Skip Main Navigation
Page Content

Save This Event

Event Saved

Looks like this event has already ended.

Check out upcoming events by this organizer, or organize your very own event.

View upcoming events Create an event

ISSA Open Source Security Tools Symposium

ISSA Portland Chapter

Thursday, March 20, 2014 from 8:30 AM to 12:30 PM (PDT)

ISSA Open Source Security Tools Symposium

Ticket Information

Ticket Type Sales End Price Fee Quantity
At-The-Door
Please bring $20 cash if you were not able to get registered ahead of time.
Ended $20.00 $2.09

Share ISSA Open Source Security Tools Symposium

Event Details

Join ISSA  for a special half-day symposium on the topic of Open Source Security. This will be the second symposium format event sponsored by ISSA this year (following up on the very successful Incident Response symposium held in October).


When: 
Thursday, March 20, 2014 - Doors open at 8:30AM.  The event will end at 1:30PM.  Lunch will be provided.
 
Location:  
Thank you to our colleagues at Nike for hosting this symposium on the west side.  The event will be held at the ED1 Air Max 360 Building;  The address is 15475 SW Koll Parkway.  Note that this is not the “main” Nike campus, but is nearby.  There is plenty of parking, and the ISSA event will be held on the first floor.  We will have a check-in desk visible for visitors.

 

Presentations: 
 
This symposium will feature several intriguing and educational presentations by experts in the area of Open Source Security.  Speakers will explore specific skills that security practitioners can take away in terms of using open source tools to achieve security, as well as provide an overview of where open source tools fit in with the commercial products in the marketplace.
 

Confirmed speakers include:

Vincent Stoffer is a Cyber Security Engineer at Lawrence Berkeley National Lab. Vincent has over 15 years of experience in computer security and networking with a focus on network forensics. As part of Berkeley Lab’s information security team, Vincent performs network traffic analysis, incident response, and technical consulting to improve the Lab’s cyber protections. Vincent has presented at technical conferences around the country on a variety of networking and security topics. Prior to coming to Berkeley Lab, Vincent spent 12 years at Reed College in Portland, OR as the Network and Security Administrator. Vincent holds the CISSP, GCIH and GCIA certifications. He attended Pitzer College in Claremont, CA and graduated with a BA in Humanities from University of Oregon.  
 
Vincent will be presenting Eyes Wide Open: Open Source Network Security Monitoring with Bro and Time Machine.  In this presentation, we will explore the powers of the Bro Network Security Monitor and Time Machine, two open source software projects which provide extensive logging, event alerting and packet capture for networks of all sizes. We will begin with an overview of network monitoring and some considerations for monitor placement. Then we will examine Bro and its origins before moving into an in depth look at the features and capabilities of Bro and Time Machine.  We will walk through demonstrations of custom Bro policies and show how Bro’s extensive logging can greatly enhance your incident response and network forensics toolkit. We will end with some real world examples of how Berkeley Lab is scaling up its Bro clusters (built on commodity hardware and running FreeBSD) to handle a 100G connection.

----

Chris Orr is a Senior Field Systems Engineer with Tripwire, Inc, where he has worked since September 2000. Initially hired to develop and deliver training materials for such golden oldies as Tripwire for Servers and Tripwire for Routers, Chris quickly moved on into the Systems Engineering group where he has been ever since. His role initially required him to provide technical assistance to regions covering 27 states and all of the Federal government, but as the company has grown his territory has been whittled down to the Pacific Northwest, Western Canada and Western Enterprise (which…when he thinks about it…is still the largest geographic territory in the company…). Currently based out of scenic Lake Stevens, WA, when not flying to such lovely places as Winnipeg or Boise, Chris is teaching his daughter how to play guitar or going on Scouting trips with his son.  Bowe Hoy is the Regional Director with Sword & Shield Enterprise Security, where he provides business development, consulting and project management, client relationship management, and operational services to support Sword & Shield's growing information security and compliance practice. Bowe also serves as the Vice President for the Portland ISSA chapter.

Chris and Bowe will be presenting on the SANS Top 20 Critical Security Controls;  These controls provide a prioritized framework organizations should have in place to effectively mitigate security risks in their environment. The presentation will include an analysis of some key open source tools used to implement these controls.

----

Michael Montecillo is the IBM Security Services North America Director of Security Intelligence. He has more than ten years of experience in information security, during which he has served as a Senior Threat Researcher on the X-Force Threat Analysis team, as a Vulnerability Management Coordinator and Forensic Investigator for state governments as well as a consultant and Principal Security Analyst for an industry analysis firm. Testament to Michael’s efforts he has won two State Police awards for Professional Excellence and has published more than 30 research articles. As the Threat Research and Intelligence Principal within IBM Security Services conducts research on emerging threat trends and works to ensure that client security needs are met with standard offerings.

Michael will be presenting The Open Nature of Security Intelligence. This talk will cover intelligence information developed from IBM’s security analysis. Methods for the development and integration of actionable information utilizing several open-source tools, techniques, and processes will be discussed.  Michael will explore the applicability of Threatparser, an open-source blacklist consolidation tool to show the simplicity with which information can be integrated into daily operations. The talk will finish by discussing pitfalls and how IBM integrates open-source security intelligence into daily operations.

Price:  

The symposium is  subsidized by chapter memberships and sponsors.  A nominal fee of $10 (member) / $15 (non-member) / $20 (at-the-door) will be charged. 

CPEs:
 
The chapter maintains proof of attendance for members but it is the members responsibility to ensure that these CPE's are credited to their respective accounts. This symposium will offer between 3-4 CPE hours.

Agenda: 

8:30 - Doors open and networking
9:00 - 10:30 - Eyes Wide Open: Open Source Network Security Monitoring with Bro and Time Machine
10:40 - 11:30 - Using Open Source Tools to Accomplish SANS Top 20
11:40 - 12:30 - The Open Nature of Security Intelligence
12:30 - 1:30 - Lunch and networking opportunity

Chapter Sponsors

ISSA Portland would like to thank our 2013-2014 program year sponsors, who help make high quality programs like this possible:

Platinum Sponsor:  Rapid7

Gold Sponsor:  IBM

Silver Sponsor:  Sword & Shield Enterprise Security

Have questions about ISSA Open Source Security Tools Symposium? Contact ISSA Portland Chapter

When & Where


Nike, Inc (ED1 Air Max 360)
15475 SW Koll Parkway
Beaverton, OR

Thursday, March 20, 2014 from 8:30 AM to 12:30 PM (PDT)


  Add to my calendar

Organizer

ISSA Portland Chapter

http://portland.issa.org/

 

The Information Systems Security Association (ISSA)® is a not-for-profit, international organization of information security professionals and practitioners. It provides educational forums, publications and peer interaction opportunities that enhance the knowledge, skill and professional growth of its members.

With active participation from individuals and chapters all over the world, the ISSA is the largest international, not-for-profit association specifically for security professionals. Members include practitioners at all levels of the security field in a broad range of industries, such as communications, education, healthcare, manufacturing, financial and government.

The primary goal of the ISSA is to promote management practices that will ensure the confidentiality, integrity and availability of information resources. The ISSA facilitates interaction and education to create a more successful environment for global information systems security and for the professionals involved.

  Contact the Organizer

Please log in or sign up

In order to purchase these tickets in installments, you'll need an Eventbrite account. Log in or sign up for a free account to continue.