The Security Implications of Intels Active Management Technology with Gordon Bader SWCSF 2019-05-29 | Intel Active Management Technology (AMT) is hardware and firmware technology for remote out-of-band management of personal computers, running on the Intel Management Engine, a separate microprocessor not exposed to the user, in order to monitor, maintain, update, upgrade, and repair them.
How to factory reset a MikroTik Cloud Router SWCSF 2024-09-24 | Here are the simple steps to factory resetting a Mikrotik Cloud RouterYou just need a paperclip or something small and pointy.This process will allow you to login with the default password of admin/(no password) and still retain the original configuration as a backup configuration so you can see it. This is probably want you want if you have a device that you inherited as part of your network but you don't have access to it but still want to know what the original configuration was.If you hold the button longer, until the green light *stops* blinking, this will wipe the existing configuration and be a true reset. This is what you probably want if you are decommissioning the system or selling it to a 3rd party. Be aware that the reset button is small and square piece of plastic recessed in a round hole, so you have to be delicate and intentional and make sure you press it without your small pointy thing slipping off to early, in which case the reset won't work. Fortunately, this system boots up within less than 15 seconds so it is easy to try again.Video is a little out of focus but you get the idea.
Erik Graham Cyber Thread Rundown SWCSF 2022-08-01 | Erik covers all cybersecurity news of note for the monthly meeting of the SWCSF with his uniquely entertaining style
ISO IEC 27701:2019 Security Techniques - Overview and Implementation SWCSF 2022-08-01 | Chances are you haven't heard of the new ISO Extension for privacy information management but it promises to fill an important gap for large organizations that are struggling with how to protected PII, maintain compliance in a shifting regulatory landscape and maintain the trust of their client base. Neelov Kar is a recognized expert in information security & data privacy and will help the group understand the important aspects of the PIMS standard and what are the right questions to ask as you begin to plan an implementation.by Neelov Kar, SecureaStar Consultant
Weird Machines SWCSF 2022-08-01 | What happens when you try every conceivable input into an application? Well, things get weird, fast. With larger and faster computers and more sophisticated software, there is a lot you can make programs do that the original author didn't intend and the implications go beyond typical security as adversaries can actually theoretically create a programmable computer inside your application, that they controlAll this brings up the need to have provably secure code, if that is even possible.Join Elio as he dives deep into the new realm of security.by Elio Grieco, Founder, CEO, egx
Using Yara: The Swiss Army Knife for Malware Detection, by Tim Garcia, SANS Instructor SWCSF 2021-11-07 | Using Yara and yarGen for Malware huntingTopic: As a long standing presenter of "Tool Time with Tim" and a official "Friend of the Forum", Tim will present on the use of the GitHub projects Yara and yarGen to hunt malware in enterprise environments. While separate projects, yarGen helps generate rule sets to use in Yara to detect and identify Malware signatures in network traffic.As another SANS instructor and security professional for prominent financial organizations, Tim has years of experience managing security in complex enterprise environments.Expect a fast paced and dynamic presentation as Tim takes a deep dive into these specific tools that most security professionals overlook.Bio: Timothy Garcia is a seasoned security professional who loves the challenge and continuously changing landscape of defense. Tim started his career as an engineer in IT and after working on a few security incidents related to Code Red and Nimda; he realized he had found his calling. Tim currently works as an Information Security Engineer for a Fortune 100 financial institution where he provides security consulting to project teams to ensure security of IT operations and compliance with policies and regulations. Tim also leads the team that is tasked with Firewall review, SIEM management and privileged access monitoring and policy compliance. Tim has worked as a Systems Engineer and DBA and has expertise in systems engineering, project management and information security principles and procedures/compliance. Tim previously worked for Intel and served in the United States Navy. Tim also works with the OnDemand team as an SME, is a mentor for the Vet Success program and provides consulting and content review for the Securing the Human project within SANS. Tim is a contributor to the Arizona Cyber Warfare Range and works with the local security community giving monthly talks, when not teaching for SANS, on information security tools and techniques.More about Tim: sans.org/profiles/tim-garcia
