LA/SoCal Cloud Security Alliance (CSA) Chapter Meeting

This is a past event

36 people went

Location visible to members


Come and join us as at your local chapter of the Cloud Security Alliance. Please RSVP in advance. We must have the names of all attendees by 3pm the day before the meeting. With that in mind, RSVP "YES" and change it later if required. This also requires that your MeetUp profile include your full name.

Subject: Ken, aka pwrcycle, will talk about Incident Response in general, covering many interesting incidents he has handled in his career over the last years working for the three largest DDoS companies. He will describe recent attack types, e.g. UDP Reflection floods abusing NTP, SSDP, and DNS.

After this, we will have time for a Q&A session, so bring all your incident response/DDoS related questions! The "scripted" part of the talk will be relatively short, so feel free to bring questions or other points of conversation.

Speakers: Ken aka pwrcycle

Ken is currently Principle DDoS Security Engineer for F5 Networks and his primary task is detecting and mitigating DDoS attacks.
(he was the "Jengo Fett" for their DDoS SOC in Seattle Washington.) He wrote and conducted all training materials, all Incident Response & Daily Routines and set the criteria for interview screening, and interviewed and approved SOC Engineer hires.

Ken worked before for the 3 largest DDoS companies: Prolexic (bought by Akamai), Verisign (DDoS SOC), and (bought F5 Networks). He worked also in Cupertino for Apple's SIRT. Some of the public incidents during his time at Apple were: Flashback, largest botnet; Pintsized, ATP malware targeting Silicon Valley companies; iOS in-app purchase via DNS hijacking.

Validated visitor parking is available starting after 6:30PM on parking level 1. Look for the signs that say "Visitor Parking." Bring your ticket with you so we can validate it before you leave. Entrance to the parking complex is available through the Cloverfield Boulevard entrance. Once you park, take the elevator from the yellow colored elevator bank up to the 1st floor. Walk to the security desk and tell them you are here for a the Cloud Security Alliance meeting at Cornerstone onDemand. Please bring a picture ID with you.

The CSA meets 10 times a year and we do not have meetings in July or December