ISSA-NE.org
  • Home
  • Events
    • March Blue Team Workshop
  • Sponsors
    • Cybereason
    • Sayers
    • digital shadows
    • Semperis
    • knectIQ
  • Call for Speakers
  • About
  • Archive
    • 2021 Archive >
      • ISSANE at SecureWorld
      • Feb 2021 Webinar
    • 2020 Archive >
      • December 2020 Virtual ISSA NE Members-Only Roundtable
      • November 2020 Virtual ISSA NE Annual Meeting
      • 2020 October ISSA NE Red Team Hunt
      • Virtual 4th Annual Boston Cyber Security Summit - Nov. 5, 2020
      • 2020 September Webinar
      • Cyber Security Summit POWERHOUR - July 2020
      • 2020 June Webinar
      • 2020 May Webinar
      • 2020 April Webinar
      • 2020 February Zoom Meeting
      • SkiCon New England - Feb. 2020
    • 2019 Archives >
      • ISSA NE December 2019 Members-Only Roundtable
      • SANS Boston event - April 2019
      • 2019 November Chapter Meeting
      • 2019 ISSA NE February Tech Talk
      • 2019 May Chapter Meeting
      • 2019 July Chapter Meeting
      • ISSA NE Chapter Meeting at SecureWorld Boston
      • Cloud Security Alliance 2019 Boston Chapter Forum
      • October 2019 Cybereason event > Prevent Cyber Stalking
      • 2019 SecureWorld Boston
    • 2018 Archives >
      • 2018 November 7 Chapter Meeting
      • 2018 Cybereason > The AI Hunting Tour
      • 2018 September Chapter Meeting
      • 2018 ISSA NE Briefing
    • 2017 Archives >
      • 2017 Annual Chapter Meeting & 30th Anniversary Celebration
      • 2017 September Chapter Meeting
      • 2017 Annual Sponsor Expo and Chapter Meeting
      • 2017 April Chapter Meeting
      • 2017 March ISSA-NE Breakfast and Presentation at SecureWorld
  • Contact
ISSA NE Chapter Meeting – 11/2/17
“2.5 CPEs”


Venue:
Museum of Science
1 Science Park, Boston, MA 02114
 
Come join us to celebrate ISSA New England 30th Anniversary celebration. Finish off the evening with watching a brilliant show at the Museum of Science Mugar Omni IMAX Theatre. Your registration also includes free entrance to the Museum of Science for the day and complimentary parking.
Agenda:
AGENDA:
9 am                      Registration IF museum visit (includes free pass, parking)
OR
11:30 am             Registration IF ONLY attending the meeting and reception
12:30-1                 Welcome, Ratification of bylaws, sponsor thanks
1:15-2                    ESG/ISSA 2nd Annual Global Research 'State of the Cyber Security Professional' - Candy Alexander, vCISO,  ISSA International Director
2:05–2:50            Incident Response- From the Trenches to the Boardroom and Back, O’Shea Bowens
2:55–3:20            Minions: Off-path Man-in-the-Middle Attack on Tor Hidden Services, Amirali Sanatinia, Security Researcher, Northeastern University
3:20-5                   Closing note, followed by Chapter’s 30th anniversary reception
5:00                       Omni Theater presentation
Talk and Speaker Details:
State of the Cyber Security Professional:  Given the overwhelming barrage of challenges that cyber security professionals face daily, it’s a natural wonder just how well they are holding up.  Are they able to coordinate on cyber security strategies and tactics with their business and IT peers?  Do they have the skills necessary for their jobs as cyber-adversaries develop new exploits?  Are they overwhelmed and burn out?  We will explore the answers to these questions and more, in this research based discussion.
  • Candy Alexander is a vCISO, ISSA International Director and a recognized information security leader. Candy has in-depth experience in performing many aspects of information security which she obtained through the various information security roles she has filled in her 23+ years in the industry at companies such as Digital Equipment, Compaq Computer Corporation and Symantec.
  • -