Automating the SOC: Practical Examples and Tricks by Justin Henderson of H&A Security Solutions SWCSF 2021-11-06 | Justin will present the shortcuts that anyone running a SOC needs to know in order to streamline operations through scripting and automation.As a SANS instructor and the author of SEC555 and co-author of SEC455 and SEC530, Justin is uniquely qualified to present to the group on this topic and we couldn't be more excited to have him joining us this March 1st.Additionally, he is planning on providing a virtual download so any attendees that wish, can follow along with his examples. A free version of VMWare player will be required to run the Linux lab environment on your local system which you can get from here.Note, that you do not HAVE to download the lab, in order to get value from the presentation and can just follow along with Justin if you wish. BIO: Justin is the co-founder of H&A Security Solutions, LLC, a company that deploys, maintains, and tunes SIEM, NSM, and other solutions for organizations. Justin also maintains one of the largest security onion deployments in the world with over 1200 network sensors. He is a passionate security architect and researcher who’s experience in cybersecurity started at the age of thirteen when he began providing professional services to organizations.With 60+ certifications (GSE # 108, Cyber Guardian Blue and Red, CISSP, ITIL Expert, MCSE) Justin was the 13th GSE to become both a red and blue SANS Cyber Guardian. Justin has been through a lot of training and says that SANS instructors are the best he’d had the privilege to learn from. Becoming a SANS instructor became a personal challenge to see if he had what it takes to join the ranks of those before him.More about Justin: sans.org/profiles/justin-hendersonyoutube.com/channel/UCCtOSdF1YCUeh_lsbPWIQoQ
Cyber Security Review March 2021 with Erik Graham SWCSF 2021-11-06 | Erik covers all cybersecurity news of note for the monthly meeting of the SWCSF with his uniquely entertaining style
What it takes to win the war on cybercrime, by Jack Blount SWCSF 2021-10-28 | Jack B. Blount, President & CEO of INTRUSIONThe report released by the United States of America Cyberspace Solarium Commission last March opens with a chilling warning. “Our country is at risk, not only from a catastrophic cyberattack but from millions of daily intrusions disrupting everything from financial transactions to the inner workings of our electoral system.” Already a costly risk with $3 trillion lost to cybercrime in 2019, Cybersecurity Ventures predicts damages will cost the world $10.5 trillion annually by 2025. This is punctuated by the recent Solar Winds hack that ultimately led to the breach of thousands of businesses and government entities. Make no mistake, cybercrime has now escalated to cyberwarfare.Clearly, no company stakeholder can afford to take a casual stance on cybersecurity. However, resource deficiencies force many to focus only on patching noticeable cracks in the levee because the task of identifying and fixing every trickle seems impossible. Thankfully, in the face of daunting odds, it is possible to fight back and secure your organization’s reputation and intellectual property. Listen as Jack B. Blount explains how his experience as CIO in the federal government gave him a perspective on cyberwar – and how what he learned can help your business stay safe.BIO: Mr. Jack Blount has an extensive career in technology as a visionary in the personal computer, local area networking, ERP, mobile computing, big data, cybersecurity, and AI. Blount began his career as an engineer at IBM. Mr. Blount was recruited from IBM to be the SVP of Business Development at Novell in the 80’s where he helped expand its business from $50M to $2B in just six years. Blount served as the CTO, COO, and CEO of 8 technology, turnaround companies. Blount has also served on twelve technology company Board of Directors of which five were public companies, and he served as Chairman of five of the companies.Blount was also recruited in 2013 to serve as CIO in the federal government where he was responsible for designing a new 10-layer cyber security architecture that protected over one hundred thousand employees and billions of dollars. Blount has traveled around the world many times doing business in over 40 countries and has been a speaker at many public conferences in China, France, Germany, Norway, Russia, and the United States. Blount graduated from Southern Methodist University with a degree in Mathematics and did his graduate MBA studies while working at IBM.
