Webcast: “How to Present” [BHIS]

We always ask for new people to step forward and present at a RISE meeting. You bring variety to the group in your experiences and delivery. But maybe you’ve never presented before, or walked away from a bad experience presenting in another forum. You’re looking for advice on how to get back behind the podium. Or you just enjoy an entertaining webcast.

Check out this webcast from Black Hills Information Security titled “How to Present: Secrets of a Retired SANS Instructor”. John Strand and friends share some of their sage advice from combined years of experience presenting to all manner and sizes of audience. These folks speak at the top conferences, face tough criticism, and know when not to drink the water. Anyone would benefit from the lessons they share – why not take advantage of community wisdom?

After you’ve watched the video send us an email at info@roanokeinfosec.com with your presentation topic for our next meeting!

October 2020 – Defense Against the Dark Arts

Our October meeting will be a joint event with the Roanoke-Blacksburg Technology Council. As this is a special event, please note the special date and time and that registration is required

We work tirelessly to bring you a variety of InfoSec content every month. We talk about blue team, identity management, SIEM, and even legal issues. But we know….we know it’s the dark arts you fancy. This month we’re teaming up with our friends at the Roanoke-Blacksburg Technology Council to bring you a double benny:  deep technical content presented by local talent!

Continue reading

Sept – Securing Virtual Desktop Infrastructure

For our next meeting we want to focus on all those remote workers, you know those guys that we kicked out the door in March and April. Now that we have an opportunity to look at what we have done, let’s discuss how well we secured our remote environments? Do you have concerns? Do you have some great ideas to share? This is your time to shine. We want your input and thoughts as we discuss how to secure remote infrastructure. Our speaker well give his thoughts and then we will open it up to discussions and thoughts afterwards.

Meeting time:

September 10th, 5:30 PM, WebEx information will be sent via E-Mail

Presentation summary:

As the COVID-19 pandemic spreads across the US many organizations have reduced their physical employee presence and have moved to a remote workforce. This has resulted in many organizations to hastily provide a remote access solution to their employees. This has also, conversely, increased many organizations attack surface to insider or adversarial activity against their organization. In this talk I will be looking to address common shortfalls of these environments coupled with several war stories and defensive strategies to reduce the exposed risk.

Speaker BIO:

Matt Burch is a seasoned InfoSec veteran with 17yrs of collective experience who has transitioned from defensive to offensive security tactics. This has led Matt to develop an understanding of defensive security challenges in addition to adversarial abuse of these strategies. Matt is a Principle Consultant with Optiv’s Threat Management – Attack and Penetration team. Over the past decade, Matt has fulfilled various Subject Matter Expert (“SME”) positions and currently maintains Optiv’s assessment methodology for Product Security Testing.

August 2020 – Cyber Range Workshop / Defending against hackers on public WiFi networks

Hello all,
We have a great meeting lined up for this month.  Tom Weeks or Tweeks as he is more commonly known has arranged for us to have a little fun at the Virginia Cyber Range.  You won’t want to miss this one!  Meeting time will be Thursday August 13th beginning at 5:30 pm.  We will be covering quite a bit in this interactive session so please try to be on time if possible.
This will be a virtual meeting, with WebEx meeting info coming via email to our subscribers.
See below for more details on the event and for TWeeks Bio….

Tom Weeks (aka “Tweeks”), from Virginia Tech & The Virginia Cyber Range[1] will be giving a hands on, Black Hat / White Hat, Cyber Range Workshop on Defending against hackers on public WiFi networks[2]. Each workshop participant will get a Kali Linux VM and a vulnerable Windows 7 VMs running on the VA Cyber Range, and lab handout simulating a vulnerable laptop on a coffee shop or airport public wifi and how to defend against it.

Before joining Virginia Tech as a ‘Director of Future Technology & Community’, Tweeks spent over 17 years at Rackspace, a technical leader in managed cloud computing solutions. At both Rackspace and Virginia Tech, Tweeks has played key roles in technical innovation & design, as well as technical and STEM community outreach.
As a Cyber Range technical leader, Tweeks helps forge new Cyber Range product features, writes VM exercise & lab content, helps test & design  cloud VM images, and handles VA state educator technical escalations.
In his free time, Tweeks helps run run and organize multiple, local STEM
communities. He provides community workshops[3] on coding, arduino/electronics, robotics, and IT security at both public and Virginia Tech outreach events, and also holds monthly high power rocket launches at VT’s Kentland Farms.[4]

[1] – https://www.virginiacyberrange.org/

[2] – http://vacr.io/airport-hackers

[3] – https://github.com/LetsCodeBlacksburg

[4] – http://nrvr.org/

July 2020 – Password Attack and Defense

We’re back!  RISE is back for the month of July.  Once again, we will be hosting a virtual meeting, but we are hopeful that we will be able to meet in person again very soon.  This month we are going to cover end to end password attack and defense.  So, what does that mean exactly?  First, we will cover how nefarious actors steal your user’s credentials and how they use it, then we will discuss what free tools are available to audit passwords and defend against such attacks.   Topics covered will be things like Hunter.io, Phishing-Frenzy, Password Spraying, Hash-Cat, DPAT, have i been pwned, MFA and others.

