2020 Triad of NC ISSA Security Summit

Register for this session HERE

“Cover Your SaaS - Protecting your Business in a Cloudy World” 

Description: In this lab simulation, participants will learn about the risks involved with SaaS applications & how to protect their organization against Cyber Threats when the applications are no longer within the 4 walls of the datacenter. The lab will include protecting Office 365, One Drive, GSuite, Dropbox & SalesForce.com

Register for this session HERE

Overview – Jack Daniel, DNS Engineer
The VM-Series on Microsoft Azure can help prevent data loss and business disruption, allowing corporations to move at the speed of the cloud. Use this UTD workshop to demonstrate how the Palo Alto Networks VM-Series firewall and advanced threat prevention features can enhance Microsoft Azure security by providing protection from advanced attacks.
 
This hands-on workshop will:
· Provide students temporary access to Azure console and review how VM-Series is deployed in Azure
·    Demonstrate how to prevent threats while allowing certain applications
·    Showcases VM-Series integration with Azure Application Insights to publish PanOS metrics
·    Demonstrate fault tolerance to redirect the traffic to active VM-Series firewall
·    Showcases how to improve security policy by converting port-based policy to application based-policy with Policy Optimiz

​Register for this session HERE​​​

Abstract

• Presentation will consist of an overview of various types of Multifunction devices.
• A review of the basic setting used for hardening activating security features to protect end user’s data.
• Demonstrate the basic setting to utilize SMTP and SMB.
• Presentation will provide attendees confidence in navigating the MFD menu and securing their device. 

​Register for this session HERE​​​

About This Presentation:
When teams start considering application security, it can feel like you are being thrown into the open ocean without a lifeboat. Security threats can hit you like waves from all sides, while you are just looking for a navigation system to help guide you through each step of securing your code.
In this presentation, Tony UcedaVélez, CEO of VerSprite cybersecurity consulting and leader of OWASP Atlanta, will steer attendees through the developer benefits, helpful security guides, and break from the storm that collaboratives like OWASP offer. He will also share some trade-favorite technologies, security tools, and techniques that you and your team can use to inject security into every stage of your development lifecycle.
All attendees will receive CEUs through ISSA and receive a copy of Tony’s presentation, complete with tools and resource links you can take back to the office.

Presentation Overview:

• Security Challenges
• What is OWASP (Open Web Application Security Project)
• Why There is a Need for Governance and Standardization in Software Development
• What does OWASP have to offer?
• The OWASP Application Security Verification Standard (ASVS) Security Assurance Methodology
• OWASP Top Ten
• Developer Guides
• Security Cheat Sheets for Developers, AppSec, and InfoSec
• Open SAMM (Software Assurance Maturity Model)
• S-SDLC – Building Security-In
• OWASP AntiSamy API
• CSRFGuard
• ESPI (Enterprise Security API)
• Security Testing & OWASP – Prescriptive Advice for Testing
• VerSprite’s Top Security Tools for Developers and Security Professionals
• Open Source Tools for More Nefarious Voyages in AppSec Testing
• Let’s Dock This Discussion & Take It Online

​Register for this session HERE​​​

Presentation Abstract:
Hyper-connectivity is at an all-time high considering advances in Industry 4.0 coupled with increased remote workload migration in recent day. It’s safe for one to surmise that security operations has yet to catch up with some innovations that’ve been pushed out the door too fast. A lot of these innovative measures are employed by businesses to essentially save themselves by crafting new services or simply enabling more internet driven accessibility to handle an already existing service.

This drives need to increase deployment of what’s arguably the weakest point in many security strategies (at least those I’ve consulted with), which is enacting a Security Operations Center (SOC) to enable insight to existing threats and keep constant measure of the organization’s security posture.

The hard truth is that a lot of orgs cannot afford an expensive SIEM tool or justify on boarding of a full-fledged SOC team, yet their relative security are crucial to their operations. All the while a majority of security compliance standards require “eyes on events & data” measures. This becomes a hindrance on some businesses and organizations to which they might begrudgingly employ a half-hearted attempt with minimal effort, or they might not even know where to start. This is where the introduction to open-source solutions come in. In this presentation I will cover:

1. What is SOC? - Processes, People & Technology
2. Open Source - Gathering proper tools to build a SIEM solution purpose-built just for you
3. Considerations & Procedures - Tailoring the pieces to fit your use case(es)
4. Resilience - Strategizing best practices to keep your SOC up and running through thick and thin

​Register for this session HERE​​​

In today’s world, most security teams use threat intelligence reactively, reacting to each sign compromise. While this method is common, we want to pose a question to the attendees – why? Why wait for the unknown to hit you first?

In this presentation, we will be exploring what it would mean to be proactive in your security measures. We will discuss threat hunting and utilizing Threat Intel produced by a threat library built around your environment to hunt the unknowns in your network.

All attendees will receive CEUs through ISSA and receive a downloadable copy of the presentation to take back to the office.

Register for this session HERE

Afternoon- Cyber Range “Game of Clouds”

• Use CloudGuard IaaS, Dome9 and LOG.IC and assist a game studio that has suffered a breach on its newly set up cloud infrastructure. 
  • Mutants and Chaos by YelloWork, is a once-in-a-decade success in the gaming industry. Following its sensational success YelloWorks’ Chief Architect, Kristian Lundqvist, decides to move the game infrastructure to the cloud overnight. However, following the transition they suffer a breach. You are a cloud expert called upon to save the day. The game must go on!  Part 1 – perform reconnaissance and gain a foothold in the target network.

