Meeting: Wednesday May 20th, 2020 - 6PM
As we continue to observe social distancing due to Covd-19, our May meeting will be held online. Our topic is going to be DEVOPS.
Greg Leonard from Optiv will discuss the rewards of being a top-performing DevOps team as well as the challenges in managing security in a CI/CD pipeline. He will show how security can turn gates to guardrails by integrating security in all of the major phases of the DevOps lifecycle.
Greg Leonard is a technical director on the Application Security team in Optiv’s Threat Management practice. Greg’s role is to provide post-sales support and consulting to Optiv’s clients as well as providing support and mentoring to other Optiv team members. His primary responsibilities include web and mobile application assessments, application code reviews, application architecture reviews, vulnerability assessments and penetration testing.
Please RSVP Here
Meeting number: 796 388 688
Password: ISSANHMayMeeting (47726462 from phones and video systems)
Meeting: Wednesday March 18th, 2020 - 6PM
Due to circumstances beyond our control the March meeting is changed.
As many companies, organizations, and families make decisions to reduce their potential exposure to COVID-19, we are being forced to follow suit.
The good news is that we are still going to hold our monthly meeting, only we are going to change the topic and make it a virtual meeting.
We are polishing the details on the topic, but right now it is going to be focused on preparing your business/network for remote access, including Bandwidth, VPN, and Multifactor considerations. We will then open it up for discussion. Fortinet will remain our presenter, as well as we will have other experts on Infrastructure, Consulting, as well as our network of professionals all here to discuss and share experiences and suggestions.
We hope you make the time and join us to learn and share from the comfort of your home. We are taking advantage of Cisco’s Free Webex offer so we can get some face time.
Join Meeting Here
Hi Everyone, just a reminder that we have NO MEETING for February 2020.
The Groundhog didn't see his shadow and is predicting an early spring for us, so we have that going for us.
We have a live, hands-on class on how to configure NAC scheduled for our March meeting. This will be a valuable opportunity for people to get hands-on experience setting up this technology in a live lab.
Meeting: Wednesday January 15th, 2020 - 6PM
The new world of GDPR, a Data Map Journey
Danielle Sheer will share her playbook for creating a data map, provide an understanding of the people involved in the process and the challenges and opportunities she’s faced in the new world of GDPR, CCPA and other compliance frameworks.
Danielle served as General Counsel at Carbonite (NASDAQ: CARB), where she founded and developed its legal and data privacy/security teams, led Carbonite through its IPO and NASDAQ listing, established and scaled the global data privacy and security program, and successfully defended against patent troll litigations, a hostile takeover and activist shareholders. Currently Danielle is the General Counsel of Bottomline Technologies (NASDAQ: EPAY), a fintech company that helps business pay and get paid while making complex business payments simple, smart and secure.
Please RSVP on our Meetup page so we can plan for food.
Meeting: Wednesday December 18th, 2019 - 6PM
Holiday Social with SEA-TUG and ISSA
New Hampshire ISSA members and guests are invited to join us for our 13th Annual Holiday Social. SPECIAL LOCATION: Cisco Brewery (Formerly Red Hook) in Portsmouth, NH - Cost: $5.00 (Includes Appetizers and 2 Drink Tickets).
Please RSVP here so we can plan for the amount of food!
Meeting: Wednesday November 20th, 2019 - 6PM
HANDS ON THREAT HUNTING – AT SCALE
DESCRIPTION: The event allows attendees of all levels to have a hands-on experience of threat hunting.
A laptop with a modern browser will be needed in order to participate or feel free to hang out and learn secondhand by watching the speaker.
We will walk through examples on how to make threat hunting more attainable for all organizations and how can we develop advanced cyber threat hunting with a combination of human and machine. This combination offers the benefit of advanced cyber threat hunting - the ability to detect adversaries who are already in an enterprise’s network - but at scale. We will discuss how AI, machine learning and behavioral analytics make advanced threat hunting possible for all security professionals, regardless of the skill level.
This is a fun, competitive, and challenging environment. Prizes will be awarded.
Meeting: Wednesday October 16th, 2019 - 6PM
Firstnet - What it Means to Everyone
DESCRIPTION: Many are aware of the FirstNet program and driving force behind the initiative but in this session, Lisa will provide us a deeper understanding of the program, the technology and the impact to both first responders and consumers alike.
