For our next meeting we want to focus on all those remote workers, you know those guys that we kicked out the door in March and April. Now that we have an opportunity to look at what we have done, let’s discuss how well we secured our remote environments? Do you have concerns? Do you have some great ideas to share? This is your time to shine. We want your input and thoughts as we discuss how to secure remote infrastructure. Our speaker well give his thoughts and then we will open it up to discussions and thoughts afterwards.
September 10th, 5:30 PM, WebEx information will be sent via E-Mail
As the COVID-19 pandemic spreads across the US many organizations have reduced their physical employee presence and have moved to a remote workforce. This has resulted in many organizations to hastily provide a remote access solution to their employees. This has also, conversely, increased many organizations attack surface to insider or adversarial activity against their organization. In this talk I will be looking to address common shortfalls of these environments coupled with several war stories and defensive strategies to reduce the exposed risk.
Matt Burch is a seasoned InfoSec veteran with 17yrs of collective experience who has transitioned from defensive to offensive security tactics. This has led Matt to develop an understanding of defensive security challenges in addition to adversarial abuse of these strategies. Matt is a Principle Consultant with Optiv’s Threat Management – Attack and Penetration team. Over the past decade, Matt has fulfilled various Subject Matter Expert (“SME”) positions and currently maintains Optiv’s assessment methodology for Product Security Testing.
We have a great meeting lined up for this month. Tom Weeks or Tweeks as he is more commonly known has arranged for us to have a little fun at the Virginia Cyber Range. You won’t want to miss this one! Meeting time will be Thursday August 13th beginning at 5:30 pm. We will be covering quite a bit in this interactive session so please try to be on time if possible.
This will be a virtual meeting, with WebEx meeting info coming via email to our subscribers.
See below for more details on the event and for TWeeks Bio….
Tom Weeks (aka “Tweeks”), from Virginia Tech & The Virginia Cyber Range will be giving a hands on, Black Hat / White Hat, Cyber Range Workshop on Defending against hackers on public WiFi networks. Each workshop participant will get a Kali Linux VM and a vulnerable Windows 7 VMs running on the VA Cyber Range, and lab handout simulating a vulnerable laptop on a coffee shop or airport public wifi and how to defend against it.
Before joining Virginia Tech as a ‘Director of Future Technology & Community’, Tweeks spent over 17 years at Rackspace, a technical leader in managed cloud computing solutions. At both Rackspace and Virginia Tech, Tweeks has played key roles in technical innovation & design, as well as technical and STEM community outreach.
As a Cyber Range technical leader, Tweeks helps forge new Cyber Range product features, writes VM exercise & lab content, helps test & design cloud VM images, and handles VA state educator technical escalations.
In his free time, Tweeks helps run run and organize multiple, local STEM
communities. He provides community workshops on coding, arduino/electronics, robotics, and IT security at both public and Virginia Tech outreach events, and also holds monthly high power rocket launches at VT’s Kentland Farms.
 – https://www.virginiacyberrange.org/
 – http://vacr.io/airport-hackers
 – https://github.com/LetsCodeBlacksburg
 – http://nrvr.org/
I know that it seems that RISE has been out of sorts these past few months and the reality is that you’re not wrong. As you know many members of the core RISE team also serve as key team members on various Cyber teams within their own companies. With the onset of the Covid-19 pandemic we have been laser focused on setting up secure remote workforce solutions and protecting network resources as various attack patterns continue to rise. These efforts have resulted in us not being able to dedicate the time needed to ensure that the RISE presentations that you see are both content rich and well-polished. This is not what we desire nor will we continue down this path. I want to assure you RISE is focused on getting you the content that you need and want.
Each month we want to make sure that each presentation is polished and presented with a knowledgeable speaker. We also want to ensure that each meeting provides members an opportunity to socialize, share experiences and create comradery within the local Cyber community. Lastly, I want to assure you that RISE is not going away or losing steam. Your core team members are still dedicated to getting you presentations that are both relevant and content rich. With that being said, I want to let you know that we will need to cancel this week’s presentation. Due to work related duties we were not able to capture the details needed to ensure a polished presentation. This means that we will move forward with our scheduled presentation for July and it should be a good one. Please stay tuned as we will be sending out details within the next few days.
Again, we are sorry that we have had to cancel this week’s presentation and I promise this is not indicative of things to come, this is merely a small speed bump as we traverse these crazy times.
Stay safe and healthy and we look forward to seeing you all in July.
Due to restrictions on public gatherings, this month’s meeting will be virtual. Web conference connection info will be provided via the RISE Email List.
For May we will be presenting on the Good, the Bad and the Ugly of Multi-Factor Authentication or MFA. Seems these days we hear that the solution to all of our remote authentication woes is to deploy MFA. However how easy is it? Some might say it’s super easy, while others have concerns. In this session we will hash out those concerns, discuss success stories and discover some interesting things that the vendors don’t always tell you about. Join us this Thursday May 14 th at 5:30 online to engage in discussion and learning.
We will be meeting at ECPI (thanks Mike) in Roanoke on March the 8th at 5:30 pm. Our speaker will be Allen Surface from World Wide Technology, Inc. Allen will be discussing next generation WAN branch architecture with a focus on security. I spoke to Allen briefly about this methodology and it is honestly quite amazing. If you are a blue teamer responsible for protecting your network you should attend this session, if you are in management and are looking for ways to provide value to your security program, you should attend this session. Ahh heck, just come to the session. I have even included a MS Calendar appointment.