This will be a high-level overview of the entire kill chain process however if we determine that more discussion is needed in one area, we will discuss getting it on the calendar for a more in-depth review.  I am looking forward to seeing all of you at the next meeting.  Be on the look out for more information regarding online meeting information.

Meeting scheduled for 5:30 pm, July 9th.  Online meeting details sent via email, please subscribe to the mailing list for more information.

See you all soon

Speaker BIO:

rob

Robert Garbee

Twitter: @robgarbee

RISE: Roanokeinfosec.com

Robert Garbee is a Cyber Security Engineer working for the Carilion Clinic Information Security Department located in Roanoke Va.  In this role, Robert is responsible for performing threat analysis, network assessments and compliance auditing for enterprise network systems located in various locations scattered across Virginia.   He has more than 25 years of experience in information technology and during that time has held positions in information security, information technology and industrial security.   His certifications have included Microsoft Certified Systems Engineer (MCSE), Cisco Certified Network Associate (CCNA) and most recently Certified Information Systems Security Professional (CISSP) and Certified Ethical Hacker(CEH).  Robert is also a graduate of Liberty University and holds a Bachelor of Science degree in Business Management Information Security.

As a founder of the Roanoke Information Security Exchange (RISE) Robert has been asked to present to both local business leaders and community service groups.  Additionally, Robert has provided commentary for featured articles in the Roanoke Times and for WSLS News 10 in Roanoke, VA.

Robert can be contacted via the RISE website at Roanokeinfosec.com, or via email at robgarbee@yahoo.com or via Twitter @robgarbee.

 

 

Meeting Notes – April 2020

Sorry for the delay, folks! We’re working to get back up to speed and ensure we keep you up-to-date with our meeting recaps.

Our April virtual meeting was an overview of Software Defined Wide Area Networking (SD-WAN). Johnny Hatfield and Stephen Watkins of Fortinet joined us to discuss the technology, how it is changing networking, and the benefits it brings to network security. Watch the recording on our YouTube channel:

Link to April meeting YouTube video

If you’d like to get in touch with the speakers:

Johnny Hatfield
Fortinet
Major Account Manager
804-852-3786
jhatfield@fortinet.com

References:

SDxCentral – Articles, white papers, and information on SD-WAN and related technologies

June Announcement

I know that it seems that RISE has been out of sorts these past few months and the reality is that you’re not wrong.  As you know many members of the core RISE team also serve as key team members on various Cyber teams within their own companies.   With the onset of the Covid-19 pandemic we have been laser focused on setting up secure remote workforce solutions and protecting network resources as various attack patterns continue to rise.  These efforts have resulted in us not being able to dedicate the time needed to ensure that the RISE presentations that you see are both content rich and well-polished.   This is not what we desire nor will we continue down this path.  I want to assure you RISE is focused on getting you the content that you need and want.

Each month we want to make sure that each presentation is polished and presented with a knowledgeable speaker.  We also want to ensure that each meeting provides members an opportunity to socialize, share experiences and create comradery within the local Cyber community.   Lastly, I want to assure you that RISE is not going away or losing steam.  Your core team members are still dedicated to getting you presentations that are both relevant and content rich.  With that being said, I want to let you know that we will need to cancel this week’s presentation.    Due to work related duties we were not able to capture the details needed to ensure a polished presentation.  This means that we will move forward with our scheduled presentation for July and it should be a good one.  Please stay tuned as we will be sending out details within the next few days.

Again, we are sorry that we have had to cancel this week’s presentation and I promise this is not indicative of things to come, this is merely a small speed bump as we traverse these crazy times.

Stay safe and healthy and we look forward to seeing you all in July.

May 2020 – Multi-Factor Authentication – The Good, The Bad and The Ugly

Due to restrictions on public gatherings, this month’s meeting will be virtual. Web conference connection info will be provided via the RISE Email List.

For May we will be presenting on the Good, the Bad and the Ugly of Multi-Factor Authentication or MFA.  Seems these days we hear that the solution to all of our remote authentication woes is to deploy MFA.  However how easy is it?  Some might say it’s super easy, while others have concerns.  In this session we will hash out those concerns, discuss success stories and discover some interesting things that the vendors don’t always tell you about.  Join us this Thursday May 14  th at 5:30 online to engage in discussion and learning.

BSides Roanoke 2020 Postponed – New Date May 22nd, 2021.

BSides Roanoke logoAs we continue to follow the events of Covid-19, the guidance from our local CDC and local government we know we are treading in uncharted waters. We want to ensure that we are not only successful in presenting valuable content, but also successful in protecting the safety of our sponsors, presenters and participants.

To that end, after consulting with our sponsors and Virginia Western Community College, we have decided to postpone BSidesROA to May 22nd, 2021. I know like us that many of you were very excited to participate in the inaugural BSidesROA event this year, and like you we hate that we are having to postpone. However, we will be back next year bigger and better! Rest assured that all tickets that have been purchased in 2020 will be valid for the new date in 2021. Please continue to stay safe as we navigate this unusual situation.

Please feel free to reach out to us at any time via our email at info@roanokeinfosec.com or via our website at bsidesroa.org. We look forward to seeing all of you in May 2021.

Thank you,
Your BSidesROA Planning Team