**[Starting in 15 minutes]** TechBurst - September 13, 2016 - *School of Phish: Sink & SIEM to Seal Leaking Credentials*

[Sarah Bigham <sarah () REN-ISAC NET>]

We will be getting started in about 15 minutes

On 9/12/2016 3:01 PM, Sarah Bigham wrote:
> I have received several inquiries asking how to access the presentation.
> The instructions are at the end of the email so they were easily
> overlooked. Below are step-by-step directions:
>
> How to join the live session:
> Go to www.ren-isac.net and select the "Events" tab on the left.
> Once you are on the "Events" page, click on the "Connect to the live
> session" link. This will launch Adobe Connect where you will be able to
> access the presentation. **Please note that the link will not be active
> until approximately 15 minutes before the presentation begins.
>
> Questions for the presenter may be submitted via the Adobe Connect Q&A
> window or e-mail to techburst () ren-isac net. REN-ISAC members can also
> ask questions via the #techburst IRC channel. For instructions on
> connecting to the IRC, see https://secure.ren-isac.net/ircd.html.
>
> Thanks!
> Sarah
>
> On 9/12/2016 10:11 AM, Sarah Bigham wrote:
> > **This TechBurst is being held out-of-band from our normal schedule and
> > will take place on Tuesday, September 13th. In addition, this TechBurst
> > is public so please feel free to forward this along to individuals
> > outside of the REN-ISAC community.
> >
> > =====================================================================
> >
> > Date: Tuesday, September 13, 2016
> > Time: Noon (1200) Eastern time
> >
> > Audience:[1]: Public [Pb]
> >
> > Title: *School of Phish: Sink & SIEM to Seal Leaking Credentials*
> >
> > Feeling like you’re “Sleepin’ with the Phishes” with Luca Brasi? Witnessing
> > more Whaling than Captain Ahab aboard the Pequod? Well then…wade on into
> > the Webinar and join the School of Phish!
> >
> > We’ll be presenting on what we hope are some creative angling techniques to
> > Sink, SIEM, and Seal up those leaking credentials and perhaps even lure the
> > Phishers themselves into our nets. What’s included within our Phish story
> > will be
> >
> > · How to utilize your SIEM as a Phish Finder SONAR
> >
> > ·  How to reach into the Gmail GAFE tackle box of tools that
> > includes a look at use of Content Compliance Filters, Vault, and alert
> > notices
> >
> > · Explore a cast of options to scale Phishes in a Phishtank or a
> > variety of other Sinks
> >
> > · Set some hooks in trolling Vault
> >
> > · Chum the attackers with honeypeeps to identify where you’re
> > getting snagged
> >
> > While some of our charter boat tour will be what systems are utilized at
> > Lehigh specifically, we feel all strategies and processes presented will be
> > useful no matter how your organization is outfitted! We also expect this to
> > be a collaborative expedition as we hope to reel in new ideas and
> > automation into this process.
> >
> >
> > Speaker(s): Keith Hartranft, CISSP, CISM, PCIP – Chief Information
> > Security Officer;
> > Lehigh University and Colin Foley, Identity and Access Manager; Lehigh
> > University
> >
> > =================================================================================
> >
> > Keith Hartranft is a Certified Information Systems Security Professional
> > (CISSP),
> > ISACA CISM, and Payment Card Industry Internal Security Assessor (PCI-ISA)
> > with over 25 years of Information Security and Systems Engineering
> > experience.
> > Keith has management responsibility for the design, development, and
> > implementation of the information security program for Lehigh University.
> > This includes responsibility for initiation of technical and administrative
> > controls that include: campus wide information security policy and
> > procedures creation, data privacy and monitoring, security and compliance
> > assessments, training, and awareness, data traffic monitoring, intrusion
> > detection, incident response, and forensic investigations, review of
> > security strategies with risk management and legal departments, and
> > implementation of technical defense and vulnerability assessment
> > technology.
> >
> > Keith also teaches a Business Information Systems (BIS333) Enterprise Risk
> > Management and Information Security class at Lehigh and has instructed in a
> > variety of Information Security topics over the past 15 years at
> > Northampton Community College as an Associate Professor. Keith has
> > presented as a keynote speaker at IT conferences and to professional,
> > higher education, and varied community groups, both domestic and abroad, on
> > information security practices. Keith was also a National Science
> > Foundation grant awarded Principal Investigator for Projects Based Learning
> > initiatives.
> >
> > =================================================================================
> >
> > Colin Foley is the Identity and Access Manager at Lehigh University.
> > Colin joined Lehigh University in 2012 as a web application developer
> > specializing in the Drupal CMS. He has since transitioned into an
> > Information Security role within the Identity & Access Management (IAM)
> > domain and is responsible for all electronic access control provisioning
> > and monitoring at Lehigh. Colin brings a unique background of DevOps, GIS,
> > Data Migration, and Web Application Development & Design to IAM at Lehigh.
> > He has co-presented at DrupalCon North America, keynoted the
> > ScienceOnDrupal track of the Federation of Earth Sciences Information
> > Partners Summer Meeting, and presented at many local Drupal meetups.
> >
> > -------------------------------
> >
> > [1] Information Sharing Guidance: TechBursts marked with "MG" are open
> > to members and hosted trusted guests of members. Because access to MG
> > TechBursts require authentication with a REN-ISAC userid and password,
> > guests must view the webcast with the member present. One marked "Pb"
> > are open to the public. Ones not marked with MG or Pb are
> > available to members only.
> >
> > How to join the live session:
> > Go to www.ren-isac.net and select the "Events" tab on the left.
> > Once you are on the "Events" page, click on the "Connect to the live
> > session" link. This will launch Adobe Connect where you will be able to
> > access the presentation. **Please note that the link will not be active
> > until approximately 15 minutes before the presentation begins.
> >
> > Questions for the presenter may be submitted via the Adobe Connect Q&A
> > window or e-mail to techburst () ren-isac net. REN-ISAC members can also
> > ask questions via the #techburst IRC channel. For instructions on
> > connecting to the IRC, see https://secure.ren-isac.net/ircd.html.

-- 

Sarah Bigham

Security Analyst     REN-ISAC
2719 E. 10th Street, Suite 201 /   Bloomington, IN 47408
office: +1(812) 855-2267
sarah () ren-isac net
https://www.linkedin.com/company/ren-isac

Research and Education Networking – Information Sharing and Analysis
Center / www.ren-isac.net
24x7 Watch Desk:  +1(317) 278-6630, soc () ren-isac net


"Distrust and caution are the parents of security" - Benjamin Franklin



-- 

Sarah Bigham

Security Analyst     REN-ISAC
2719 E. 10th Street, Suite 201 /   Bloomington, IN 47408
office: +1(812) 855-2267
sarah () ren-isac net
https://www.linkedin.com/company/ren-isac

Research and Education Networking – Information Sharing and Analysis
Center / www.ren-isac.net
24x7 Watch Desk:  +1(317) 278-6630, soc () ren-isac net


"Distrust and caution are the parents of security" - Benjamin Franklin

Attachment: signature.asc
Description: OpenPGP digital signature