Sydney Branch: August meeting

Sydney Branch: August meeting
In this session we will walk you through some Incident Response War Stories and Security Automation.

Topic 1: Incident response warstories. 
Events on large incidents in Melbourne and a comparison with recent banking heists. How malware reverse engineering can save the say.
Look forward to talking again.

Speaker 1: Kevin Manderson - Threat Intelligence and Incident Response Manager at BAE

Kevin started in defence as a mainframe engineer in the 1970s and then industrial systems in the early 1980s. In 1988 he started in Incident Response by playing a small part in the containment of the Morris worm while working in Adelaide. 

In the 90s he commenced his own business in consulting, web development and information security. He built a startup which undertook security gateway monitoring and incident response and sold it in 2000. 

Since then Kevin has been involved with a number of SOCs, has been an IT auditor, managed a large SCADA system and is now back in Incident Response. He has been either responder, manager or provided technical support for over 115 Cyber Incidents.

 
Topic 2: Security Automation
’Automation’ is a buzzword, that is often talked about in the context of security information sharing.  This is a combination talk and group discussion around

 

  • Defining automation, and its capabilities with a focus on STIX & TAXII
  • Benefits and caveats of automating intel workflows
  • Limitations of STIX & TAXII (e.g. confidence indicators, details of certain types of observables such as DDoS)
  • Prerequisites to implementation and requirements for a successful project
  • Experiences and concerns

Speaker 2: John Salomon is an information security professional with nearly 20 years of multi-national experience, including management and operational responsibilities in risk analysis, software assurance, incident response, threat intelligence, and network defense. He is currently the regional director for FS-ISAC in Australia and New Zealand.

Presentation

The presentation for this event can be found here in the AISA member's area.

Many thanks to our sponsors

AISA thanks Wynyard group for sponsoring this meeting



AISA also thanks PwC for sponsoring the venue for this meeting
When
17/08/2016 5:15 PM - 7:00 PM
AUS Eastern Standard Time
Where
PwC (Sydney) Level 15 One International Towers Sydney Watermans Quay Barangaroo, NSW 2000 AUSTRALIA