Check Point will be providing lunch (via Gift Cards given the morning of, or by delivery arranged by our team) to participants who register and attend the training day. We will send out signup details for lunch soon. Also, we will be awarding $100 gift cards to the 2 highest scoring players of the Game of Clouds, as well as additional gift cards/prizes throughout the training day.

Register for this session HERE

PAN Lab - Training Day  (Afternoon Session)

Overview – Daniel Stevenson, DNS Engineer
Global expansion, mobile workforces, and cloud computing are shifting the locations of your applications, data, and users. These changes introduce new opportunities, but they also introduce new vectors for cybersecurity risk. Palo Alto Networks Secure Access Service Edge (SASE) - Prisma Access delivers the networking and security that organizations need in a purpose-built cloud-delivered infrastructure. Prisma Access acts as a firewall service that protects branch offices and mobile users from threats while also providing the security services expected from a next generation firewall.
 
The workshop will showcase how to:
·    Protect remote networks and mobile users in a consistent manner, wherever they are
·    Provide connectivity and security in order to access all your applications
·    See the flexibility and cloud scalability to handle your changing requirements
 

​Register for this session HERE​​​

Open Source Intelligence (OSINT)
Sorting through the breadcrumbs on the Internet to Determine Your Exposure

How much data can be found on you or your company on the Internet? The unfortunate answer in today’s world is often far too much. Further, this data can often be used by malicious actors to cause damage to individuals or organizations through cyber attacks or social vendettas.

This short workshop will give attendees an introduction to OSINT by walking through the OSINT Framework available on GitHub. As part of that introduction, we’ll see examples of how tools like SHODAN, Google Dorks, and Recon-ng can be used to collect data on your target. Even better, how can you defend against a potential attackers efforts to find stuff on you?

The instructor will help frame the exposure and risk that the different types of information present, and attendees will have an opportunity to perform some investigation of a subject of their choosing during the hands-on exercises that make up the majority of the workshop.

Among the topics covered during this workshop include:
•    Goals of OSINT
•    OSINT Frameworks
•    Free tools to perform OSINT investigations
•    Searching for data on companies
•    People searching on social media
•    Monitoring to protect you and your business
•   Where to go for more extensive application

Conducting an OSINT exercise should be an expected part of the preparation for any vulnerability assessment or penetration test. It is through these queries that the potential aggressor learns about possible chinks in the armor worn by the target. At the completion of this workshop, the attendees should have a much deeper appreciation of how very true is the statement – “Nothing is ever really deleted from the Internet.”

Cybersecurity specialists and business owners should pay close attention to the amount of information about an organization or individual that exists on the web. This information is often exploited by hackers and other malicious actors bent on doing damage to the reputations of individuals or the integrity of business organizations.

​Register for this session HERE​​​

​Register for this session HERE​​​

Technology Workshop Abstract:
There are three big considerations that often go unnoticed in SD-WAN projects. They’re linked to technology fit, people and process. Failure to select the best technology fit, align the right people and execute a smooth process are the reasons why over 50% of IT projects fail.

Leveraging Silver Peak Unity EdgeConnect™ SD-WAN and Teneo Inc.’s years of technical SD-WAN knowledge, practical and real-life experience, this workshop will give you a clear look inside the adoption of a secure SD-WAN.  Teneo Inc. will discuss the why, when and how to adopt a secure SD-WAN taking in to consideration the challenges that other organizations have faced in regards to people and process. In regards to selecting the technology, Teneo Inc. will introduce the best in class, Silver Peak Unity EdgeConnect™ SD-WAN.

Silver Peak will allow to look inside their Silver Peak Unity EdgeConnect™ SD-WAN. The demo will give an overview of architecting and operating an SD-WAN, as well as dive into core features, capabilities and security components of Silver Peak Unity EdgeConnect™ SD-WAN.

Still have questions? We will save time to answer your questions during the workshop or we will be happy to arrange a time to discuss your organization’s secure SD-WAN project.

De-risk your SD-WAN project by learning directly from Teneo Inc. and Silver Peak’s years of experience and best in class technology.

​Register for this session HERE​​​

Not Another Framework: Cutting Through the Noise

In the world of cybersecurity, we love our frameworks: ISO, NIST, RMF, SOC1, SOC2, COBIT, HITRUST, and many more.  But these different frameworks often complicate areas like maturity modeling, operational readiness, and threat modeling! The struggle is finding the common areas of overlap.  So instead of doing that, the question becomes, how do we elevate all of them under a simplified process? By leveraging common language cutting through the minutiae, we can start to build progress. 

​Register for this session HERE​​​

Description:

The remote work that began as a temporary solution to various stay-at-home orders has now become the new normal for many organizations. While this transition can be beneficial in many ways, it does create further complications for IT departments tasked with maintaining the security and integrity of critical systems. 
During this presentation, cybersecurity experts from TCDI will dive into issues and solutions related to remote access and incident response investigations, as well as how organizations can leverage their existing infrastructure to protect data while supporting their remote employees. 


Agenda: 
• Remote Work Considerations 
• Remote Incident Response Investigations 
• Supporting Remote Employees 
• Common Cybersecurity Attacks and Strategies 
• Key Takeaways

​Register for this session HERE​​​

Whether you are considering a career as a penetration tester, if your organization would benefit from a penetration test, or just want to learn more this workshop is for you. This workshop will serve as an introduction to penetration testing, what separates a penetration test from a vulnerability scan, an overview of the different types of penetration testing, and the pros and cons of a red team engagement. Finally, we will be sure to include plenty of stories from past penetration tests to keep it interesting.

​Register for this session HERE​​​

“Teron Foster and Nolan Myrick from TEKsystems will provide insights (and opinions) regarding career mapping & development, interview skills, resume writing and job market data.”