Author: karen

Speaker Feature: David Sirrine

David Sirrine

@dsirrine

David Sirrine

Red Hat, Inc.
Dave is a career Open Source security advocate, evangelist, and problem solver. Working closely with the product and platform security teams at Red Hat, developing skills and knowledge of not just ensuring the Linux host is secured, but ensuring this level of security is maintained over time.

Open Source Identity Management: From Password to Policy
Learn how Open Source technologies such as FreeIPA
(IdM) and SSSD can provide intelligent policy management and access
control for your Linux environment, tighter Active Directory
integration through cross forest trusts, and a variety of methods by
which one can authenticate using Smart Cards, SAML, and OTP among
others to systems and services. This session will also cover how to
use the additional features and functionality of FreeIPA to provide a
robust PKI infrastructure and DNS management to your environment.

Register Now!


Silver Sponsor Feature: Assura

www.assuraus.com

@Assura_Inc

Assura, Inc.

Assura is a consulting and services firm focused on Information Technology Governance, Risk and Compliance (IT GRC) with concentrations in cybersecurity, business continuity planning, IT audit and audit defense.

Come see us at RVAsec! Register now.

 


Speaker Feature: Rockie Brockway

Rockie Brockway

https://media.licdn.com/mpr/mpr/shrink_100_100/p/2/000/0fc/085/309e093.jpg

Black Box Network Services
Rockie Brockway serves Black Box as Information Security and Business Risk Director and Senior Engineering Director. With over two decades of experience in InfoSec/Risk, he specializes in Information Security Risk Management and the inherent relationship between assets, business system and process, adversary and threats. For the past 6 years he has served in a vCISO role for a F500 manufacturing organization creating and improving their global Enterprise Security Architecture while building teams of trained red team killers and risk analysts for Black Box.

Enterprise Threat Management Like a Boss
Attribution is hard. And in most business cases unnecessary. Threat Management, like Vulnerability Management, is a core pillar in most Enterprise Security Architectures (ESA), yet is a very different beast with completely separate functions, processes and skillset requirements. Similar to my previous talk on Enterprise Class Vulnerability Management, this talk takes the framework of the OWASP ASVS 2014 framework and applies it to Enterprise Threat Management in an attempt to make a clearly complicated yet necessary part of your organization’s ESA much more manageable, effective and efficient with feasible recommendations, based on your business’ needs.

Register Now!


Silver Sponsor Feature: Rapid7

www.rapid7.com

@rapid7

Rapid7

Rapid7 is engineering better security with simple, innovative solutions for IT security’s most critical challenges. Our security data and analytics solutions collect, contextualize, correlate, and analyze the security data you need to dramatically reduce threat exposure and detect compromise in real-time.

Come see us at RVAsec! Register now.


After Party 2016 – Sponsored by Anomali and Guidepoint

We are pleased to announce that Anomali and Guidepoint have partnered up to host our After Party Event this year. Planning is in the works so stay tuned for further information!

Anomali_Logo_Tag-RGB_180x39 (1)            GuidepointLogoTagLine

 

Register Now!


Speaker Feature: Mark Weatherford

Mark Weatherford

Mark Weatherford

Mark Weatherford

@marktw

www.varmour.com

vArmour
Mark Weatherford is Chief Cybersecurity Strategist at vArmour. He has more than 20 years of security operations leadership and executive-level policy experience in some of the largest and most critical public and private sector organizations in the world including roles as:

• Principal at The Chertoff Group
• Appointed by President Obama as DHS’s first Deputy Under Secretary for Cybersecurity
• VP and Chief Security Officer at the North American Electric Reliability Corporation (NERC)
• Appointed by Governor Arnold Schwarzenegger as California’s first Chief Information Security Officer
• Chief Information Security Officer for the State of Colorado
• US Navy Cryptologic Officer

In addition, Mark was:

• Selected as SC Magazine’s “CSO of the Year” award in 2010
• Named one of the “10 Most Influential People in Government Information Security” by GovInfoSecurity in both 2012 and 2013
• Selected for the 2013 CSO Compass Award for leadership achievements in the security community

(Your) Inevitable Path to the Cloud
Like the switch from steam to electric power a century ago, the shift to cloud computing is inevitable—in fact, it’s already here. But what this brings in efficiency, it misses in security as the lack of visibility in the virtual environment allows too much room for malicious activity. This presentation details the structure and blind spots of data centers and cloud environments and addresses ideas for companies to consider in securing their data assets.

