“Exfiltrating data through the Internet of Things (IoT)” provides insights based on research/analysis of data exfiltration vulnerabilities found in IoT protocols (i.e. SSDP, P25, Zigbee, Z-Wave, Wi-Fi, uPnP). With an eye toward mitigating weaknesses in current protocols, this talk addresses future protocol designs to eliminate those weaknesses. This discussion will delve into the details and demo data exfiltration using IoT protocols.
This month’s meeting is a CISO Panel moderated by Patrick Heim, ex-Salesforce and Kaiser CISO and current operating partner and CISO at ClearSky venture partners along with Sherry Ryan, CISO at Juniper, Richard Seirersen, CISO at LendingClub, and Eddie Borrero, Chief Information Security Officer Robert Half International.
The “enumeration of badness” approach to security has failed for two major reasons. First, the amount of “badness” is practically infinite. Second, it’s unrealistic to detect all future “badness” based on the past. Yet, the majority of products are still based on this method. Spectre and Meltdown vulnerabilities are just one example of the unpredictability of future “badness”. However, “goodness” is actually finite. So, is it possible to create a map of all legitimate OS behavior? The answer is yes.
Security and fraud investigations often require sifting through many logs and transactions, yet typical search and dashboard tools feel closer to 1985 technology than 2045. This talk shares two technologies Graphistry has been developing to supercharge the investigation process. First, we show how GPU cloud streaming scales visual analytics, and especially so for link analysis.
Brent is a security professional with over 15 years of experience in the field. Having worked with Lockheed Martin, McAfee, MBS and eSentire, Brent has a well-rounded background ranging from physical security to cyber hunting and detection. Brent has also consulted several companies and provided recommendations on cybersecurity best practices. He delivers real world experience and knowledge of defending and protecting your assets. Brent is a Cisco Security Specialist and a CISSP who has defended on the front lines against malware and ransomware threats.
Generating SSH keys is free, but poor SSH key practices expose businesses to costly risk. It takes just one SSH key for a cybercriminal to access an organization’s network and pivot to gain further access to the most sensitive systems and data.
The Bay Area ISSA RSA Mixer 2018
Hello, ISSA friends and colleagues! We have managed to reserve a private room at Natoma Cabana (www.natomacabana.com) with seating limited to 40. Please RSVP at your earliest convenience!