Meeting: Wednesday September 18th, 2019 - 6PM
SEGMENTATION MADE SIMPLE
DESCRIPTION: For all your ‘things’ on the ground, on the move, or in the cloud. This presentation is a deep dive into the fundamental flaws of TCP/IP as it applies to our modern world of complex cloud and IoT device networks. It outlines how Host Identity Protocol (HIP) challenges for systems that weren’t designed for the state of networking today.
Please RSVP here!
Meeting: Wednesday June 19th, 2019 - 6PM
Topic: Making a Difference.
DESCRIPTION: Making a Difference - shares proven organizational change practices providing a methodology and supporting tools based in the ADKAR and GE’s Change Acceleration Process (CAP) methodologies. This session will provide security and technology professionals with some useful tools to help facilitate and sustain organizational change.
Elyse Nielsen is the principal consultant with Webgistixs, a security consulting firm. Webgistixs advises companies how to improve management of their security portfolio achieving project delivery while improving financial and operational performance. Elyse has over a decade of experience driving organizational change through information technology. Elyse has consulted with Johnson Controls, Quest Software and Community Health Systems. Elyse has earned the Certified Information Systems Security Professional (CISSP) and a Project Management Professional (PMP). She serves as a treasurer for Maine ISC2.
Please note this will be our last meeting before our summer break. Be on the lookout for our Summer Social in August and our next regular meeting in September!
Meeting: Wednesday May 15th, 2019 - 6PM
Topic: Cloud Strength in Unity - Cloud and Application Security.
DESCRIPTION: With the adoption of digital technologies such as cloud, organizations need to evolve security programs and processes to be able to adapt and move at the speed of the business.
Please RSVP here: https://www.eventbrite.com/e/cloud-strength-in-unity-cloud-and-application-security-tickets-60851867574?aff=SEATUG
Meeting: Wednesday April 17th, 2019 - 6PM
Topic: Securely Grant Access to the Privileged Accounts.
Wednesday, April 17, 2019 from 6:00 PM to 8:00 PM (EDT)
DESCRIPTION: Every day, administrators of all types are logging in using privileged credentials to perform their work. In this session, we’ll examine why protecting this access has risen to the top of the priority list for many security organizations and why Gartner says it’s the #1 priority to focus on. We’ll examine security risks associated with hot topics related to privileged credentials, and introduce simpler and faster methods for protecting these accounts everywhere they are.
Please RSVP here: https://www.eventbrite.com/e/securly-grant-access-to-the-privileged-accounts-tickets-59676941338?aff=SEATUG
Meeting: Wednesday March 20th, 2019 - 6PM
Topic:YOU CAN'T PROTECT AGAINST WHAT YOU DON'T KNOW!
Wednesday, March 20, 2019 from 6:00 PM to 8:00 PM (EDT)
DESCRIPTION: Colin Little, a Senior Threat Intelligence Analyst, will be speaking about the importance of visibility and awareness in protection your network. Join us for an engaging discussion and participate in some professional networking afterwards, sponsored by Centripetal Networks!
BIO: Colin was born in Tucson, AZ and had been tinkering with computers ever since he was 11. His career really started when he joined the United States Marines, where he graduated top of his class in training and was assigned to an elite unit. Upon being deployed to the fleet he provided tactical communications support all over the world and began his specialization in cyber security. Throughout his tour of active duty he was honored for his actions in combat, and heroism in preventing possible loss of life during a flood in Okinawa. Colin was honorably discharged in 2014 and took great pleasure in starting raise a family. He was employed at his local state government as a cyber security analyst where he and his team distinguished themselves in a successful fight against the emergence of Ransomware. Today, Colin continues his career in the private sector and provides cyber security services to private industry as well as state and federal government entities.
Please use this link to RSVP
Last Meeting: Wednesday January 16th, 2019 - 6PM
Topic: ZERO TRUST
Zero trust is a security concept centered on the belief that organizations should not automatically trust anything inside or outside its perimeters and instead must verify anything and everything trying to connect to its systems before granting access. Join us in talking with Michael Falkenrath to learn why the zero trust model is creating a paradigm shift in the way companies approach network security.
