Here are the notes from our November meeting “Left of Boom”
After a great B-Sides event last month RISE is coming at ya with a great presentation for November. Rob Garbee will be presenting “Left of Boom”. Loosely based on the book Left of Bang by Douglas Laux we will be unpacking simple concepts that can assist in understanding what a network defender can know ahead of time to both predict and prevent “Boom” events. Furthermore, we will look at what happens after the “Boom” and what concepts and tools can be used to minimize damage and recover. Looking forward to seeing you all there.
Meeting location will be held at R&K Solutions in Roanoke VA.
November 11th @ 5:30 PM
2797 Frontage Rd NW Ste 1000
Roanoke, VA 24017
Robert Garbee is a Cyber Security Engineer working for the Carilion Clinic Information Security Department located in Roanoke Va. In this role, Robert is responsible for performing threat analysis, network assessments and compliance auditing for enterprise network systems located in various locations scattered across Virginia. He has more than 25 years of experience in information technology and during that time has held positions in information security, information technology and industrial security. His certifications have included Microsoft Certified Systems Engineer (MCSE), Cisco Certified Network Associate (CCNA) and most recently Certified Information Systems Security Professional (CISSP) and Certified Ethical Hacker(CEH). Robert is also a graduate of Liberty University and holds a Bachelor of Science degree in Business Management Information Security.
Well it’s all over now but man did we have fun. Check out a few pics from our BSidesROA event on Oct 2nd, 2021. Big thanks goes out to all our sponsors and attendees. Looking forward to the next one in the Spring of 2023.
A breakdown of the complex eco-system of ECrime Actors
Wizard Spider, Carbon Spider, Prophet Spider, no we’re not talking about the next Marvel movie, we’re talking about ECrime Actors. This month we have brought in Cristian Rodriguez from CrowdStrike to discuss how various ECrime groups operate and how they spread evil to organizations like yours. Christian will provide an overview of the observed tactics, techniques and procedures (TTPs) used by various groups and will allow us to see the nasty underbelly of the world of the Spider.
Cristian Rodriguez is a Sr. Sales Engineer with CrowdStrike, working with some of the largest global enterprise clients. His background includes the implementation and consultation of a variety of security tools, such as Endpoint Security, DLP Platforms, Mobile Security, Proxy and IDS/IPS technologies. Before working with CrowdStrike, Cristian worked with the likes of security resellers, NH&A & FishNet Security (now Optiv) and technology vendors such as Forcepoint, & Zimperium.
This will be both a live in person event as well as virtual via Zoom.
We want to thank ECPI for hosting this event. Looking forward to seeing you all there.
Thursday September 9th, 2021 @ 5:30pm @ ECPI Roanoke
5234 Airport Rd NW #200
Roanoke, VA 24012
Two new posts are now available on our YouTube site.
Ed Summer’s talk regarding Automation via Ansible and Rob Perry’s discussion regarding Space Weather. If you missed these meetings now is your chance to see the pros in action.
Automation via Ansible
“Those who shoulder disaster recovery responsibilities won’t want to miss this one. This presentation will introduce the topic of “space weather” and why you should be concerned about it, including strategies you can take to minimize the impact of some worst-case scenarios of solar cycle 25.” -Rob Perry
I get it, what the heck is space weather and why should I be concerned about it? Well Rob Perry is bringing us the goods again. If you have ever attended one of Rob’s presentations you know that he has a great ability to take a very complicated subject, break it down and make it fun and enjoyable with a slant toward security. His previous presentations on Block Chain and Quantum Computing were awesome and we expect this one to be just as good. Stay tuned for more information on this one.
Thanks to SyCom Technologies for hosting
What: Securing Against Space Weather
When: Thursday, August 12th, 5:30 pm
Sycom Technologies Colonnade Corporate Center 2800 Electric Rd #103c, Roanoke, VA 24018
Zoom invitation sent to email
Robert Perry is the Chief Information Security Officer (CISO) for Carilion Clinic, one of the largest hospitals and healthcare providers based in southwest Virginia, serving nearly one million in the Virginia community and surrounding areas.
