TECHNICAL SECURITY CONFERENCE (FREE FOR GOVT) : GET Continuing Education Credits
EC-Council is bringing some technical training classes to DC which culminates with a one-day highly technical security seminar on Aug 25 and it is free for all Government employees!….. and subsidized for the rest to just $99 !
Unlike other conferences, participants will not be rushed through the presentations, and they can actually learn about the specific topics that are being presented. Renowned security and cyber warfare experts – Jeff Bardin and Richard Stiennon, will be the keynotes for this seminar.
The pricing of the event is kept very low to ensure that budget cuts do not affect the community.
Please help spread the word for this event.
Here are the details of the event:
Workshop (Aug 22-24)
The suite of advanced technical security training workshops covers topics such as:
1. Advanced Penetration Testing
2. Advanced Digital Mobile Forensics
3. Advanced Network Defense
4. Advanced Cryptography
These 3 days workshops are highly technical and lab intensive, so it allows participants to combat real-life scenario. All of CAST programs are co-authored by respected industry professionals.
Seminar (Aug 25)
**One Day Seminar on Aug 25 is FREE for all Government employees. Just need to register with a .mil or .gov email domain.
To register or find out more about this uniquely designed event, please visit www.eccouncil.org/castsummit
And if you require accommodation, we are pleased to inform that the Hyatt Regency has given our group a very attractive rate of just $129 per night (excl taxes). To enjoy this rate, please visit https://resweb.passkey.com/go/eccc
1. To register , please visit: https://www.eiseverywhere.com/ereg/index.php?eventid=25094&
2. Select “Seminar Pass”.
3. Enter your email address
4. Next on ID Code, insert the promo code CSV22 and click “Apply Code”.
5. Once done, fill in the attendee information and other details, and select the correct training.
NSA Trusted Computing Early Bird Rate Runs Out Friday!
To ensure the reduced early bird registration rate, be sure to sign up for the 2nd Annual NSA Trusted Computing Conference & Exposition by Friday, 12 August! Join hosts, the National Security Agency, on 20 – 22 September in Orlando, FL, to explore the conference theme, “Using COTS Technologies to Deliver Decisive Defensive Advantage.”
The National Security Agency is pleased to announce the addition of three new exceptional speakers to the agenda:
- Ms. Frances Townsend Former Homeland Security Advisor; Senior Vice President, MacAndrews and Forbes Holdings, Inc.
- Mr. Sumit Gwalani Product Manager for Chrome OS Security, Google
- Mr. William “Curt” Barker Associate Director and Cybersecurity Advisor for the Information Technology Laboratory, National Institute of Standards and Technology
In order to hear from these and many more knowledgeable speakers at the 2nd Annual NSA Trusted Computing Conference & Exposition at the reduced early bird rate, be sure to register by Friday, 12 August.
Important Links:
Exhibit space contracts are now available! For more information please email conferencesales@ncsi.com.
Enterprise Log Management: An Overview (Part 2) – – FOSE
In part 1 of my guest post series for the FOSE Insights Blog, I talked about the importance of enterprise log management and the questions one should ask before implementing a log management solution. In this post, I’ll be covering the different types of log management solutions to help you determine the best one for your organization.
When implementing a log management solution, there are various types of solutions, architectures and definitions. Here are a few you should be familiar with:
- Sinkhole – Traditional single “syslog” server that “receives” remote logs from one or more sources
- Hierarchy – Multi-Tiered sinkhole’s divided by department, network (vlan), or other logical fashion such as accounting, marketing and engineering to collect log data.
- Aggregator – Usually located at the top of a hierarchy, where major functionality such as alerting, reporting, searching and correlations occur.
- Distributed – Independent log repositories, may be searchable/accessible from a central location.
- Store and Forward – logs are written to a local disk or network disk to be spooled and sent later.
- Streaming – Real-time distribution of log data to a remote logging server as they are being generated.
- Agent Based – Operating systems that do not support remote logging often require assistance from software to send log data. Even those operating systems that are capable of sending log data may use agents to send out specific data in a secure manner to a logging server.
