Author: roanokeinfosec

CANCELLED – September 2018 – Software Exploitation (Part 2)

/ roanokeinfosec

Biohazard symbol overlayed on some assembly code

Update: Unfortunately we are cancelling the September meeting due to weather. We will reschedule this presentation for our next regular meeting on 11 October.

September is National Preparedness Month – so prepare yourself by joining us at the next RISE meeting to better understand the threats facing your IT systems. We will continue to explore tools and techniques that attackers use to exploit software for code execution and shell access.

Continue reading

July 2018 — ISE ISE Baby

/ roanokeinfosec

RISE is excited to announce our July meeting – a cook-out hosted by ABS Technology! We are asking for RSVPs for this event so please read below if you plan to attend.

Our next meeting on Thursday, July 12, will be held at ABS Technology’s office in downtown Roanoke. Join us at 5:30pm for some great food in the view of Roanoke’s Downtown Historic District. Don’t worry about that summer heat as there will be plenty of ISE…Cisco Identity Services Engine. Speaker Lee Berdick will introduce ISE and discuss how it provides secure network access to users and devices.

Date: Thursday, July 12, 5:30pm

Address: ABS Technology, 109 Norfolk Ave, 2nd Floor, Roanoke, VA

RSVP REQUESTED! Please respond to roanokeinfosec@gmail.com if you will be there so we may estimate attendance. Free parking information will be provided to those who RSVP in advance. We don’t normally ask for this and appreciate your understanding so we can help our hosts plan for this special event.

Topic: Cisco ISE

Cisco ISE allows you to provide highly secure network access to users and devices. It helps you gain visibility into what is happening in your network, such as who is connected, which applications are installed and running, and much more. It also shares vital contextual data, such as user and device identities, threats, and vulnerabilities with integrated solutions from Cisco technology partners, so you can identify, contain, and remediate threats faster.

Speaker Bio: Lee Berdick
Lee joined ABS Technology in 2017 as a Senior Solutions Consultant. He graduated from Florida State University with a degree in Information Studies and a Graduate Certificate in Library Information Science.

Lee has been passionate about the IT field since he was 17 years old. It has been a central focus and interest in his life that led him to his career path. He holds several certifications including Certified Cisco Network Associate, Certified Cisco Design Associate, ITILv3, Palo Alto Networks Accredited Configuration Engineer, Splunk – SE I.

Outside of IT, Lee produces and DJ’s electronic dance music and has an extensive vinyl record collection with over 3,500 pieces.

dt080404

(source: dilbert.com)

June 2018 — Harden Your Defenses

/ roanokeinfosec

harden_your_defenses

Mark your calendars to join us on Thursday, June 14th, at R&K Solutions for the next RISE meeting! This month Nate Sykes and James Gray will tag-team to present tools for risk management, compliance, and hardening your Windows-based servers. Learn about resources freely available on-line from the Defense Information Systems Agency such as Security Technical Implementation Guides, checklists, and scripts to ease implementation of secure configurations.

Address: R&K Solutions,  2797 Frontage Rd NW, Roanoke, VA 24017

security_controls

Topic: Harden Your Defenses – Host-based Security in your Risk Management

Summary:

In the next RISE meeting we’ll be discussing one of the layers of Defense in Depth. Specifically, host-based security and how to implement Operating System hardening for Windows systems. We’ll be covering What, How, and Why. DoD Security Technical Implementation Guides (STIGs) will be used to create a secure baseline that you can deploy over and over to improve host-based security in your network. We’ll also be discussing how this maps to risk management and compliance framework controls, and how that can bring value to your organization.

Speaker Bios:

Nate Sykes

Nate Sykes is the IT Director at R&K Solutions and one of the founding members of RISE. Nate has worked in all areas of system and network administration. He has been involved in different aspects of security for the last 6 years, mostly involving prevention and detection. He holds GSEC, GMON and Security+ certifications.

James Gray

James Gray is a security professional working in operations and risk management. Some projects involve continuous monitoring, cloud security, and enterprise compliance. His professional history includes software quality assurance (QA/testing) management, training media development, counseling, education, driving buses, and bagging groceries. When he isn’t managing risk, James can be found enjoying the outdoors, gaming, and thinking about things.