| Upstate SC ISSA
Global Voice of Information Security
Why Upstate SC ISSA?
- Involved Local Information Security
- Learning Opportunities for All Members
- Monthly Chapter Meetings for Learning &
World Resources with Practical Experience
- Exciting "Hack the Flag" Learning Sessions
- Continuing Professional Education (CPE)
Credits for CISSP Certification
Next Chapter Meeting - Friday, Sept 6th, 2013 - 11:00AM to 12:30PM
join us for our next Upstate SC ISSA meeting held at the ECPI location
in Greenville, just off the I-385 and Roper Mountain exit. The meeting
- *Network Security
Monitoring with Security Onion
Network Security Monitoring with Security Onion
Traditional Intrusion Detection Systems (IDS) can be costly, difficult
to install, and may not provide all the capabilities that you need to
defend your network. Network Security Monitoring (NSM) combines
traditional IDS alerts with additional data to give you a more complete
picture of what's happening on your network. This presentation will
demonstrate how you can use a free Linux distro called Security Onion
to peel back the layers of your network in just a few minutes.
*About the Speaker*
Doug Burks has over 10 years experience in Information Security. He has
worked in many organizations over the years, including government
facilities, chemical plants, and the media industry. Doug is currently
the Deputy CSO for Mandiant and a SANS Community Instructor. He
is one of the few people in the world to have passed the SANS GSE exam
and also holds a Bachelor's degree in Computer Science and the GCFA,
GPEN, GCIA Gold, GCIH, GSEC, and CISSP certifications. Doug created and
is the lead developer of Security Onion, a free Linux distribution for
Intrusion Detection, Network Security Monitoring, and more. You can
read more about Doug by visiting his blog at
- Bootable Live DVD versions of Kali Linux
(formerly known as BackTrack) will be made available to attendees.
- Lunch is free to ISSA Chapter members
or $5 for non-members. If you'd like to eat lunch with us, please
RSVP to firstname.lastname@example.org at least 24 hours prior to the
meeting and mention you would like lunch ordered.
| Past Events (20120925- reconstructing
past events list)
12/01/11 - Security Jeopardy!
10/07/11 - October Meeting - Web Access Management
Data Loss Prevention - CA Principal
Consultant Dale Huggins will be present to speak on the
Web Access Management: Challenge of the
proliferation of web based applications (old content
but builds on the current trends); Challenge of bringing on a company’s
resources after an acquisition; Importance of a centralized
authentication engine; Why username/password isn’t really enough
strength any longer; How strong authentication supplements access
Loss Prevention: Importance of know what data exists in the
environment; Knowing who has
access to said data; What avenues does data have to get outside
the environment; Cost of what happens when data leaks occur; How DLP
protects organizations from leaked data
09/02/11 - Advanced Evasion
Techniques - From Past to Current - Stonesoft
This presentation will provide a brief history of evasions, examples of
common and not-so-common examples, discuss how they've evolved. This
session will provide an overview of previous and current research
papers, including those from H.D. Moore and thoughts on some of
Gartner's research notes. There will also be a live demonstration of
some R&D tools used to show Advanced Evasions targeting many of the
known IPS vendors in the marketplace. We will also touch on some
best-practices to protect against AETs
08/05/11 - Understanding Risk and
- Mike Holcomb, Information Security Manager at Fluor and President of
the Upstate SC ISSA Chapter, will be talking about how IT and Security
professionals must understand various types of risks and how to reduce
and eliminate these risks. Additionally, the Vulnerability Assessment
process will be examined as a tool for eliminating risk.
07/01/11 - Verifying the
Performance and Effectiveness of Next-Generation Security Devices
Bob Usher from BreakingPoint and our sister Chapter in Charlotte, NC,
will be on hand to discuss issues with current security systems such as
firewalls and how they can "leak" unauthorized traffic.
will look at the "Next Generation" of security controls and how to
effectively evaluate their security as well to address
vulnerabilities and associated risk.
05/05/11 - Stuxnet: How to Hack a
Nuclear Power Plant - Ali Alwan, Check Point Software Technologies
deep dive into just how Stuxnet works, what propagation vectors are
used, which vulnerabilities are taken advantage of, and the end game
for the Stuxnet authors.There is no arguing about the success of
Malware writers are no different than other software authors - they use
good code. With the decompiled source code for Stuxnet now freely
downloadable on the Internet the threat of Stuxnet is far from over.
You simply cannot protect yourself from current generation threats like
Stuxnet with yesterday's defenses.
04/01/11 - Mining Sensitive Data
From Images - Dennis Kuntz,
co-organizer of BSidesGSO
tools today expect sensitive data to reside in string-based data.