Disclaimer: This session will be vendor agnostic so if your planning on being sold something you won’t find it here.
Anyway, here are the details…
5234 Airport Rd NW #200
Roanoke, VA 24012
March 8th, 2018, 5:30 PM
Topic: Next Generation Wide Area Network (WAN)
Topic Summary: This session will briefly cover next generation WAN branch architecture with a focus on security. The networking industry is quickly transforming. To support digital business, infrastructure and operations leaders for networking must transform their networks from a fixed environment to an agile and intelligent environment that provides visibility and advanced security controls across the wide area network.
BIO: Allen has 20+ years working in the IT industry and now works at World Wide Technology (WWT) as a Consulting Solutions Architect where he focuses on SD-WAN, Security, and Cisco DNA. He has experience consulting in various verticals including large pharmaceuticals, defense contractors, retail, and healthcare.
Attempting to address all aspects of a Cyber Security program has always been part of the RISE mission, and our next meeting is an attempt to reflect that mission. Stephen Hamilton who is a Commercial Risk Specialist with HAWK Advisers Inc. and Helen Stevens who is Regional Executive with Travelers Global Technology have agreed to present for us on Gaining Perspectives on Cyber Risk Management.
I met Stephen last year while doing a Cyber Security presentation for local businesses and felt that given his experience dealing with Cyber Risk he would be an excellent choice for a presentation sometime. His availability was limited until now, so when I found out his schedule had cleared up I jumped at the opportunity.
Stephen and Helen’s presentation is designed to provide us, as security practitioners, the information we need to advise our management teams on how best to manage risk as well as what options are available when risk needs to be deferred to another party.
Stephen has agreed to open his business to us so we will be meeting at HAWK Advisers downtown at 5:30 pm. I have included the address below.
I am truly looking forward to this presentation and I hope that I will see you all there tomorrow Thursday the 8th at 5:30 pm.
206 Williamson Rd.
Roanoke, VA 24011
Point of reference:
Corner of Williamson & Tazewell (across from the Norfolk Southern Building – downtown Roanoke
Shameless ask for help
If you have an idea for a presentation or if you would like to present at a meeting or if you have a location to host a meeting, drop us a note at Roanokeinfosec@gmail.com.
We will be meeting on Dec. 14th at ECPI at 5:30 pm
Grant Sims will be presenting Oracle Ravello Cloud and how it can be used as a training platform, in a “Hack-Lab” scenario. The presentation will explain the benefits of utilizing the Ravello Cloud and how the underlying “Nested Virtualization” technology can expand our InfoSec training & testing capabilities. The short presentation will be followed by a demo of the Ravello platform and the “Hack-Lab” Grant has created within.
Grant Sims has been an IT professional for over the last 10 years. His professional path began as a Network Engineer for the US DoD and is now currently a Security Engineer for Advance Auto Parts. He has a passion for security and an even greater passion for sharing his knowledge! Grant claims not to be an expert of any kind but rather a firm believer in that we all possess knowledge and experiences to share that would benefit likeminded individuals.
5234 Airport Rd NW #200,
Roanoke, VA 24012
I’m sorry but we have had to cancel this meeting due to an unforeseen scheduling conflict at ECPI. We will be meeting next month.
Our next meeting will be on Nov. 9th at ECPI in Roanoke, VA. at 5:30pm. Our subject will be an Intro to KALI Linux. We will be going through some of the more popular tools such as Metasploit, AirCrack-NG and OpenVAS as well as Offensive Security cert paths.
More info about KALI below:
Kali Linux is a Debian-based Linux distribution aimed at advanced Penetration Testing and Security Auditing. Kali contains several hundred tools which are geared towards various information security tasks, such as Penetration Testing, Security research, Computer Forensics and Reverse Engineering. Kali Linux is developed, funded and maintained by Offensive Security, a leading information security training company.
5234 Airport Rd NW #200
Roanoke, VA 24012
The next RISE meeting will be July 13th at 5:30 pm at ECPI in Roanoke (address is below). Our discussion will be The Software Defined Enterprise, Building Security into the Infrastructure with Darrell Hix. This will fall right in line with our recent discussion of Zero Trust Networks and should be an excellent opportunity to dig deeper into how virtualization technologies are helping push the Zero Trust Network methodology forward.
Here is Darrell’s Bio.
Darrell has spent 25 years in the Information Technology field beginning as a system administrator, then as a System Engineer/Analyst, Data Center Architect, Enterprise Architect and now as his current role as a Technical Account Manager for VMware. He has worked with the Department of Defense, managed professional services teams for a System Integration firm, worked for Defense Contractors and now works for the leading virtualization and cloud software company in the world. His experience ranges from developing early secure messaging networks for the US Navy, designing enterprise virtual desktop architectures for a Fortune 500 defense contractor and leading an initiative to leverage cloud computing capabilities to better support software development teams for project collaboration. Darrell now acts as a technical adviser and advocate for key VMware, Inc. customers within the US Department of Defense spectrum.
5234 Airport Rd NW #200
Roanoke, VA 24012