De-Platform the Internet: Moving away from centralized platforms by Elio Grieco SWCSF 2021-10-27 | Elio is Co-founder and CEO of egx.orgBased on a recent article co-authored by Elio Grieco and Christina Eichelkraut“We thought we were going to surf the internet. Instead the internet serf’d us.”While inarguably the greatest invention in human telecommunication to date, the early idealism and utopian promise of the internet has given way to a profit-driven, algorithmically manipulated echo chamber that is starting to cause harms in the real world.How did we get into this state of affairs, and more importantly, how do we get out of it.The real-life gore wrought by algorithmsCommunications Decency Act Section 230Centralization and CensorshipProtocols over Platforms
Cyber Threat Update with Erik Graham - February 1st, 2021 SWCSF 2021-10-27 | Erik will cover all cybersecurity news of note since the last meeting with his uniquely entertaining style.SAP CVE-2020-6207 vulnerabilityMAZE Exfiltration Tactic - ExtortionSolarWinds attackers hit O365 mailboxesMalwarebytes: SolarWinds hackers read our emailsVIPGames.com had a wide open Elasticsearch Server exposing 30GB of user data including 23 million records for 66,000 users.Manufacturing giants suffers major cyber disruptionMore security vendors admit to SolarWinds attacksA fifth of Sunburst Backdoor victims from manufacturing industry.66% of workers risk breaching GDPR by printing work related docs at homeReturn to SMS as a security featureCISA warns of cloud attacks exploiting poor cyber-hygieneResearchers spot SonicWALL exploit int the wildDefense more effective than offense in curbing nation state threat actors (APT's)Facebook sues devs of alleged data-scraping Chrome extensionsIntel: Earnings / financials leaked prior to public release potentially enabling insider trading.Mastercard introduces quantum-resistant specs to enhanced contactless security.
Solarwinds Breach - 2020, Discussion with the SWCSF.org Part 2 of 2. SWCSF 2021-10-26 | PART 2 OF 2 - Erik will cover all cybersecurity news of note since the last meeting with his uniquely entertaining style with a special emphasis on the 2020 SolarWinds breachAlert (AA20-352A) Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector OrganizationsIn mid-December of 2020, an unprecedented cyber breach by an APT (Advanced Persistent Threat) Actor was disclosed by SolarWinds relating to its Orion software. With 300,000 customers, many of which are Government entities and Fortune 500 organizations, the potential scope and breadth of the impact exceeded all past events. The full extent of the breach is still being investigated and many organizations have been scrambling in December to remediate it. Even those not directly affected because they are not using the Orion software have to assess their supply chain dependencies and update their vendor risk assessments. We have decided to dedicate our 2nd time-slot to a run down of what is known about the breach today, including tools and methods used, the scope of the breach, impact, ongoing remediation and lessons learned going forward.Ref: us-cert.cisa.gov/ncas/alerts/aa20-352a
Cyber Threat Rundown with Erik Graham - 2020-12 SWCSF 2021-10-26 | Erik cover all cyber security news of note since the last meeting with his uniquely entertaining style.+ Extensive discussion by forum members regarding the new California laws and the implications for business.
