The Charlotte ISSA chapter is committed to providing the Information Security professionals of Charlotte opportunities to grow both technically and professionally through training, meetings and summits.
October Charlotte-Metro ISSA Chapter Meeting
When: Tuesday, Oct 16, 2018, 8:30 AM – 12:00 PM EDT
Where: TEKSystems 200 S College St Charlotte, Suite #1200, Charlotte, NC 28202
Cost: Free for Active Members (Use registered ISSA email address as discount code). $20 for Non-Members.
08:30 – 09:00 – Registration with light breakfast
09:00 - 10:00 – Brent Huston – the issues associated with the corporate use of crypto currencies such as bitcoin and ethereum.
10:15 – 11:30 – Gideon Rasmussen - Follow the Risk with Cybersecurity Assessments
11:30 – 12:00 – Q&A and Closing Comments
Speakers & Topics
First Speaker Abstract:
This talk will discuss the issues associated with corporate use of cryptocurrencies such as bitcoin and ethereum. Examples of some of the challenges that organizations are working through and some potential solutions are discussed. This talk is aimed at managers, executives and board members and is not technical in nature.
Second Speaker Abstract:
This training session provides practical cybersecurity assessment advice. It details the process including: scoping, work papers, on-site assessment, report preparation and presentation.
The NIST Cybersecurity Framework is a starting point. Tips are provided to add risk opportunistic controls and to adapt future assessments with deep dives into critical functions.
Brent Huston is a Serial entrepreneur, adviser, inventor & futurist with a focus on information security, crime, fraud & industrial espionage. Interested in the impacts of technology across these activities. Frequent author, speaker and teacher on technology-related risk & cyber-crime topics.
I am an expert-level security & criminal researcher with a history of innovative approaches, responsible disclosure, rational control development & substantial findings. I have world-class experience with IoT, ICS/SCADA, utility & critical networks including threat modeling, segmentation, pen-testing, protocol/process/business logic weaknesses & incident response. My deep knowledge areas include application security, fuzzing, honeypots, open source intelligence & attacker deception/tampering.
To date, I have brought more than a dozen technology products to market & hold two US patents. I act as an adviser, mentor & investor in multiple technology companies around the world. I've reviewed hundreds of products for security & scaleability, prepped many entrepreneurs for funding & performed market & trend analysis for several highly recognizable brands & product companies.
My background includes educating boards about risk management & technology issues, mentoring executives/regulators & working as a part of a US Congressional Oversight Committee task force. I am also a BBB Torch Award, US DOE Gold Medal & ISC2 Lifetime Community Service award winner. I serve as a member of ISACA, Infragard & ISSA, where I am a Senior Member.
I am currently experimenting heavily with dark market economics, machine learning & analytics (primarily focused on natural language processing), IoT security, blockchain impacts, threat intelligence and a wide range of security automation techniques. In addition, I lead a team focused on researching "machine assisted learning", which is a new approach for rapid skills acquisition.
Gideon Rasmussen is an Information Security Executive with 20 years of experience in corporate and military organizations. Gideon has designed and led programs including Information Security (as a CISO), PCI - Payment Card Security, Supplier Assessment, Application Security and Information Risk Management. Gideon has authored over 30 information security articles. He is a veteran of the United States Air Force, a graduate of the FBI Citizens Academy and a recipient of the Microsoft Most Valuable Professional award. Gideon has also completed the Bataan Memorial Death March (4 occurrences)
Diving into IoT Security: Strategies and Tactics for Assessment
When: Tuesday, October 16 from 1:00 PM - 5:00 PM
Where: Sealed-Air Corporate - 2415 Cascade Pointe Boulevard, Charlotte, NC 28208
Cost: Members; $20.00, Non-Members $35.00
This workshop will explore performing a basic level assessment of IoT devices, and walk through the process of performing scoping of the exercise, attack surface mapping, threat modeling, vulnerability assessment, penetration testing and mitigation formulation. We will look at devices where the functionality is confined to the premises, mixed function devices where some functions operate “in the cloud” and even talk about performing passive testing and research to examine systems you can’t legally/ethically test. The speaker will walk through several of the assessments that have been completed in his company’s labs and discuss some of the challenges with IoT testing and some potential workarounds to common problems.