Download the presentation here.
Speaker Bio: Michael Falkenrath is currently a solutions architect at Tempered Networks. Formerly a senior systems engineer for FireEye, Michael was responsible for architectural and technical consultation for the deployment of FireEye’s advanced malware security solutions. Prior to FireEye Michael spent 12 years with F5 Networks, contributing to F5’s success in several different departments across the company including within the professional services organization as a Network Support Engineer, a Senior Escalation Engineer and a Field Consultant. He then joined F5’s Federal Sales team as a Senior Systems Engineer and contributed significantly to the growth of F5’s federal business. One of Michael’s last positions at F5 was as Solutions Architect for F5’s Federal and Southeast teams. Michael's entire IT career has focused on networking, security and multiple facets of application delivery.
What to bring:
An open mind: These meetings are designed to engender discussion about relevant topics from our past, our present, and our future!
A stack of business cards: This group is all about making new contacts and expanding your professional network.
A friend/co-worker: We’d like to promote sharing information among the security community. Invite someone to attend this meeting for free!
Meeting: Wednesday December 19th, 2018 - 6PM - SPECIAL LOCATION
ANNUAL HOLIDAY ROUNDTABLE
SEA-TUG and NH ISSA members and guests are invited to join us for our 12th Annual Holiday Social RoundTable.
Wednesday, December 19, 2018
Time: 6:00-8:30 PM EST
Location: Cisco Brewery (Formerly Red Hook) in Portsmouth, NH
Cost: $5.00 - Includes Appetizers and 2 Drink Tickets
Please join us to expand your professional network and join discussions on security trends with some of the best and brightest Information Security professionals in the area.
We hope you can make it - if you can, please sign up with this link.
Meeting: Wednesday November 14th, 2018 - 6PM
Topic: Detecting Attack Techniques Such As Lateral Movement Using Admin Shares
Detecting Attack Techniques Such As Lateral Movement Using Admin Shares
How can we use security analytics, machine learning, anomaly detection and other techniques to detect various attack vectors such as lateral movement using administrative shares? Professor Oleg Kolesnikov will be sharing his experience, insights and lessons learned!
Please sign up at: Eventbrite.
Speaker Bio info is available at our Meetup page.
Meeting: Wednesday October 17th, 2018 - 6PM
Topic/Speaker: TRIVIA NIGHT! NEWS, TECHNOLOGY, MOVIES, PRIZES!
In lieu of the speaker that was supposed to be presenting this Wednesday both ISSA NH and SEATUG have decided to host a trivia night! The night’s festivities will include trivia regarding current events, milestone events, movie trivia… and of course prizes!
What to Bring:
1) An open mind - the social format promotes sharing of ideas and thoughts about relevant security topics of the day.
2) A stack of business cards- this group is all about making new contacts and expanding your professional network.
3) An appetite -we will be providing food and refreshments!
4) A friend/co-worker - we’d like to promote sharing information among the security community. Invite someone to attend this meeting for free.
Meeting: Wednesday September 19th, 2018 - 6PM
Ransomware is on everyone's mind, what are the new tactics?
Jeff Stutzman (Chief Intelligence Officer for Waypack Labs, LLC) will be discussing a large scale breach in a major energy company that was taken offline for over a week. This story may seem old, but the tactics are new. This will be more of a story telling session, and if you know Jeff, he is well versed, excited about the defense, and being efficient in leveraging available resources.
Stutzman's career began as a Naval Intelligence Officer and later evolved into working with companies like Cisco and Northup Grumman to protect their information from the threats that exist in cyberspace.
Download the deck here.
Previous Meeting: Wednesday May 23rd, 2018 - 6PM
Case Study: Using Security Onion as a Forensic Tool
Doug Burks (former president of Augusta, GA chapter of ISSA, and co-founder of Security B-Sides Augusta), creator of Security Onion, will present a case study where Security Onion was used to reconstruct the scene of the crime of the RSA breach from a few years ago. This will be an engaging, enlightening, and entertaining presentation.
April Meeting: Wednesday April 18th, 2018 - 6PM
Doug Brecher and Brendan Miles of Endgame will present "Practical Application of Advanced Security Frameworks (Unpacking the Mitre Attack Matrix)"
This will be a technical (non-product related) discussion.
