REN-ISAC logo
Member Login
login help
About REN-ISAC
Membership
Contact Us
24x7 CSIRT
Alerts
Monitoring
Projects
Programs
Events
Contributors
Links

TechBurst Webcasts

Upcoming Public TechBurst Webcasts

Archived Webcasts

2016-09-13   School of Phish: Sink & SIEM to Seal Leaking Credentials; Keith Hartranft and Colin Foley; Lehigh University
2013-10-28   Web Application Security By Example; Frank Kim, SANS
2012-05-18   Bro-IDS Workshop; Seth Hall, International Computer Science Institute
2011-10-27   Eduroam in the US; Philippe Hanset, University of Tennessee, Knoxville and Eduroam US
2008-10-30   DNSSEC -- Living and Loving Life after Kaminsky; Or: How I overcame my fear and signed my zones; Alan Clegg, Internet Systems Consortium, Inc. (ISC)

 

Archives:


School of Phish: Sink & SIEM to Seal Leaking Credentials
Keith Hartranft and Colin Foley; Lehigh University

2016-09-13

recorded presentation requires Flash
presentation hardcopy (PPTX)
additional materials (zip archive)

Session Abstract

Feeling like you're "Sleepin' with the Phishes" with Luca Brasi? Witnessing more Whaling than Captain Ahab aboard the Pequod? Well then... wade on into the Webinar and join the School of Phish!

We'll be presenting on what we hope are some creative angling techniques to Sink, SIEM, and Seal up those leaking credentials and perhaps even lure the Phishers themselves into our nets. What's included within our Phish story will be:

  • How to utilize your SIEM as a Phish Finder SONAR.
  • How to reach into the Gmail GAFE tackle box of tools that includes a look at use of Content Compliance Filters, Vault, and alert notices.
  • Explore a cast of options to scale Phishes in a Phishtank or a variety of other Sinks.
  • Set some hooks in trolling Vault.
  • Chum the attackers with honeypeeps to identify where you're getting snagged.

While some of our charter boat tour will be what systems are utilized at Lehigh specifically, we feel all strategies and processes presented will be useful no matter how your organization is outfitted! We also expect this to be a collaborative expedition as we hope to reel in new ideas and automation into this process.

Speaker(s): Keith Hartranft, CISSP, CISM, PCIP - Chief Information Security Officer; Lehigh University and Colin Foley, Identity and Access Manager; Lehigh University

Bio

Keith Hartranft is a Certified Information Systems Security Professional (CISSP), ISACA CISM, and Payment Card Industry Internal Security Assessor (PCI-ISA) with over 25 years of Information Security and Systems Engineering experience. Keith has management responsibility for the design, development, and implementation of the information security program for Lehigh University. This includes responsibility for initiation of technical and administrative controls that include: campus wide information security policy and procedures creation, data privacy and monitoring, security and compliance assessments, training, and awareness, data traffic monitoring, intrusion detection, incident response, and forensic investigations, review of security strategies with risk management and legal departments, and implementation of technical defense and vulnerability assessment technology.

Keith also teaches a Business Information Systems (BIS333) Enterprise Risk Management and Information Security class at Lehigh and has instructed in a variety of Information Security topics over the past 15 years at Northampton Community College as an Associate Professor. Keith has presented as a keynote speaker at IT conferences and to professional, higher education, and varied community groups, both domestic and abroad, on information security practices. Keith was also a National Science Foundation grant awarded Principal Investigator for Projects Based Learning initiatives.

Colin Foley is the Identity and Access Manager at Lehigh University. Colin joined Lehigh University in 2012 as a web application developer specializing in the Drupal CMS. He has since transitioned into an Information Security role within the Identity & Access Management (IAM) domain and is responsible for all electronic access control provisioning and monitoring at Lehigh. Colin brings a unique background of DevOps, GIS, Data Migration, and Web Application Development & Design to IAM at Lehigh. He has co-presented at DrupalCon North America, keynoted the ScienceOnDrupal track of the Federation of Earth Sciences Information Partners Summer Meeting, and presented at many local Drupal meetups.


Web Application Security By Example
Frank Kim, SANS

2013-10-28

recorded presentation

Session Abstract

Organizations today rely on critical software systems to conduct business. It's these systems, however, that are often at the root of many headlines about data breaches and corporate hacks. Despite maturing software development processes and increasing deployment of software security tools, organizations often do not focus on the most effective practices for securing critical applications. Common attacks are often caused by simple mistakes that occur while software is being developed and deployed. By educating everyone involved in the software development process, including developers, architects, managers, testers, business owners and partners, you reduce the chances that your organization will become a victim of today's data security threats and ensure they can properly build defensible applications from the start.

