Episode587

From Paul's Security Weekly
Jump to: navigation, search

Recorded December 20, 2018 at G-Unit Studios in Rhode Island!

Episode Audio

Hosts

  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Matt Alderman
    Strategic Advisor at Automox, security consultant, and wizard of entrepreneurship.
  • Larry Pesce
    Senior Managing Consultant and Director of Research at InGuardians, SANS Instructor.
  • Doug White
    Cybersecurity professor, President of Secure Technology, and Security Weekly network host.
  • Jeff Man
    Cryptanalyst,
    infosec analyst, pioneering ex-NSA pen tester, PCI specialist & certified security curmudgeon.
    Currently a Sr. InfoSec Consultant for Online Business Systems.
  • Jack Daniel
    Co-Founder of Security BSides and certified security wizard.
  • Jason Wood
    Security consultant, penetration tester, sysadmin, and Founder of Paladin Security.
  • Joff Thyer
    SANS Instructor, penetration tester, and Security Researcher at Black Hills Information Security.
  • Patrick Laverty
    is a Pentester for Rapid7
  • Lee Neely
    is the Sr Cyber Analyst at LLNL,SANS Analyst


  • Guest Hosts

    April Wright
    is a Preventative Security Specialist at ArchitectSecurity.org.
    Brent Dukes
    is a Director of Information Security.


    Announcements

    • RSA Conference 2019 is the place to be for the latest in cybersecurity data, innovation and thought leadership. From March 4 – 8, San Francisco will come alive with cybersecurity’s brightest minds as they gather together to discuss the industry’s newest developments. Go to rsaconference.com/securityweekly-us19 to register now using the discount code 5U9SWFD to receive $100 off a full conference pass!
    • If you are interested in quality over quantity and having meaningful conversations instead of just a badge scan, join us April 1-3, at Disney's Contemporary Resort for InfoSec World 2019 where you can connect and network with like-minded individuals in search of actionable information. Use the registration code OS19-SECWEEK for 15% off the Main Conference or World Pass.
    • Check out our On-Demand material! Some of our previously recorded webcasts are now available On-Demand at: securityweekly.com/ondemand.

    Templeton Rye

    Interview: Vaughn Adams, LogRhythm - 6:00-6:30PM

    Vaughn Adams
    is the Enterprise Sales Engineer at LogRhythm.
    Vaughn has been an Enterprise Sales Engineer with LogRhythm since 2015 and has covered the Philadelphia, Delaware and New York areas. He has 20 years of experience in Information Technology within the Philadelphia area. His roles have included UNIX Administration, Network Administration and Manager. He developed, implemented, managed and optimized a number of technologies in his organizations, including LogRhythm products.

    Topic: Detecting Attacker Behavior With Firewall Logs & Sysmon

    Vaughn will discuss using freely available tools and logs you are already collecting to detect attacker behavior. Vaughn has a cookbook that will allow you to configure and analyze logs to detect attacks in your environment. You don't need anything fancy to detect attacks, use what you have along with freely available tools and techniques!



    What The Heck Are "Security Basics"? - A Security Weekly Round Table - 6:30 - 7:30PM

    Topic: What The Heck Are "Security Basics"?

    The question comes up quite often, what should organizations be doing to meet the basic security requirements? We often hear the terms "Security Basics", "Minimum Security Standards" or dear lord "Security Hygiene". But what does all this mean? Is it the same for everyone? People will point to different resources that attempt to define the security basics, but do they really work? Does compliance play into this picture? Some areas to discuss:

    1. Patching
    2. Configuration management
    3. Credential and identity management
    4. Compliance, standards, and guidelines
    5. Security policies and procedures
    6. Network and application segmentation
    7. Security training and awareness

    Two examples:

    ...and then there's PCI (because Jeff):

    1. Build and Maintain Secure Networks and Systems
    2. Protect [Sensitive] Data
    3. Maintain a Vulnerability Management Program
    4. Implement Strong Access Control Measures
    5. Regularly Monitor and Test Networks
    6. Maintain an Information Security Policy


    Interview: Mandy Logan, Hacking the Brainstem - 7:30PM-8:30PM

    Mandy Logan
    is a Newly Abled/Disabled Student of Life and InfoSec.
    Following a series of 5 strokes and major head injuries, Mandy is no longer in the construction engineering industry. Instead, she is pursuing all things InfoSec with an emphasis on Incident Response, Neuro Integration, Artifical General Intelligence, sustainable, ethical neuro tech, and improving the lives and community of InfoSec professionals and Neurodiverse professionals. She enjoys art, requires loads of rest still, and hopes to be half the person her service dog, Trevor, is.