Please join us for our May 2018 Meeting. 2 technical talks followed by networking. This month we will be at Campus Management Corporation, near FAU (address: 5201 Congress Ave, #220A, Boca Raton, FL 33487), but north of Yamato off Congress.
PARKING INFO: Unless otherwise marked, parking is open. Enter thru the main double doors facing Congress Ave. Nearest of 2 staircases is to the right, and the door has the Campus Management Logo.
Networking will be at Miller's Ale House on Yamato.
This month we have 2 of our long time members speaking.
Speaker 1 will be Pete Nicoletti, Chief Data Officer of Cybraics and former CISO for Hertz, among many other positions.
Topic: AI and Machine Learning based Analytics: Real World Challenges and Successes
Abstract: As the global IoT device count fast approaches 20 billion, there are a significant number of challenges in maintaining the security of IoT environments and the risks and compromises continue to increase. For example: 1. IoT devices typically do not have full Operating Systems so traditional endpoint solutions can not be used. 2. Other IoT devices have challenges with upgrades not being maintained and known vulnerabilities being left in the device and exploitable via the network. 3. Other IoT networks are intended to be “air-gapped” to prevent Internet based risks for compromising devices and traditional update processes, gateway tools and monitoring are not usable. 4. Some IoT device networks are huge and those devices create significant log volume that traditional approaches with log analysis tools with human reviews cannot keep up with. 5. Zero day IoT compromises can present significant risks to the public and are hard to identify as they occur. 6. Well-funded nation-states and cyber criminals are targeting IoT devices for nefarious use. Our talk will review those challenges quickly, and then cover the types of behavior and evidence that AI and ML analytics can identify as risks. We will discuss the log sources that should be used as well as other log sources that do not have value. We’ll discuss how to “hunt” for issues as well as reviewing some other information gathering tools and forensic reporting approaches. Finally, we’ll discuss some of the future developments we expect in this space.
Speaker 2: Jorge Ochilles, past SFISSA President, SANS Instructor, etc.
Topic: Adversary Emulations - Taking Attack Models and Penetration Testing to the Next Level
Abstract: It is extremely rare that a single vulnerability causes a critical, direct risk to your entire environment. In reality, it is what the attacker does with the access gained that matters most. In this talk we will talk about maturing our attack models to gain enough intelligence to simulate the Tactics, Techniques, and Procedures of the adversary against our entire environments. Attackers do not limit themselves to one application, instead they look at your organization holistically to formulate an attack that achieves their objectives. We will discuss an adversary emulation framework and share a case study of it in action.