- This event has passed.
May 2017 Chapter Meeting: Attack & Defend
May 9, 2017 @ 2:00 PM - 4:00 PMFree
Sponsorship is available for this meeting. Contact us.
- 2:00 – 2:10 – Check-in
- 2:10 – 2:20 – Chapter Business
- 2:20 – 3:10 – Speaker 1 – Jim Daniel
- 3:10 – 3:20 – Break
- 3:20 – 4:00 – Speaker 2 – Kelly Hammons
Presentation 1 – Threat Actor Mentality & Methodology
As Blue Team and Defense, the goal is to harden the security of and protect the IT infrastructure from compromise. A common pitfall, however, is to build a series of obstacles that the attacker is expected to go through, only to see the attacker ignore and bypass those obstacles. In order to prevent building an InfoSec Maginot Line, it is crucial to understand the mindset, goals, and actions of attackers. We’ll go through that mentality and methodology and discuss priorities of defense to prevent specific threat scenarios.
Jim Daniel is the Penetration Testing Practice Lead at Critical Start, LLC. He specializes in Network, Web Application, and Physical/On-Site Perimeter Breach and Data Exfiltration. Prior to working in InfoSec, Jim was a Sergeant in the United States Marine Corps with experience running combat convoy operations and escort missions in Iraq
Presentation 2 – Vulnerability Management Isn’t Simple … (or, How to Make Your VM Program Great)
A lot of companies still struggle with Vulnerability Management. For many it has become just a checkbox for some regulatory audit and/or a never-ending battle on the “hamster wheel of pain”. While VM will never be something that’s “simple”, with proper planning and tools it doesn’t have to be hard. This talk will cover some of the challenges with VM and introduce ways to build a successful VM program.
Kelly Hammons, CISSP, is the Principal Consultant and VP of Customer Success for Secutor Consulting. Kelly has been in IT and information security for 24 years and created Secutor’s signature vulnerability management platform, which places special emphasis on using network security architecture to identify critical attack vectors. Kelly has assisted many large companies in building, expanding, and improving their vulnerability management programs.
Please RSVP below. You do not have to be a member to attend. All are welcome.