Past Meetings

Security is Easy - How I've Mapped All Legitimate OS Behavior - Evening Meeting

Tuesday, October 16, 2018 - 6:30pm

The “enumeration of badness” approach to security has failed for two major reasons. First, the amount of “badness” is practically infinite. Second, it’s unrealistic to detect all future “badness” based on the past. Yet, the majority of products are still based on this method. Spectre and Meltdown vulnerabilities are just one example of the unpredictability of future “badness”. However, “goodness” is actually finite. So, is it possible to create a map of all legitimate OS behavior? The answer is yes.

Supercharging Investigations with GPUs & Graphs

Tuesday, September 18, 2018 - 11:30am

Security and fraud investigations often require sifting through many logs and transactions, yet typical search and dashboard tools feel closer to 1985 technology than 2045. This talk shares two technologies Graphistry has been developing to supercharge the investigation process. First, we show how GPU cloud streaming scales visual analytics, and especially so for link analysis.

Minimizing the detection to recovery timeframe

Tuesday, July 17, 2018 - 11:30am

Brent Feller, Senior Solutions Engineer, eSentire

Brent is a security professional with over 15 years of experience in the field.  Having worked with Lockheed Martin, McAfee, MBS and eSentire, Brent has a well-rounded background ranging from physical security to cyber hunting and detection. Brent has also consulted several companies and provided recommendations on cybersecurity best practices. He delivers real world experience and knowledge of defending and protecting your assets. Brent is a Cisco Security Specialist and a CISSP who has defended on the front lines against malware and ransomware threats.

Creating Alerts that Matter

Tuesday, March 20, 2018 - 11:30am
Organizations that have acquired technology to deal with threats have found themselves dealing with too many alerts, a growing number of tools contributing to the chaos, and a shortage of qualified talent to get the job done. There are two key ways to obtain alerts that matter. One can create alerts that matter, or use existing alerts and determine how to make the alert matter through enrichment.
 

Integration: Making all this technology work for you

Tuesday, February 20, 2018 - 11:30am

Perfect protection is impossible.  By now we all know that we can’t just buy one more silver bullet to fix our problems.  Every organization manages something like 20 distinct security technologies, with enough staff and time to operate 5 of them well.  We can’t just hire more professionals – the talent pool has been drained.  So we have little choice – we need to get our existing security investments to work together.  This talk will highlight the need for, and then show real examples of, inter-product and inter-vendor integrations that can automate workflows and produce tangible operation

Pages