A couple of devices will also be brought in and open to the attendees to explore and practice some of the discussion points. Bring a laptop, some networking cables and such, and your favorite hacking tools if you want to hammer on some IoT items for fun!
Entrepreneur, Inventor & Futurist with a focus on crime, fraud & industrial espionage. Interested in the impacts of technology across these activities.
Security & criminal researcher with a history of innovative approaches, responsible disclosure, rational control development & substantial findings. World-class experience with ICS/SCADA, utility & critical networks including segmentation, pen-testing, protocol/process weaknesses & incident response. Deep knowledge of fuzzing, honeypots & attacker deception/tampering.
To date, I have brought more than a dozen technology products to market and hold two US patents. I act as an advisor, mentor and investor in multiple technology companies around the world.
PARKING & REGISTRATION:
We’ve provided a map below with guidance on navigating the campus once you arrive.
When you enter the campus from West Tyvola Road, follow the red line marked on attached map to park in Parking Deck 1 (Marked with the Red A), or if full, proceed to Parking Deck 2.
You can park on either the upper or lower decks, but please ensure you back your vehicle into your parking space.
From either parking deck, proceed to Building A (Marked with Blue B) to sign in and get your visitors badge.
From here a member of the Corporate Information Security team will direct you to our Pavilion (Marked with the Black C) where the meeting will be held.
Annual Charlotte-Metro ISSA Summit 2018 Recap
The Charlotte Metro Information Systems Security Association (ISSA) is pleased to announce the ISSA Information Security Conference to be held on May 10th 2018 at the Charlotte Convention Center. This day-long event is designed to provide a forum in which industry leaders, policy makers, and regional peers can share information regarding emerging technologies, trends, and best practices within Information Security and related fields. The Conference features a full day of talks and presentations as well as educational opportunities with hands-on workshops, demonstrations of new technology, peer networking, and the opportunity to exchange the latest security information, strategies and techniques. A number of nationally acclaimed information security experts and media personalities are slated to deliver keynote addresses in addition to an array of technical presentations in areas such as: Audit / Compliance, Vulnerability / Risk Management, OS Security, Identity and Access management, Hands-on Attacks, Forensics / Incident Response, and Future Challenges.
Aaron Bedra is the Chief Scientist of Jemurai, where he works at the intersection of software, security, and business. He has served as a Chief Security Officer, Chief Technology Officer, and Principal Engineer/Architect. He has worked professionally on programming languages, most notably Clojure and ClojureScript. Aaron is the creator of Repsheet, an open source threat intelligence toolkit. He is the co-author of Programming Clojure, 2nd and 3rd Edition and a contributor to Functional Programming: A PragPub Anthology.
Carlos Perez is the Team Lead for Research at TrustedSec. He has won the Microsoft MVP award several years for his work on PowerShell and Enterprise Security. He is mostly known for his contributions to the Metasploit Framework and co-host in the Security Weekly podcast.
Jack Jones has worked in technology for over thirty years, and information security for over twenty-five years. He has ten years of experience as a CISO with three different companies, including five years at a Fortune 100 financial services company. His work there was recognized in 2006 when he received the ISSA Excellence in the Field of Security Practices award at that year’s RSA conference. In 2007, he was selected as a finalist for the Information Security Executive of the Year, Central United States, and in 2012 was honored with the CSO Compass award for leadership in risk management. Jack is an active member in ISACA, serving on the task force that created the RiskIT framework and playing a lead role in developing the CRISC certification. He is also the creator of the “Factor Analysis of Information Risk” (FAIR) framework adopted by the Open Group as an international standard. Currently, he is the EVP Research and Development of RiskLens, Inc., and is Chairman of the FAIR Institute, a non-profit organization dedicated to evolving risk management practices. He has also co-authored a book on FAIR entitled “Measuring and Managing Information Risk, a FAIR Approach” which was inducted into the Cyber Security Canon in 2016.