However, that leaves many types of image-based documents (again faxes
and scans are notable examples) that may contain the same type of data,
but that do not avail themselves to the same type of
searching/analysis. Enter command-line OCR.
03/04/11 - Introduction to
- Jimmy Caldwell will be providing the Chapter with an introduction to
Wireshark, including the basics of installing and using Wireshark as
well as functional concepts such as capturing data on a switched
network and working with display filters.
11/19/10 - Information Security
and Lean Six Sigma
- In this presentation, Bob Usher from Breaking Point Systems, will
introduce attendees to the various business management strategies of
Lean Six Sigma and how they apply to implementing Information Security
within each of our environments. IT and InfoSec professional
alike will find valuable information in this presenation in making
their own IT and security practices more efficient while reducing costs
in this "lean" way of thinking that focuses on reducing waste wherever
possible. Areas to be covered include securing infrastructure
components such as routers, firewalls, IDS/IPS and load balancers.
08/20/10 - The Anatomy of a Web
Attack - Dennis Pike, Data Network
Solutions, Chapin SC
Learn about the "State of the Web" including the past years top web
categories and attacks as well as how these top attacks work and how
new Dynamic Link Analysis tools can help you stop them.
3/24,27/10 - Ethical Hacking
02/19/10 - Tasting Poisons:Safely
Testing the WiFi HotSpot
- Please join us and Matthew Gardenghi, the Computer Security
Coordinator for Bob Jones University, for this presentation which will
discuss the threats posed by a WiFi hotspot and techniques to safely
test the environment for threats.
01/15/10 - Ethical Hacking
- From Basics to Advanced Techniques
Join us for a newly updated version of one of our most popular
presentations which covers the various phases of penetration testing
along with a discussion on what "Ethical Hacking" means in the
Information Security industry today. From Information Gathering to
taking complete control over a remote system, the presentation will not
only provide an overview of each of the Penetration Testing phases, but
also present real-world examples of recently conducted Ethical Hacking
exercises. Additionally, we'll spend time looking at the latest
BackTrack 4 Pre-release candidate with the finalized BackTrack 4
version to be released soon.
12/18/09 - Security Jeopardy!
11/20/09 - Securing your Network
with PCI Compliance Guidelines
- Join us and Qualys (www.qualys.com) for this month's presentation on
PCI Compliance and keeping your network secure. While
organizations that process and store credit card information must
adhere to the PCI Compliance Regulations, every organization that is
looking to secure their organization or is currently maintaining a
secure environment can learn various aspects of network security from
the same Compliance guidelines. Every network, system and security
administrator is guaranteed to take away valuable information in
helping to secure their environments from this presentation.
10/16/09 - Focusing on Your
InfoSec Career - Jeff Busby, branch manager for Sapphire
Technogies in Greenville SC.
Whether you are new to the industry or an experienced InfoSec veteran,
it is now more important than ever to examine (or re-examine) your
current career path with today's current economic environment and job
Please join Sapphire Technologies' Jeff Busby in a look at the current
job landscape and certification discussion to how to sharpen your
skills and your resume at the same time. With over 50% of
Information Security professionals today unsatisfied with their current
roles and responsiblities, make sure that you aren't one of the unlucky
09/18/09 - Security Logging, Event
Detection and Event Correlation - ArcSight’s
Trevor Welsh discussed the importance of system logging as a detective
AND proactive security tool within your environment.
in today's IT environments, many system and security administrators
find they don't have the time to review system logs, only using such
information in the event that a compromise has already occurred.
But what if these events could be used proactively to address existing
security concerns and prevent future security issues?
07/17/09 - Tokenless Two-Factor
Authentication - PhoneFactor’s
Greg Valenstein lead a discussion, presentation and demonstration about
most companies, information security is a top priority. Demand for
protecting data and employee confidentiality is only continuing to
grow, especially in industries that require a regulatory-compliant
environment. However, applying user names and passwords for
authentication is insufficient. While two-factor authentication
is an effective security solution, traditional token-based systems have
been difficult to implement and administer, leading to limited adoption.
06/19/09 - June Meeting - Securing
Internet Availability from MPLS to BGP & VPN's
Over the years, many different communication technology's have evolved
for office to office connectivity ranging drastically from costs,
performance and complexity. From MPLS-to-BGP-to-VPN, there are numerous
options to weigh - all while trying to still provide simple
security and easy high availability. In addition, investing in
additional connections for HA can also help increase network
performance for no additional cost - if you know how. With today's
economy, companies are looking at more cost effective ways to provide
connectivity, while not compromising security or costs.