As an expert in the technology industry, Mr. Perry’s charismatic speaking style and passion for technology and cybersecurity have made him a sought after speaker at conferences. Speaking topic range in areas including: cybersecurity systems, and tools, attack and counter attack cybersecurity response systems, authentication and access control.
Mr. Perry is a high performance IT leader with over 20 years’ experience managing cybersecurity, technology systems and networking. His business and technology experience has allowed Mr. Perry to align technology initiatives with corporate and organizational business objectives.
He holds dual masters degrees: Masters in Technology Management and a Masters of Business Administration (MBA). Mr. Perry’s licenses and certificates include: CISSP (retired), CISA, CCSP, and CCNA-Voice
We’re starting summer off with a great meeting that you’ll want to attend. Special Agent Michael Mehnert of the FBI’s Cyber Intrusions division will join us to discuss the ‘Current State of Affairs’. This is a fantastic opportunity to hear from someone who works with and understands contemporary events of cyber crime.
This will be an in-person only event – be sure to mark your calendar and plan to join us on July 8th! As an additional incentive – we will have pizza at this meeting sponsored by Fortinet!
What: FBI Cyber Intrustions “Current State of Affairs”
When: Thursday, 08 July, 5:30pm
We are very excited to let everyone know about our next live and in person RISE meeting on June 10th at 5:30pm at ECPI in Roanoke, VA. If you can’t make it in person or aren’t quite ready to venture out, that’s fine we will continue to stream the events via our Zoom meeting events. Our next speaker will be our own Ed Summers. Ed will be discussing automation via Ansible. See below…
Automation provides many benefits from “force multiplication” to improved configuration consistency. A modern IT professional should develop an understanding of automation capabilities and concepts congruent to their role in the ecosystem.
This month we’ll explore one such automation tool: Ansible. Initially released in 2012 and acquired by Red Hat in 2015, it is an open-source application for “provisioning, configuration management, application deployment, and intra-service orchestration”. It’s agent-less operation and ability to interface with a wide variety of manageable resources (operating systems, network appliances, container systems, cloud providers) helped it become a common name in automation circles.
The capabilities of Ansible are huge and we’re just going to take a peek. Join us for a blitz introduction to Ansible, some of it’s basic capabilities, and demonstrations of some potential use cases in the context of security. We hope to open your eyes to the possibilities and benefits of automation in your environment and encourage you to explore further how automation can help your team do more, do faster, and do consistently.
Ed Summers somehow lost his way as a Network Engineer and ended up architecting a secure cloud environment for data center migrations. Title-less between Network Engineer and Cloud Engineer, he finds ways to deliver data by understanding both the infrastructure and applications to distill true requirements from stated desires. His current role has forced him to quickly learn cloud environments and adapt traditional on-premises requirements and processes to the new realm. He continues to serve as a senior Network Engineer for an on-premises environment – digging through pcaps, mediating latency disputes, and commenting occasional iRules for one-off application requirements. Ed has done some pretty cool things in his near 20-year career but is never satisfied on his quest to learn more. In his spare time he enjoys learning Python, shooting, ice hockey, and raising his daughter to be better than him. He holds a B.S. in Electrical Engineering from Virginia Tech.
5234 Airport Rd NW #200
Roanoke, VA 24012
Virtual Meeting Info:
Zoom, more info coming
We will not hold a meeting for May – but do not fret! We already have June and July meetings in the works as well as some promising news for the return of in-person events!
RISE is closely watching reports that Virginia may remove gathering restrictions in June pending favorable metrics on vaccinations and infection rates. Keep an eye here on the RISE blog as well as RISE emails as the news develops.
We look forward to seeing you in June and thank you for your continued support!