For background info, check out Mitre's Attack Threat Matrix at https://attack.mitre.org/wiki/Main_Page and Lockheed Martin's Cyber Kill Chain at https://www.lockheedmartin.com/us/what-we-do/aerospace-defense/cyber/cyber-kill-chain.html)
Red Team Automation
A modern model for cyber adversarial behavior
Presentation deck coming soon...
Meeting Recap: Wednesday February 21st, 2018 - 6PM
Hands-on Cyber Threat Hunting Challenge with RSA
Crossover meeting with Information Systems Security Association (ISSA) NH
As always, thanks to our support organizations: Great Bay Community College (facilities) and Alexander Technology Group (food and beverages)!
We had a great meeting with over 40 attendees - Thank you to everyone for attending and bringing your enthusiasm and professionalism.
Walter Abeson and the NYC team from RSA brought along 3 PCAP files for us to analyze with Netwitness and guided us through the process.
Working together in teams, we were able to decode the files, interpret the data, and capture the flag(s)!
If you'd like to download the (free) tool, the files, and the questions (and answers), click the links below.
Download RSA Netwitness (free registration required)
Download Netwitness Quick Start
Download Questions and Answers
Download phishing PCAP
Download drive-by PCAP
Download web shell PCAP
(Please rename *.pcap.txt to *.pcap after downloading).
If you'd like to connect with RSA, please be sure to mention this SEA-TUG and ISSA-NH event, and reach out to:
Shane Quintard (Systems Engineer) Shane.Quintard@rsa.com or Joe Gries (Sales Representative) Joseph.Gries@rsa.com
Meeting: Wednesday February 21st, 2018 - 6PM
Hands-on Cyber Threat Hunting Challenge
Crossover meeting with Information Systems Security Association (ISSA) NH
There is no cost to attend, but we ask that you RSVP for this event!
Walter Abeson from RSA will take us through a live event showing us how to hunt for threats on the network, guide us through a hands on demonstration, and facilitate a team challenge.
Using your skills and industry tools including RSA NetWitness, you’ll hunt for answers through data exploration and investigation.
- Experience investigating a real incident with RSA NetWitness.
- Learn tips and tricks for threat hunting from RSA experts.
- Compete with, learn from, and network with like-minded professionals.
We will be breaking in to 5 teams, so we'll be looking for 5 people to be team leads. Please email email@example.com if interested in being a team lead. All participants will have access to the software following the meeting but computers for the event will be provided.
Participants will work alongside each other competing and learning in a challenging forensic analysis of a variety of real-world use cases.
Walter Abeson is a Systems Engineer with RSA Security, focused on threat hunting and incident response, located in New York City. Prior to joining RSA, Walter was the Technology Manager for Black Hat, responsible for the NOC and overall security posture.
Meeting: Wednesday January 17th, 2018 - 6PM - CANCELLED
THIS MEETING WILL BE RESCHEDULED...
Delivery of IT Software in the Face of Compliance
Presented by Ed Webb from Liberty Mutual. Eddie is the Director of Engineering, for Liberty Mutual’s central software delivery platforms encompassing CI/CD, DevOps and Public cloud adoption. Hos team's mission is to eliminate friction and waste from the path to production, and make way for innovation and rapid iteration, from ideation to delivery. Eddie will talk about some of the ways he has seen the culture and cooperation of teams evolve, and the shift in security and compliance policies to take advantage of centrally controlled continuous integration and delivery pipelines.
Meeting: THURSDAY December 14th, 2017 - 6PM
Our December meeting will be a Holiday Social on a special night. Come join your SysAdmin and CyberSecurity peers for some food, drink, and discussion.
PLEASE NOTE: WE REQUIRE AN RSVP FOR THIS MEETING. PLEASE SIGN UP AT THIS LINK:
Meeting: Wednesday November 15th, 2017 - 6PM
Examining United States Readiness for Cyber attacks on the Power Grid. Are We Ready?
Jan Dyment will be presenting her research on the vulnerabilities of the US power grid and we'll discuss what we can learn from this, how this compares to our own infrastructures, and what we can do to mitigate risks.
This will be another crossover meeting with ISSA-NH.