Cyber Threat Update + Review of the December 2020 Solarwinds Hack with Erik Graham and the Forum SWCSF 2021-10-26 | PART 1 OF 2 - Erik will cover all cybersecurity news of note since the last meeting with his uniquely entertaining style with a special emphasis on the 2020 SolarWinds breachAlert (AA20-352A) Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector OrganizationsIn mid-December of 2020, an unprecedented cyber breach by an APT (Advanced Persistent Threat) Actor was disclosed by SolarWinds relating to its Orion software. With 300,000 customers, many of which are Government entities and Fortune 500 organizations, the potential scope and breadth of the impact exceeded all past events. The full extent of the breach is still being investigated and many organizations have been scrambling in December to remediate it. Even those not directly affected because they are not using the Orion software have to assess their supply chain dependencies and update their vendor risk assessments. We have decided to dedicate our 2nd time-slot to a run down of what is known about the breach today, including tools and methods used, the scope of the breach, impact, ongoing remediation and lessons learned going forward.Ref: us-cert.cisa.gov/ncas/alerts/aa20-352a
Quantum Physics Update: Quantum Cryptography by Jim Moore SWCSF 2021-10-26 | Hang onto your Q bits. This is going to be a faced paced 42 minute presentation on Quantum Encryption. Jim Moore (MBA, MCIS, MCSE, CISSP) is back with an update on progress underway in the world of Quantum Computing. If you missed Jim’s presentation last year introducing us to Quantum Physics, we’re sure you’ll be interested in hearing what he brings us as he continues to get the word out on Quantum Computing. Topics include: An update on Quantum Computing, progress to date, Dispelling common myths and misunderstandingsQuantum Encryption fundamentalsHow QE compares to common classical encryption The role of error checkingPossible Quantum Encryption methodologies being considered for the futureInternational race for Quantum SupremacyCompanies, Institutions, influencers and thought leaders to keep an eye onTakeaways and tips for how to stay up to date
Stories from the Trenches: Running a Cybersecurity Practice by Ford Winslow SWCSF 2021-10-25 | Ford will share recent experiences from the field surrounding his and his team’s work creating sustainable cybersecurity programs for companies large and small in a variety of industries from Life Sciences, Healthcare, Construction, Software and others. Ford will discuss what has changed for these companies since he last presented to SWCSF a year ago including how they are adapting their Cybersecurity programs in light of COVID-19, new threats and the ever-increasing wave of Ransomware. Ford will share what approaches are working and what has not worked as companies are adapting to new WFH patterns while continuing to service customers & patients and meet compliance requirements. Attendees will leave with specific takeaways they can begin implementing immediately in their organizations. Speaker BioWith over two decades of professional experience in information technology and business management, Ford Winslow has been a thought leader in the related fields of cybersecurity, cloud, and IT services since their inception.ICE Cybersecurity, the San Diego-based firm he founded in 2016, specializes in managed cybersecurity and advanced cyber protection programs for organizations in heavily regulated industries.Over the past two decades, Mr. Winslow has held technology leadership positions in the cybersecurity, cloud, information technology, risk management, life sciences, financial services, healthcare, non-profit, and retail Industries, where he has consistently delivered value through the latest break-throughs in technology.Prior to launching ICE Cybersecurity, Mr. Winslow served as Chief Risk Officer, of a San Diego-based cloud and managed services provider. He is the co-author of “Good Informatics Practices,” a best-practices training guide for the life sciences and healthcare industries.In addition to his professional duties, Mr. Winslow serves as an advisor to a number of startups focused on cybersecurity, blockchain, internet of things (IoT), and emerging technologies. He is an advisor and mentor with CyberTECH, a San Diego-based network of tech-inspired startups and early-stage firms.Mr. Winslow is an active member of the local community, supporting social organizations and charities benefiting a variety of worthy causes. His spare time is spent with family, on the golf course, playing music, or cooking. Ford studied computer science and information systems management at the University of Maryland.
