Raleigh ISSA February, 2019, Meeting Pictures – RTP Headquarters

Thanks to our Sponsor

Photos were taken by:

https://www.patrickkea.com/

Agenda

5:15 – 6:00 pm Career Services (Conference Room 1)

5:15 – 6:00pm Back-to-Basics (Main Room)Eric Sigman: SOAR/Security Automation & Orchestration

6:00 – 6:45 pm Dinner / Drink / Socializing (Lobby)/Vendor table

7:00 – 7:15 pm Board Updates (Main Room)

7:15 – 8:15 pm Main Presentation (Main Room) Robert Wessen nccgroup “Notes from the Red Team“

Bio: Robert is a Senior Security Consultant with NCC Group. He has just under 20 years of experience in IT, with 12 of those dedicated to security. He has held positions in support, system administration, and management before finally settling on security. He has worked in almost every industry vertical and his security testing engagements have taken him to a wide variety of locations and technologies; from the bridge of a nuclear submarine to Wall St. and many places in between.

Robert was previously the Enterprise Security Lead for VSR, a boutique information security consulting firm based in Boston, which was acquired by NCC Group in 2015. Before that he worked for several federal contractors in various roles performing work for the Army, Navy, SOCOM and other agencies. He holds a bachelors degree in Computer Science from Northeastern University and multiple industry certifications including CISSP-ISSEP, GREM and GXPN.

Abstract:

You’ve heard about them, maybe you’ve even had a test performed against your organization, but what exactly _is_ a Red Team? What do they do? What value do they provide? Are you ready for them?

Like many topics in information security, there are many opinions and certainly no lack of hype around Red Teaming. We will sort through some basic definitions and common scenarios while discussing a few anonymized Red Team case studies. Technical details of real world 0-day vulnerabilities found during recent testing will be dissected. Even in the presence of such unknown vulnerabilities, could the Red Team have been stopped? We believe in some cases they can, and in many others at least contained. We’ll finish by going over the things the Red Team hates to see (and therefore you should definitely be doing).