This discussion will review each of the options, weighing options but
also highlighted cost effective approaches to deliver enterprise
performance, availability and security for smaller organizations via
04/17/09 - April Meeting - eDiscovery & Digital
Forensics, The New Corporate Tools -
a follow-up to our February meeting
discussion which began to address Data Forensics, Clay Boswell,
Information Security Director at Sealed Air & our Chapter Vice
President, will be looking at the wide variety of tools used in an
enterprise's eDisovery and Digital Forensics program. Also, we'll be
providing a preview of the new BackTrack 4 Beta penetration testing
03/20/09 - March Meeting - Cyber Threat -
Underground Economy - The Symantec Report on the Underground
Economy is a survey of cybercrime activity in the underground economy.
It includes a discussion of some of the more notable groups involved,
as well as an examination of some of the major advertisers and the most
popular goods and services available. It also includes an overview of
the servers and channels that have been identified as hosts for
trading, and a snapshot of software piracy using a file-sharing
protocol in the public domain.
- 03/18/09 - - ATLANTA SECUREWORLD Conference - Conference
topics include, Security Policy Conmpliance, Defense Against Dark Bots,
and Informatin Risk Leadership.
- January Meeting - Hack the Flag! - Each four hour session
is designed for both the experienced security professional and those
new to the field of penetration testing. We'll cover performing network
reconnaissance, along with a wide variety of pen testing techniques and
ultimately gaining control over resources in a typical Windows &
Cisco based environment seen implemented in most SMB environments today.
12/20/08 - Ethical Hacking Workshop
10/17/08 - October Meeting -
You're Compliant - But Are You Secure? -
Dan Ramaswami, Senior Security Engineer with Sourcefire
(www.sourcefire.com), will discuss the importance of creating a
security program that protects your enterprise and produces compliance
as a by-product. Any compliance effort that focuses strictly on a given
set of requirements to check off will not produce long-lasting success.
If security is built into your operations, and your mindset, you will
be better able to handle changes in existing rules and new regulations
that come up. As we know they will.
- September Meeting - Web
Application Hacking for Web Developers
How safe are your web applications? You’ll think twice after seeing how
Foundstone security experts dig into their hacker's toolbox and rip
open web applications by exploiting simple software bugs. Common
problems such as Cross-Site Scripting (XSS) and SQL Injection will be
demonstrated and explained, along with more subtle vulnerabilities
including privilege escalation, data tampering, and Cross-Site Request
Forgery. Even if you've seen XSS and SQL Injection before, advanced
techniques will be presented that can slip through many protections. As
a finale, the holy grail of web security will be broken with a
Man-In-The-Middle attack on SSL. Countermeasures to prevent mistakes
will then be shared. Join us for this guaranteed informative discussion
with Dean Saxe, Managing Consultant with Foundstone Professional
- August Meeting - Jeff Busby
Technologies will be discussing successful strategies for new and
established members of the Information Security field. What value do
security certifications truly hold? How do certifications compare to
degrees? What's the overall outlook on the job market place today for
InfoSec professionals? Bring all of your career questions for Jeff for
what should be a lively discussion!
- July Meeting - IBM's Information Security Systems (ISS)
from ISS presented on the various threats that present risk against
environments today and explained how the current threat environment has
evolved over the years.
- June Meeting - Chris Knox, Stalwart Systems
Knox, Security Engineer for Stalwary Systems, provided an overview of
conducting a vulnerability assessment for a company. Chris also shared
various penetration testing techniques along with his interesting
- May Meeting - Robert Hamod, Federal Bureau of
Robert Hamod of the FBI came to discuss Information Security
today with special "Notes from the Field". We'll also discussed how the
private sector can work more closely with government agencies like the
Federal Bureau of Investigation in cyber security matters, taking
advantage of great resources like the Infragard organization (http://www.infragard.net/).
- April Meeting - Uncovering Secret Botnet Communication
and Evil Botnet Herders
Fraizer, Network Security Engineer for NuVox, presented an overview of
some of the law enforcement online and private individual efforts in
infiltrating botnets in an effort to identity their creators and
eliminate the risks presented by these individuals and their zombie
- March Meeting - Penetration Testing with the Metasploit
Holcomb, Chapter President and Network Security Engineer for
NuVox, presented an overview of the Metasploit Framework and it's
unique features in aiding penetration efforts and validating discovered
- February Meeting - Vulnerability Assessment Process with
Holcomb, Network Security Engineer for NuVox, presented an
overview of the Penetration Testing process and introduced the
BackTrack Live CD with its collection of security testing tools.
| Licensing Information
This website was built solely with original graphic work from
the designers at i3dTHEMES.com.
Please review the image licensing information here: LICENSING