Minions: Off-path Man-in-the-Middle Attack on Tor Hidden Services
In the last decade, Tor proved to be a very successful and widely popular system to protect users’ anonymity. However, Tor remains a practical system with a variety of limitations, some of which were indeed exploited in the recent past. Previous work showed the existence of malicious participating Tor relays. In this work, we show that an adversary who compromises the Hidden Service private key can mount a man-in-the-middle attack on hidden services. One characteristic of this attack is that the adversary does not need to be in the communication path between the client and the server. We demonstrate a proof-of-concept (POC) for this attack. Furthermore, we provide a tool that can be used to detect such attempts. We also discuss possible detection and mitigation mechanism and the implication of the certificate systems for hidden services.
  • Amirali Sanatinia is a Computer Science PhD candidate at Northeastern advised by Professor Guevara Noubir, and holds a Bachelor’s degree in CS from St Andrews University. His research focuses on cyber security and privacy, and was covered by venues such as MIT Technology Review and ACM Tech News. He has talked at various venues including DEFCON, BSides and PyCon.

Incident Response- From the Trenches to the Boardroom and Back. The talk will discuss questions C-level may ask the Incidence Response team when handling incidents. We will also discuss questions on how technologies in-house are best utilized to assist with IR.
  • O’Shea Bowens is an information security enthusiast with 10 years of information security experience. He currently is a Security Operations Expert for Novartis where his primary focus is incident response, malware analysis, blue teaming functions and developing incident response coursework. O'Shea has worked and consulted for companies and clients in the federal government, U.S.  and international firms in various information security roles, including security analyst, incident response, network & systems forensics, and network engineering.
Venue Information:
Mugar Omni Theatre
In the Mugar Omni Theater, the world's largest film format is projected onto a five-story-tall IMAX® Dome screen. It wraps audiences in larger-than-life images of flora, fauna, and faraway places. A state-of-the-art digital sound system completes the immersion effect.
For details on Parking, please visit https://www.mos.org/parking

Speaker Bios:
Register
Powered by Create your own unique website with customizable templates.
  • Home
  • Events
    • March Blue Team Workshop
  • Sponsors
    • Cybereason
    • Sayers
    • digital shadows
    • Semperis
    • knectIQ
  • Call for Speakers
  • About
  • Archive
    • 2021 Archive >
      • ISSANE at SecureWorld
      • Feb 2021 Webinar
    • 2020 Archive >
      • December 2020 Virtual ISSA NE Members-Only Roundtable
      • November 2020 Virtual ISSA NE Annual Meeting
      • 2020 October ISSA NE Red Team Hunt
      • Virtual 4th Annual Boston Cyber Security Summit - Nov. 5, 2020
      • 2020 September Webinar
      • Cyber Security Summit POWERHOUR - July 2020
      • 2020 June Webinar
      • 2020 May Webinar
      • 2020 April Webinar
      • 2020 February Zoom Meeting
      • SkiCon New England - Feb. 2020
    • 2019 Archives >
      • ISSA NE December 2019 Members-Only Roundtable
      • SANS Boston event - April 2019
      • 2019 November Chapter Meeting
      • 2019 ISSA NE February Tech Talk
      • 2019 May Chapter Meeting
      • 2019 July Chapter Meeting
      • ISSA NE Chapter Meeting at SecureWorld Boston
      • Cloud Security Alliance 2019 Boston Chapter Forum
      • October 2019 Cybereason event > Prevent Cyber Stalking
      • 2019 SecureWorld Boston
    • 2018 Archives >
      • 2018 November 7 Chapter Meeting
      • 2018 Cybereason > The AI Hunting Tour
      • 2018 September Chapter Meeting
      • 2018 ISSA NE Briefing
    • 2017 Archives >
      • 2017 Annual Chapter Meeting & 30th Anniversary Celebration
      • 2017 September Chapter Meeting
      • 2017 Annual Sponsor Expo and Chapter Meeting
      • 2017 April Chapter Meeting
      • 2017 March ISSA-NE Breakfast and Presentation at SecureWorld
  • Contact