Special Event Notice: Our friends at SMMUG (Southern Maine Microsoft User Group) are holding a special event in Portsmouth on November 8th at 4pm (at Redhook). Topic: Desktop as a Service - Reality or Myth for Public Cloud. This session of SMMUG will dive into the pros/cons of Public Cloud as a platform along with a roadmap discussion of where Citrix is taking Citrix Workspace Cloud, Citrix Essentials, and other technologies. The event is free, but an RSVP is required.
Meeting: Wednesday October 18th, 2017 - 6PM
This month we'll have another crossover meeting with our friends at ISSA-NH as we discuss the topic of vulnerability management.
First up, Derek Rolfe, Manager of IT for Phillips Exeter Academy gave a Sysadmin Field Report with his experience implementing Nessus in his environment.
Secondly, Peter Streips from Contextual Security provided some commentary on Common Attacks and examples of what his company has seen in the course of performing vulnerability assessments.
Download the deck here.
Meeting: Wednesday September 20th, 2017 - 6PM
SEA-TUG is excited to announce our first cross-over event with the NH chapter of the Information System Security Association!
Topic: “Managing Log Data"
Join us for a discussion (and interactive workshop) on the history of logging up to current day SIEM. We'll talk about the selection of tools for regulated and non-regulated environments to drive improvements in IT Security Operations, and techniques for using automation to wade through an ever-growing mountain of data using examples from the audience, as well as chat about the primary data required for emergency response during ongoing breach events.
Our guest presenter is Jason Sgro, Managing Partner and Chief Strategist of The ATOM Group right here in Portsmouth.
We've added a 2nd presenter, Michael Leland, SIEM Evangelist for Mcafee, who will discuss Using Log Data to Identify Insider Threats.
This will be a highly interactive session with knowledge sharing and networking opportunities. We hope to see you there.
Download copies of the presentation decks here:
1- Intro Deck
2- Jason Sgro - Logging Presentation
3- Michael Leland - Data is the Answer (What was the Question?)
PLEASE NOTE: If you have not joined our Meetup group, please do in order to continue getting notifications about upcoming meetings: http://meetup.com/sea-tug
We welcome your feedback on the meeting, format, venue, content, presenters, food, schedule, and the new crossover with ISSA. SEA-TUG exists for your benefit, please let us know what we can do to make the group more effective for you. Contact Steve at firstname.lastname@example.org.
Summer Break - July/August 2017
Meeting: Wednesday June 21st, 2017 - 6PM
Topic: “Automating Yourself to The Unemployment Line: How I learned to stop worrying, and love DevOps”
Presented by Ben Hamilton, fellow sys-admin for Idexx labs in Maine.
This will be a chat on Ben's experience about coming on as a System Administrator right at the beginning of Idexx's DevOps adoption, and how the team and the organization have fostered DevOps culture. There may also be various philosophical views which are important for SysAdmins to embrace in order to do DevOps successfully.
Download the INTRO deck or the PRESENTATION deck.
Note that we will skip July and August meetings; this will be the last meeting until September 2017
Meeting: Wednesday May 17th, 2017 - 6PM
Securing Your Organization - Where Do You Start?
Here's the scenario: You're given 3 months and $50,000 to improve your organization's security posture. George Magee will lead us through a discussion on what to focus on, how to determine what's most important, and discuss some strategies to make multiple quick-hit wins given the constraints.
Every organization will have different priorities - this is intended to be a highly interactive discussion.
Great meeting, everyone. Loved the interactivity and connections being made. Huge shout out to George Magee for leading the discussion. Here's the "Wannacry Fact Sheet" I mentioned - I'll upload the Wannacry deck I put together after I update and scrub it.
Download the files: Main Deck; Top 20 Controls Document, Top 20 Controls Matrix
Meeting: Wednesday April 19th, 2017 - 6PM
Building Windows Images with MDT
Presented by Tobin Weltin - download the deck here.
Tobin provided an overview and a live demo of making images and deploying them to new hardware as well as the tools involved and ways to customize the installation. As an added bonus he also covered using MDT to deploy applications to clients and via an end-user self-service portal.
