August 2019 – Log Aggregation vs SIEM

36nl3k

Logs. We’ve talked about them in several presentations. “Maintenance, Monitoring, and Analysis of audit logs” is one of the basic CIS security controls. Security administrators have many choices in tools that handle logs, but do you really understand the purpose, function, and use case for each? What makes a “log aggregation” tool and a Security Information and Event Management (SIEM) tool different? When would you use one over the other?

Continue reading

Advertisements

Meeting Notes – Covering your aaS

cloudsecurity

We had a great turnout for our presentation on Cloud Security this month. Thank you to everyone who attended and special thanks to ECPI University for hosting! Ed Summers presented on securing commercial cloud environments by protecting critical identities. Click through for a link to the recording on the RISE YouTube channel, courtesy of R&K Solutions.

Continue reading

July 2019 – Hack the Box

Image result for hack the box

One of the most asked about topics at RISE meetings is “How do I become a Red Teamer?” or “What skills do I need for penetration testing?” As the “opposition force” of IT security, Red Teams have long held the most visible and alluring jobs in the realm of InfoSec. Shrouded in mystery they are known for their advanced skills that can penetrate even the most diligent of defenses. The role requires a breadth of IT system and application knowledge but also depth in several areas to understand fundamentals of operation and how to thwart them. This sometimes poses a barrier to entry to the new InfoSec professional uncertain about how to approach the myriad skills needed for success in the role.

Continue reading

Meeting Notes – Sniffing Active Directory with Bloodhound

Logo for Bloodhound

Aaron McPhall put together an excellent brief on using Bloodhound as a blue teaming tool to identify unknown or unintended avenues of privilege escalation in your Active Directory infrastructure. If you missed out – don’t despair! View a recording of the brief on the RISE YouTube channel.

Aaron has also made his slides available here.

RISE extends special thanks to the following for their support of this event:

ABS Technology – Hosting and fantastic refreshments

R&K Solutions – Live-streaming and recording support

SyCom SOC Launch Social

SyCom Technologies, a local IT solutions provider and RISE supporter, is holding a social event to celebrate the launch of their Security Operations Center. The event will be held on June 18th at Parkway Brewing in Salem, VA. Registered attendees will learn about this new cybersecurity offering and have the opportunity to network with other IT professionals over refreshments and appetizers courtesy of SyCom and their partner, Cybersafe Solutions. For more information, email SyCom at events@sycomtech.com.

(ISC)2 – Cyber Safety and Education for Children

Logo for the Center for Cyber Safety and Education

The Center for Cyber Safety and Education is a charitable organization formed by the cybersecurity professional organization (ISC)2. The Center provides educational materials designed to educate and raise awareness of cybersecurity and cyberbullying. Visitors to the site can find information on cybersecurity research, scholarships, and educational packages designed to teach cybersecurity to elementary children – including free, downloadable basic packages for classes up to 20 students. Materials present concepts and situations at a fundamental level so non-IT professionals can share the message of cyber safety.