- Agent Less – Systems do not send log data directly to the log server, the logger itself obtains the data via secure file copy (store & grab) or WMI (Windows Management Interface)
- Combo – Most mature log management infrastructures use part or all the above in some way or fashion.
There are a number of useful tools in both the open-source and commercial space that can assist in the creation of a log management solution or the upgrade of an existing solution. In the open-source area, the following solutions are:
- Syslog-ng – Unix based tool. Swiss army knife of log management. Can read any file and “tail” it to the network. Commercial versions available (sinkhole/ forwarding agent)
- Rsyslog – Like syslog-ng , with enhanced filtering, encryption, buffering
- OSSEC – Host Based or Server Based SIM/IDS (Aggregator/Agent)
- –SEC.pl – Simple Event Correlator (Aggregator)
- –PHP-Syslog, MySQL – PHP interface to logs in a database
- –Lasso – Agent-less collection agent for Windows (WMI based)
While in the commercial realm, there are many formidable solutions available, but are just a here are a few notable ones:
Splunk – In the “Pro” column, Splunk provides relevant search information very fast due to its use of data indexing. It has a wide support for various operating systems such as Windows, Mac OS X and Linux-based systems and it is extremely easy to use. One can also have use the software at no cost up to 500MB of log data. In the “Con” column, Splunk seem to have quick development cycles that requires numerous software updates and the advanced features, such as “app” development has a bit of a steep learning curve.
Read the rest at FOSE’s Blog Site
Enterprise Log Management: An Overview (Part 1) – – FOSE
Log management is the collection of self-generated data from IT hardware devices and software applications. The collection of this data can contain useful information about business processes such as the number of errors on a website or even a security issue that displays the number of failed attempts to access a perimeter router.
Many organizations conduct log management practices to meet regulatory compliance in their respected industries. For instance, the Graham-Leach-Bliley (GLB) Act provides compliance guidelines to those organizations in the financial industry, while the Healthcare Insurance Portability and Accountability Act (HIPAA) has a direct affect on the health care industry. In addition, the Sarbanes-Oxley (SOX) Act offers protection guidelines to publicly traded companies’ financial systems and the Federal Information Security Management Act (FISMA) aids in the protection of the federal government’s information systems.
However, the use of log management practices serves more than just a vehicle to satisfy compliance requirements, it can also be used to assist in the fault management process to aid in troubleshooting at the tier 1 level. In addition to fault management, performance analysis is another useful area for log data to obtain information about server CPU, memory, disk and even network throughput. Lastly, log data can conduct trend analysis to view peak usage stats such as the “top”10s as well as aid in the detection of security incidents and violations.
Read the rest at FOSE’s Blog Site
Watch Live: Sub-Oversight Committee Hearing at 11AM ET on Cybersecurity
Watch Live: Sub-Oversight Committee Hearing at 11AM ET on Cybersecurity
SECURITY 660: Advanced Penetration Testing, Exploits, and Ethical Hacking
Course Author statement:
As a perpetual student of information security, I am excited to offer this course on advanced penetration testing. Often, when conducting an in-depth penetration test, we are faced with situations that require unique or complex solutions to successfully pull off an attack, mimicking the activities of increasingly sophisticated real-world attackers. Without the skills to do so, you may miss a major vulnerability or not properly assess its business impact. Target system personnel are relying on you to tell them whether or not an environment is secured. Attackers are almost always one step ahead and are relying on our nature to become complacent with controls we work so hard to deploy. This course was written to keep you from making mistakes others have made, teach you cutting edge tricks to thoroughly evaluate a target, and provide you with the skills to jump into exploit development.
-Stephen Sims, SANS Senior Instructor
Click here for more info and upcoming training events for SEC660: http://www.sans.org/info/82554
Save $150 off your registration by using promo code: Connect_SecOrb
SANS Network Security in Las Vegas, NV is from September 17-26 (SEC660 – Sept 19-24).
