Recorded December 20, 2018 at G-Unit Studios in Rhode Island!
- 1 Episode Audio
- 2 Announcements
- 3 Interview: Vaughn Adams, LogRhythm - 6:00-6:30PM
- 4 What The Heck Are "Security Basics"? - A Security Weekly Round Table - 6:30 - 7:30PM
- 5 Interview: Mandy Logan, Hacking the Brainstem - 7:30PM-8:30PM
- RSA Conference 2019 is the place to be for the latest in cybersecurity data, innovation and thought leadership. From March 4 – 8, San Francisco will come alive with cybersecurity’s brightest minds as they gather together to discuss the industry’s newest developments. Go to rsaconference.com/securityweekly-us19 to register now using the discount code 5U9SWFD to receive $100 off a full conference pass!
- If you are interested in quality over quantity and having meaningful conversations instead of just a badge scan, join us April 1-3, at Disney's Contemporary Resort for InfoSec World 2019 where you can connect and network with like-minded individuals in search of actionable information. Use the registration code OS19-SECWEEK for 15% off the Main Conference or World Pass.
- Check out our On-Demand material! Some of our previously recorded webcasts are now available On-Demand at: securityweekly.com/ondemand.
Interview: Vaughn Adams, LogRhythm - 6:00-6:30PM
Topic: Detecting Attacker Behavior With Firewall Logs & Sysmon
Vaughn will discuss using freely available tools and logs you are already collecting to detect attacker behavior. Vaughn has a cookbook that will allow you to configure and analyze logs to detect attacks in your environment. You don't need anything fancy to detect attacks, use what you have along with freely available tools and techniques!
What The Heck Are "Security Basics"? - A Security Weekly Round Table - 6:30 - 7:30PM
Topic: What The Heck Are "Security Basics"?
The question comes up quite often, what should organizations be doing to meet the basic security requirements? We often hear the terms "Security Basics", "Minimum Security Standards" or dear lord "Security Hygiene". But what does all this mean? Is it the same for everyone? People will point to different resources that attempt to define the security basics, but do they really work? Does compliance play into this picture? Some areas to discuss:
- Configuration management
- Credential and identity management
- Compliance, standards, and guidelines
- Security policies and procedures
- Network and application segmentation
- Security training and awareness
...and then there's PCI (because Jeff):
- Build and Maintain Secure Networks and Systems
- Protect [Sensitive] Data
- Maintain a Vulnerability Management Program
- Implement Strong Access Control Measures
- Regularly Monitor and Test Networks
- Maintain an Information Security Policy
Interview: Mandy Logan, Hacking the Brainstem - 7:30PM-8:30PM