Dr. Galina Datskovsky, CRM, FAI and serial entrepreneur is an internationally recognized privacy, compliance and security expert. Galina is currently the CEO of Vaporstream®, a position where she applies her knowledge and strategic guidance in building businesses, product development, governance policies, as well as cyber security. Prior to Vaporstream, Galina served as CEO of Covertix, North America; Senior Vice President of Information Governance at Autonomy/HP; and as General Manager of the Information Governance Business Unit and Senior Vice President of Architecture while at CA. She joined CA in 2006 with the acquisition of MDY Group International, where she was the founder and CEO. In addition, Galina currently sits on the advisory board of the Executive Woman’s Forum and is part of the Voice Privacy Alliance. She is a champion of the entrepreneurial spirit as she has served on the board of multiple startups, assisting with strategy and continues to support the startup community. Galina served as Chair, President, President Elect and Director of ARMA International (2007-2013) and has been widely published in academic journals, speaking frequently for industry organizations such as AIIM, ARMA SINET, EWF, ILTA, IQPC and MER. Throughout Galina’s career she has been the recipient of numerous awards. Most notably she was designated a Distinguished Engineer while at CA (2006-10), was the recipient of the prestigious Emmet Leahy award (2013) and was named a Fellow of ARMA International (2014). Prior to founding MDY, Galina consulted for IBM and Bell Labs and taught at the Fordham University Graduate School of Business and the Graduate School of Arts and Sciences at Columbia University. She earned her doctoral, master’s and bachelor’s degrees in Computer Science from Columbia University.
Evil Mainframe Penetration Testing Recap
Instructors: Philip Young - Soldier of FORTRAN - @mainframed767 & Chad Rikansrud - Big Endian Smalls - @bigendiansmalls
Have you ever been mid pentest with mainframe credentials and thought ‘now what?’ Or were you ever asked to do a mainframe pentest and didn’t even know where to start? Maybe you’re a sysprog and think your systems are impenetrable. No matter your background this course is for you!
This course provides training on mainframe penetration testing using the most recent and up to date attack vectors. Walking through techniques for gaining system access, performing end-to-end penetration tests, and teaching you to ‘own’ the mainframe.
After a quick overview of how z/OS works and how to translate from Windows/Linux to “z/OS” the instructors will lead students through multiple real world scenarios and labs against a real live target mainframe brought on site for the training. The areas explored in this course include VTAM, CICS, TSO, Unix and Web. Students will be given access to this mainframe environment for the duration of the course where they will learn to navigate the operating system, learn some of the misconfiguration targets and privilege escalation techniques. They will get introduced to the open source tools and libraries available for all the steps of a penetration test including Nmap, python, kali, and metasploit as well as being able to write their own tools on the mainframe using REXX, JCL, C and CLISTs.
The majority of the course will be spent performing instructor led hands on mainframe testing with tools provided by the instructors. Goals for each segment will be laid out with appropriate time afforded to students to allow them the ability to gain a deep understanding of how a mainframe pentest could and should be performed. Exercises will be based on real world attack scenarios.
While this class is outlined as a beginner class to mainframe hacking the attendee should have knowledge of IT security, penetration testing and very basic Python.
Students must bring their own laptop to class. This device should be capable of running VMware player/Fusion or Virtualbox. A virtual machine image will be provided prior to class.
If students wish to build their own here’s the required software:
Linux (Ubuntu, CentOS, Arch)
Nmap – current SVN version
Metasploit – Current nightly
X3270 Compiled from source
BIRP - with x3270 patches installed
Git client (to install tools discussed in the class, the virtual image has these tools pre-installed)