Meeting: Wednesday March 15, 2017 -- CANCELLED DUE TO NOR'EASTER
3 Mini-Topics: 1) Favorite tool(s) of the month, 2) Analyzing data with Excel, 3) Using WDS and MDT to deploy Windows 10
This month we'll have 3 mini-topics to entertain and educate.
Meeting: Wednesday February 15, 2017
We've covered this topic before, but it seems to be a popular discussion topic. Greg Ross, a Systems Engineer for Paessler AG (the company that makes PRTG) will be in town to lead a discussion on best practices and provide us with some ideas of things that can and should be monitored. We'll also have a panel of your peers on hand to discuss and compare performing similar tasks with different tools and comparing features/benefits of several tools. We have several members who have volunteered to talk about PRTG, Solarwinds, Nagios (and variants), and other tools. Please be ready to talk about your own experience and bring questions about how/what to monitor in your own environment. This is not a sales event for PRTG, but it will likely be used in the demonstration portion of the meeting by default.
Meeting: Wednesday January 18, 2017
Understanding Wireless Networks
We all have wireless networks and we all know how imperfect wireless connectivity can be, but do you know how to tune your wireless network for optimal performance? Do you understand RSSI, SNR, and wireless bands? If you would like to improve your understanding of wireless concepts and how to enhance the end user experience come to the SEA-TUG meeting on January 18th at 6:00 pm at Great Bay Community College (Pease). Mark Waruszyla from Focus Technologies will be reviewing these concepts and sharing best practices for wireless optimization. Mark is an experienced engineer and thrives on group discussions, so bring the wireless questions that have been nagging at you for years.
Download the deck here.
Special Event Notice: NH ISSA Meeting 11/17/16 - See http://www.issanh.org/ for more info.
Meeting: Wednesday November 11, 2016
Holistic Security: Defining and Defending Against Multiple Attack Vectors
Craig Taylor, CSO for NeoScope will lead a discussion on defining and defending against attacks. This is intended to be an interactive session where Sea-Tug members can discuss what they're dealing with and discussing tactics, techniques, and even tools to defend your users and environments from attacks and other risks.
Download the deck from tonight's meeting here.
Special Event Notice: SMMUG (Southern Maine User Group) was founded in 2009 and normally meets in Portland. This month they're holding a special event on November 10th, at the 100 Club in Portsmouth from 4:30 to 6:00pm. Topic: Digital Transformation – Start in the Cloud and End at the Desktop. For more information, contact Tricia Richardson at email@example.com (an RSVP is requested).
October Meeting: Wednesday, 10/19/16 at 6:00pm
Monitoring the Evolving Datacenter (Private, Public, and Hybrid Cloud)
We're excited to announce this month's topic and speaker. SEA-TUG's own Mark Cassinelli, Manager of On-Demand Platforms at Amadeus Hospitality (Newmarket Software) will be sharing his experience with monitoring Private, Hybrid and Public Cloud environments. He'll discuss toolsets and methodologies as well as incident management and change control for continuous deployment and DevOps environments.
Please join us for education and networking with your local IT peers.
Download the deck from tonight's meeting here.
September 21, 2016!
Evaluating Hyper Convergence
Download the Intro deck, the main presentation (coming soon), or the Excel-based Hyperconvergence evaluation tool.
Sea-Tug is BACK and the team is looking forward to seeing everyone again! We have a new steering committee in place and we're very excited to announce the next scheduled meeting of Sea-Tug as follows:
When: Wednesday September 21, 2016 at 6:00pm
Where: Great Bay Community College (Pease Campus), 320 Corporate Drive, Portsmouth NH 03801
Topic: Evaluating Hyper Convergence
Speaker: P.J. Soucy, VF Corporation (Timberland)
PJ will present an analysis of Hyper-Converged platforms and the methodology he used to determine if this technology was a good fit for VF Corp. We’ll also have a round table discussion of Hyper-Convergence and the experiences of other Sea-Tugians with this technology. There will be no sales presentation at this meeting.
Please note: We are consolidating our online presence to this website and MeetUp. You can find the Sea-Tug group, including contact information, at http://www.meetup.com/SEA-TUG. We are discontinuing the use of the broadcast emails, all meeting notifications will come from MeetUp.
Please reach out if you have any input or interest in participating in organizing the future of SEA-TUG!