Bio

Join Frank Kim, SANS Application Security Curriculum Lead, and learn how organizations can use the SANS Securing the Human - Developer to train developers how to avoid common mistakes and create more secure applications. See first-hand examples of common application security flaws that can be addressed through developer security awareness training and understand why application security should be part of every organizations' security program.


Bro-IDS Workshop
Seth Hall, International Computer Science Institute

May 18, 2012

recorded presentation requires Flash

Session Abstract

Getting started with Bro, sizing your Bro cluster


Eduroam in the US
Philippe Hanset, University of Tennessee, Knoxville and Eduroam US

October 27, 2011

recorded presentation requires Flash

Session Abstract

Providing visitor access to academic wireless networks can be a daunting task. Very few solutions present a good mix between security and convenience, and can also be time consuming for users and support staff. If an institution has or plan to have an 802.1x infrastructure, adding eduroam to it will provide many benefits including instant access, encryption, and mutual authentication for visitors from other institutions. Reciprocally these benefits will be available to the members of the institution when traveling in the country or abroad. eduroam has more than 2000 institutions worlwide. In the US, we had two members in 2009, twelve in 2010, and more than fifty now!

Bio

After a career in mathematical and theoretical biology, Hanset progressively shifted is interest to computer networks. In 2001, Hanset designed and implemented for University of Tennessee the largest Wi-Fi network in academia. An important part of designing Wireless Networks resided in the access control mechanisms which led Hanset to explore authentication and authorization systems like eduroam. He has been experimenting and spearheading the eduroam effort in the US since 2005. Hanset is Constituent Group leader for Wireless-LAN@Educause, and member of the Customer Advisory Board of Aruba Networks. Hanset holds a master in Zoology from "Université Libre de Bruxelles" and a master in Computer Science from University of Tennessee, Knoxville.


DNSSEC -- Living and Loving Life after Kaminsky;
Or: How I overcame my fear and signed my zones

Alan Clegg, Internet Systems Consortium, Inc. (ISC)
2008-10-30

October 30, 2008

recorded presentation (requires Flash)
presentation hardcopy (PDF)

Session Abstract

With the fear and uncertainty caused by Dan Kaminsky's new attack vector against DNS, the subsequently mandated deployment of DNSSEC into the .gov namespace, and the political debate surrounding the signing of the root zone, the race is on to secure DNS. This talk will explain the recent events that lead up to the government mandate and will help the system administrator and their managers to understand the next steps towards deploying a safe end-to-end DNS infrastructure. The talk will provide an overview of DNSSEC, its interoperability with existing DNS, and will outline the steps required to begin testing and deployment of DNSSEC. Examples of configuration and deployment of DNSSEC will be given using ISC's BIND[1].

Bio

Alan Clegg is a Support Engineer for Internet Systems Consortium. In this position, Alan provides training and support for BIND and ISC DHCP.

Alan has over 20 years providing support and management of Internet facing systems, and as a Dale Carnegie trained public speaker, he has provided tailored learning experiences to corporations (Banc One, Jefferson Pilot Communications), at conventions and meetings (BSDcon, InfraGard, HTCIA), and as part of his job with Berkeley Software Design.

During the NSF funded rollout of Internet access to higher education, Alan assisted in the deployment of "high speed" (56k!) network access to all 2 and 4 year degree granting, publicly funded colleges and universities in North Carolina. Later, as a member of the technical staff of Berkeley Software Design, he provided training and support for the BSD/OS and FreeBSD operating systems. More recently, Alan was a member of the senior engineering team at Hosted Solutions, a data center solutions provider with multiple data centers in North Carolina and Massachusetts.

Alan is involved with InfraGard, a public/private partnership between the Federal Bureau of Investigation and providers of infrastructure in the United States, and has previously served on the board of directors for the Eastern Carolina Chapter.

Serving as a volunteer firefighter for over 18 years, Alan became an American Red Cross Disaster Services volunteer following hurricane Katrina. He is also a trainer for the FEMA Community Emergency Response Team, specializing in CERT response to acts of terrorism.

References

[1] http://www.isc.org/bind