Zero to Hero - A Python Story, by Casey Reid, Principal Security Architect with Tenable SWCSF 2021-10-25 | Should security professionals learn Python and have a GitHub account? Casey thinks so and will share his personal journey developing the open source project called navi, which is now used by numerous fortune 50 organizations to support their vulnerability management programs.Early in Casey's cyber security career, he found himself shut out of more than one opportunity due to a lack of scripting skills and at a distinct disadvantage in competing for lucrative cybersecurity positions. As a result, he invested in learning Python. After joining Tenable, he identified some unfilled needs in the product feature set so as a personal initiative developed an open source project called navi which provides a number of command line tools to extend and enhance the Tenable.io vulnerability scanner and has posted it on GitHub where he actively supports the project with bug fixes. Is Casey a professional developer? Nope. Is he trying to sell or promote navi or Tenable.io? Nope again. Does he have an interesting story to tell about creating a new tool to both fill a feature gap with a commercial security product as well as reinforce his scripting skills, all while contributing to the open source community, and why you should consider the same? Yes!Navi - The Tenable.io Swiss Army Knife (208 commits)github.com/packetchaos/naviA command-line tool which leverages the Tenable.io API to automate common tasks in Cyber Exposure or Vulnerability Management.Bio:Casey has been involved in various IT related disciplines until about 5 years ago when he settled on cyber security and hasn't looked back since. He has consistently advanced his skills and career path and is now is one of three Principle engineers at Tenable and is an internal visionary with some measure of responsibility or influence for all aspects of Tenable operations.Casey currently holds the following cyber security related certifications.Tenable Certified SCCV Sales EngineerQualys Vulnerability Management SpecialistGIAC Web Application Penetration Tester (GWAPT)GIAC Certified Penetration Tester (GPEN)Certified Ethical Hacker v9Red Hat Certified System AdministratorSecurity+| ce (SY0-401)
Inconceivable! Nightmares in Data Center physical management and risks involved with availability SWCSF 2021-10-25 | By Rich Larkins, Principal Staff Network Systems Engineer and CISSPDo you really think your data center is resilient enough? Do you ever consider the physical plant in your risk assessments? This presentation will give you some insights, based on practical experience, into what really can go wrong in your data center, despite the most sincere and heartfelt promises by your colocation providers sales force. Bio:Rich Larkins is a Senior Principal Staff Network Systems Engineer and CISSP with way too many expired Cisco certifications to care anymore. He has designed and implemented data centers and networks in over 10 countries on 4 different continents and has broken others all over the U.S. Rich has also been known to have been associated with various Cyber Security folks and organizations through the years, though most won't admit it. Contrary to ISSA PHX chapter's memorial scholarship to the National Conference named after him, he is not dead yet..He lives in Scottsdale Arizona with his wife Patricia, and their rescue 3-legged Cocker Spaniel with no teeth, Orion. Any tributes, stipends, and/or gifts should be in Single-Malt Scotch older than your kids.
Cybersecurity Challenges for Community Banks by Scott Edwards SWCSF 2021-10-25 | Scott Edwards CEO of Edwards Valen & Associates, LLCWith co-presenter, Abel SanchezScott will discuss some of the unique cybersecurity challenges banks face. He will share his perspective on helping financial institutions meet federal regulatory requirements as well as the hurdles he has overcome in teaching financial institutions to maintain sound operating practices.Speaker BioScott brings over thirty years of financial consulting to financial institutions to the table. His professional reach spans companies in Arizona, Colorado, Texas, and New Mexico and includes positions such as CEO, Partner, Vice President Loans and Operations, Director Internal Audit, Interim President, and Advisory Director.When he is not busy providing financial consulting to community banks, Scott is busy leading strategic planning retreats, where he assists management in evaluating potential acquisitions and mergers. There are very few areas of a financial institution where he doesn't possess expertise.His education & professional attainments include being a CPA and obtaining a bachelors degree in accounting from the University of Arizona.
Cyber Threat Rundown with Erik Graham - 2021-06 SWCSF 2021-10-13 | Erik covers cyber security news of note since the last meeting with his uniquely entertaining style.
Ending the Talent Wars: Hard Truths about the Talent Gap and Security 2.0 SWCSF 2021-10-13 | by Kim L. Joes, Director of Security Operations at Intuit and recently affiliated with the Boise State University Institute for Pervasive CybersecurityOur profession is at war with itself over strategies on how to bridge the perceived security talent gap. This conflict is rife with misperceptions, partial communications, and incomplete data – all of which serve to create confusion within the marketspace. In this presentation, we will look at all sides of the talent war and discuss how a “both-and” solution is the most appropriate. We will also look at the hidden pitfalls and necessities of the most prominent talent approaches and what practitioners and organizations must do to overcome themBio: Kim L. Jones is a 34-year intelligence, security, and risk management professional with expertise in information security strategy, governance & compliance, security operations, and risk management. Mr. Jones is a former Chief Information Security Officer who has built, operated, and/or managed information security programs within the financial services, defense, healthcare, manufacturing, and business outsourcing industries. He is also the principal architect of one of the cybersecurity degree programs at Arizona State University.Jones holds a Bachelors Degree in Computer Science from the United States Military Academy at West Point, and a Masters Degree in Information Assurance from Norwich University. He also holds the CISM, CISSP, and CDPSE certifications.linkedin.com/in/kimjones-cism
Cross-Fire Debate between Elio Grieco and Erik Graham! SWCSF 2021-09-13 | Erik and Elio will engage in a lighting debate on some or all of the following topics so fasten your seatbelt as it will be quite a ride... EG vs EG 2 minutes each taking the position for or against (or in the middle?)Questions/Comments by Forum.Debate Topics:Password Managers, Yes or No?Should home users encrypt their hard drives?Google can do a better job protecting my info than I can?AI/ML in will result in a lower fatality rate vs human operators by 2030?Cyber Security will be transparent to the end user by 2040?The problem of anonymity on the Internet will never be solved?