Register Now!


Silver Sponsor Feature: Symantec

www.symantec.com

@symantec

Symantec

Symantec is a global leader in providing security, information management solutions to help our customers – from consumers and small businesses to the largest global organizations – secure and manage their information against more risks at more points, more completely and efficiently than any other company. Our company’s unique focus is to eliminate risks to information, technology and processes independent of the device, platform, interaction or location.

Come see us at RVAsec! Register now.


Speaker Feature: Chris Romeo

Chris Romeo

@edgerouteChris Romeo

www.securityjourney.com

Security Journey
Chris Romeo is CEO, Principal Consultant, and co-founder of Security Journey. His passion is to bring application security awareness to all organizations, large and small. He was the Chief Security Advocate at Cisco Systems for five years, where he guided Cisco’s Secure Development Life Cycle program, empowering engineers to “build security in” to all products at Cisco. He led the creation of Cisco’s internal, end-to-end application security awareness program launched in 2012.
Chris has twenty years of experience in security, holding positions across the gamut, including application security, penetration testing, and incident response. Chris is a sought after conference speaker, with experience speaking at the RSA Conference, ISC2 Security Congress, AppSec USA, and many others. Chris holds the CISSP and CSSLP certifications.

AppSec Awareness: A Blue Print for Security Culture Change
How does an individual change the application security culture of an organization? By deploying an application security awareness program with engaging content, humor, and recognition. See the blue print for how you can build an application security awareness program based on real life experience. Change the security DNA of everyone in your organization.

Register Now!


Gold Sponsor Feature: Aruba, a Hewlett Packard Enterprise company

www.arubanetworks.com

@ArubaNetworks

Aruba Networks

Aruba, a Hewlett Packard Enterprise company, is a leading provider of next- generation networking solutions for enterprises of all sizes worldwide. The company delivers IT solutions that empower organizations to serve #GenMobile – mobile-savvy users who rely on cloud-based business apps for every aspect of their work and personal lives.

Come see us at RVAsec! Register now.

 


Speaker Feature: Troy Wojewoda

Troy Wojewoda

@wojeblaze

received_10207991712082913

www.linkedin.com/in/troy-wojewoda-92387183

Newport News Shipbuilding A Division of Huntington Ingalls Industries
Troy has been in the IT and Infosec industry for over 10 years working in a wide array of roles such as application and system administration, network intrusion detection, wireless security, host and network digital forensics and incident response. Today, he leads the incident response team at his current employment and is also focused on cyber intel processing, IOC hunting, advanced adversary tracking, malware analysis and custom tool development. When Troy is not cybering the things, he enjoys being in the outdoors, taking things apart, home brewing and spending time with his wife and children.

Troy currently holds a B.S. in Computer Engineering and Computer Science from Christopher Newport University and has multiple certifications, including: GSEC, GCIA, GCIH, GAWN, GREM, GCFA, GNFA, CISSP

Bro’s before Flows
During an incident response, acquired network activity is critical in attempting to fully identify the what, when, where and how of a given incident. Security practitioners often find themselves losing “the full picture” over time and therefore constrained to context-less logs to help explain an already complex problem. This talk will explore multiple levels of network data acquisition; from full packet capture solutions to rudimentary network logs such as routers and firewalls. We will attempt to find the acquisition “sweet spot” using tools such as the Bro IDS platform and how such tools can be tailored to your organization

Register Now!