying it?
- What is the risk exposure?
- From a compliance perspective, how does shadow IT impact audits and compliance?

Larry Moore, Austin, ISSA Past President, thanks Jason Sheffield for this presentation

He suggested three quick wins for Enterprise IT:

DLP policies for downloading sensitive data from the cloud, make sure you scrub test data, and don’t worry about nonsensitive data.
Assess the security of your IaaS environment continuously.
Consider using the same security policies against all your cloud data.

He told us about a great resource to check out – Adrian Grigorof’s article on Peerlyst, Mapping of On-Premises Security Controls vs Major Cloud Providers Version 3.2 Feb 2019.

Thank you, Jason, for a very informative meeting! If you’re an ISSA member, his slides are available here: https://www.issa.org/global_engine/download.aspx?fileid=8ED909AC-BCE6-4DB0-A67B-32DC463DA918&ext=pptx

January 2019, Chapter Meeting Recap

At the ISSA Chapter Meeting on January 16, 2019, William Vastine presented a fascinating overview on “Insider Threat Intelligence: Overview of Nation State-Sponsored Talent Recruitment Platforms.”

Larry Moore, Austin, ISSA Past President, shakes William Vastine’s hand

Our sponsors were Conducive and Splunk. Conducive is a boutique consulting and systems integration firm specializing in Splunk services and focused on solving complex business problems. Splunk was founded to pursue a disruptive new vision: make machine data accessible, usable and valuable to everyone. As well as the Austin ISSA raffle, Splunk and Conducive raffled off an additional $500 in prizes!

December 2018 Austin ISSA Chapter Meeting

For the December Austin ISSA chapter meeting, we had food and fun! The menu consisted of roast turkey breast, house salad, corn bread dressing, green beans, petit fours, pumpkin pie, and ice tea.

Len Noe, CyberArk Global Solutions Engineer, presented “Cyber Kill Chain.”

The Cyber Kill Chain concept, a model developed by Lockheed Martin, consists of seven steps:

Recon
Weaponization
Delivery
Exploitation
Installation
Command & Control
Actions on Objectives

Len demonstrated several attacks in 30 minutes, including:

MouseJack / JackIT, Process Hollowing
WHID cactus / Mimikatz
Hak5 BashBunny- Quick Creds
Responder / MultiRelay

A fascinating presentation! Several of his slide decks are available on SlideShare, such as https://www.slideshare.net/LenNoe/hackers-bag-of-tricks-2019