Executive Protection at Home Is the Major Gap in Cybersecurity, by Dr. Chris Pierson SWCSF 2021-09-13 | The unprecedented level of cybersecurity risk today extends far beyond the four walls of the enterprise. There is no longer any difference between personal and corporate protection when it comes to members of the executive team and board. High-level individuals now have a single, unified digital life, and senior leadership working from home has become the soft underbelly of corporate cybersecurity. The homes of the executive team have become the new battleground for the corporation. CEOs and their CISOs need to extend the defense perimeter and protect the entire digital lives of senior leadership. It is the right thing and the smart thing to do in today’s threat environment. Attendees can expect to learn:Compelling metrics for the level of risk to the company from executives in their personal digital lives An understanding of how to extend the defense perimeter to encompass the new battlefront in the home in a way that protects the privacy of the executiveThe CISOs and CEOs roles in protecting their company by protecting the digital lives of executives, board members, and key personnel.Speaker Bio:Dr. Chris Pierson is the Founder & CEO of BLACKCLOAK - a Concierge CybersecurityTM & Privacy protection suite for high-net-worth individuals and top C-Suite executives. Chris has been on the front lines of cybersecurity and fighting cybercrime for over 20 years - - with DHS, as President of the Federal Bureau of Investigation’s Arizona Infragard, as the Chief Privacy Officer for the world’s 3rd largest bank, and in various other roles as a Chief Information Security Officer for financial companies. He currently serves on the Department of Homeland Security’s Privacy Committee and Cybersecurity Subcommittee and is a Distinguished Fellow of the Ponemon Institute.
SWCSF Threat Rundown 2020-10 SWCSF 2021-09-13 | Erik Graham covers all the cybersecurity news of note since the last meeting with his uniquely entertaining style.
Threat Hunting - Formalizing the Hunt SWCSF 2021-03-08 | Tim Garcia presents another great talk at our Southwest CyberSec Forum on how to approach threat hunting in an enterprise environment.Tim is a Sr. Level security engineer at a large financial institution as well as a long time SAN's instructor.
