Description: ISSA LA Lunch Meeting
Meeting Date: June 19, 2013 - 11:30 a.m. to 1:45 p.m.
Topic: Anatomy of the Comprised Insider
Statistics show that organizations today face an ever increasing threat from compromised insiders. These trusted end users routinely have their endpoint security tested by malware and virus’, and industry analysts are now questioning the current and future capability of anti-virus and anti-malware solutions to mitigate these threats. There are certainly enough high profile events over the past 2 years to demonstrate the problems of prioritizing security at the end-point.
This presentation will walk through the process of identifying targets for infection, tools for infecting end points and exploiting the compromised end-point. We will conclude with recommendations for new strategies to mitigate the effects of compromised insiders and data theft, and end with a technical demonstration, walk-through of compromising an insider and performing data extraction from the compromised end-point.
Speaker: Terry Ray
Terry Ray is the Vice President of Global Security Engineering for Imperva tm, Inc., the leading provider of data security solutions. At Imperva, Terry leads field, corporate and channel security engineers and, has personally designed and deployed data security solutions for hundreds of customers in various verticals including healthcare, financial services, government and eCommerce organizations. Terry is a frequent speaker for ISSA, OWASP, ISACA, Gartner and other professional security and audit organizations in the Americas and abroad.
Prior to joining Imperva, Terry worked in a variety of technical roles at Check Point Software Technology ltd., including enterprise security engineering and, partner and end-user technical instruction. Terry has lectured on network and data security topics, and taught professional security related product certifications in over 35 countries worldwide.
Since 2003, Terry has specifically focused his efforts in the data security space working with companies to secure, monitor and audit external and internal, both authorized and unauthorized activities to critical organizational resources.
SecureAuth is a technology leader in enterprise identity governance that serves hundreds of customers and over seven million users worldwide. Its SecureAuth IdP products offer Global 5000 companies a uniquely extensible, enterprise-proven method of administering corporate identity governance on mobile devices, cloud-based applications, and networks. These all-in-one solutions provide IT departments with a simplified way of managing and enforcing access, authentication, approval and assertion based on existing user entitlements. SecureAuth IdP works anywhere and is completely scalable. For the latest insight on enterprise identity governance and issues follow the SecureAuth Blog, follow @SecureAuth on Twitter, or visit www.gosecureauth.com for additional information.
Register early online before the Monday prior to the the event, and get a $10 discount!
ISSA-LA Members & Members of other ISSA chapters, OWASP, ISC2, CSA & Students: $20