Cyber Threat Update with Erik Graham 2020-08 SWCSF 2021-03-07 | Run down of recent cyber security breaches presented by Erik Graham at the August 2020 virtual session of the SouthWest Cyber Security Forumsouthwestcybersecforum.com
Implementing Security Compliance Through Automation + FBI Presentation on Misinformation SWCSF 2020-06-06 | Announcements and Updates (~5 min)Cyber threat update with Erik Graham (~15 min)Short presentation by our sponsor (~15 min)Implementing Security Compliance Through Automationby Joseph Bennet - Lead Consultant Contino,Aaron Brock - Lead Consultant Contino,Jason Lutz, NPA - Senior DevOps Consultant, SecurityTopic:Hybrid cloud change control and compliance can be manual, cumbersome and not scale well. Joseph, Aaron and Jason will present how they migrated a manual process of log ingestion for clients AWS flow logs into an automated process driven by what are typically considered DevOps tools such as Git, Ansible, Jenkins, Terraform and Trumpet. This reduced the process timeline from days to hours, and allowed different teams to more effectively collaborate in managing the process. This mash-up of tools and how they were used provides important lessons for the future of Security Automation. Don’t miss this highly technical presentation which will include demo code and interactive chat session with the presenters.Bio:Joseph: Joseph Bennet has 14 years working in the IT industry, and 7 years as a consultant ups killing clients and their staff in the deployment, management, and use of various technologies. Joseph Bennet's includes a wide range of industries including financial, entertainment as well as public sector experience working with organizations such as the US Patent and Trademark Office and the Army Research Laboratory.Aaron: Aaron N. Brock, is passionate about delivering solutions which create business value for clients. His forte is to tightly integrate iterative technological improvements with people-focused learning and upskilling, creating an environment where positive change is encouraged. He continues to evangelize a Cloud-First approach following DevOps best practices. Aaron has extensive experience in Docker, K8s, Jenkins, Ansible, Terraform and more. He continues to work with a wide breadth of companies across a variety of industries ranging from gaming to large financial institutions, and has experience at every level of the software development lifecycle.Jason: Passionate in building cloud security programs, implementing open source technologies, and addressing information security risk. As a certified ISO 27001 Lead Implementer: he understands what it takes to build and reinforce information security management systems (ISMS) with a specialized focus on cloud implementations. He continuously increases his security, compliance and technical skills; combining these skills to create a unique amalgamate of knowledge to offer to our clients.FBI Cyber Task Force Updateby FBI Special Agent Paul Schaaf, also Phoenix Co-Infragard CoordinatorTopic:Paul will provide an update from the FBI Cyber Task Force on the onslaught of on-line misinformation and how it is going to force our society to change the way we consume information and trust sources.
Complexities of Incident Response in a Child Exploitation Case by Chris Pavan of the Helios Group SWCSF 2020-05-08 | Topic: Chris Pavan will review a forensic case involving a vulnerable minor which touches on a lot of the standard items inherent in any cyber-security forensic case. This particular case ran into a number of unique challenges relating to victims’ rights, the inherent bureaucracy and sometimes siloed mentality of law enforcement agencies and the complex and sometimes conflicting legal framework that must be navigated by the investigator to juggle all these competing dynamics. The presentation will highlight some of the entrenched challenges we still need to deal with not only as cyber security professionals but as a society.Bio: Chris Pavan is a veteran incident responder with experience supporting the US military and working in national forensics projects. He is a previous SWSCF speaker and is heavily invested in the Phoenix cyber security community.
Code on Code Warfare by David Gold of SentinelOne SWCSF 2020-05-08 | Topic: Organizations spend more money on cyber security tools every year, yet the number of breaches and the cost of these breaches continues to increase. A new approach is needed that relies on autonomous analysis that can respond at machine speed. By embracing automation, AI and big data analytics organizations can better prevent threats, find and detect what is missed, provide contextual linking for forensic and threat hunting – and even more importantly self heal and fully recover when necessary.Bio: David Gold recently joined SentinelOne as Sr. Director of Sales Engineering for the West. David has more than 15 years experience in enterprise information security and brings a strong track record of innovation and customer focus to SentinelOne. Previous to SentinelOne he was the VP of Product and VP of Solutions Architecture at ProtectWise and helped launch and build the company from stealth to a successful exit to Verizon. David helped define the network detection and response market and has helped many organizations develop detection and response strategies and to embrace cloud delivered technologies. He has also led Firewall Product Management at McAfee and has held various roles in sales engineering, product management and support at Websense, Intel, McAfee and Secure Computing.
Anatomy of an Incident Response SWCSF 2020-04-14 | by Niko Zivanovich, Security Engineer specializing in Incident Response, Check Point SoftwareBio:Niko Zivanovich is a Security Engineer for Check Point based in the South West US, specializing in Incident Response. Check Point is based in Tel Aviv, Israel and is one of the largest cyber security firms in the world. Previously at Johns Manville in Denver, Colorado working in network security and security operations focusing on ICS environments. While at Johns Manville, Niko and his colleagues helped to form the Berkshire Hathaway Information Security Group in order to facilitate the sharing of intelligence across the organization. He most recently worked for Berkshire Hathaway Inc. focusing on Incident Response preparation throughout the subsidiaries globally. He holds multiple certifications through the SANS GIAC organization.Topic:Anatomy of an Incident Response Event An Incident Response (IR) Plan is where tools, skills and process all come together in a high pressure, time-critical environment. Advance planning and experience are critical to a successful outcome. Niko will walk through a real-world Incident Response event and highlight at each key stage in the process where specific tools, people and skills and the structured response plan came into play and the how deficiencies at any point can hobble the organization. Attendees will be able to overlay this presentation onto their own organizations capabilities and identify where they may have shortcomings in their own IR Plan.
Deep Dive into the CISM Certification SWCSF 2020-04-14 | by Ilene Klein, CISSP, CISM, CIPP/US, Cybersecurity Program Coordinator Urban Area Security Initiative City of Phoenix Office of Homeland Security and Emergency ManagementBio:For over 20 years, Ilene Klein has been evangelizing security to anybody who would listen … and to management. During this time, she built and led compliance, governance, incident response, privacy, policy, security awareness, threat intelligence, and vulnerability management programs and frameworks. Ilene started her career as an electronics instructor and then traveled from Honolulu to Heidelberg as a systems engineer installing proprietary software for the U.S. Army and resolving system crashes before focusing on cybersecurity. Ilene has earned multiple security and privacy certifications, and she’s won awards such as the CISM Geographic Excellence Award for earning the highest score in the North America geographical region on the December 2011 CISM examination and a 2018 Warrior Award for fighting on the “front lines” of cybersecurity.Topic:Congratulations — You’re in cybersecurity, one of the best and most in-demand careers. But there’s an entire alphabet soup full of cyber-related certifications out there. During this presentation we’ll discuss the CISM certification, including what it is, how it differs from the CISSP, who might be interested in earning a CISM, the domains covered, and whether it’s worth it.
A Brief Overview of Data Science and the Intersection with Cybersecurity with Mark Barbour SWCSF 2020-03-09 | Mark is the founder of a Data Science Consulting firm that has served clients in a wide array of Government, Corporate, Non-Profit and Small Business environments.Mark and his colleagues use Data Science to help organizations gather, process and structure data so that meaningful patterns can be analyzed, explored, and communicated to the organization, their stakeholders, clients, and contractors.He started his career at 19 as a 911 Dispatcher for Phoenix Police Dept. There, he learned how powerful information and communication can be. He developed a curiosity for computer science that ultimately lead to doing freelance IT consulting for JP Morgan Chase, Berkshire Hathaway, and various other regional corporations and small businesses. While working for these companies, Mark's programming skills converged on Data Science to handle the massive amount of information that must be dealt with on a daily basis for these organizations. This lead to an increasing interest alongside the emerging field of Data Science. Seeing how generally useful these tools were, a couple of years ago he switched his business focus from IT to Applied Data Science, and has since served clients in Education, AI-Security Implementation, Politics, and Real Estate.Topic:The amount and importance of data in our daily lives is increasing at an accelerated rate. What are the security implications of large, international, public entities (state actors, corporations, etc) accumulating so much information in such a concentrated and centralized way? What kind of liability becomes apparent when large amounts of data are leaked? Even the most routine, mundane data (in large enough quantities) can be dangerous in very subtle and unpredictable ways. The best method of addressing these concerns is through education and data literacy. Spreading that knowledge will be the primary motivation of this talk.I will go over the basic Data Science Process, some common industry vocabulary (especially common buzzwords), and provide some additional resources to learn more about Data Science.
Cyber Threat Update with Erik Graham 2020-02 SWCSF 2020-02-05 | Erik covers all cybersecurity news of note since the last meeting with his uniquely entertaining style.
How AI and Deep Learning are Empowering our Adversaries by Gavin Klondike SWCSF 2020-02-05 | There's no question that modern advances in AI and Deep Learning technologies have allowed organizations to greatly scale their defensive capabilities. Between detecting evolving threats, automating discovery, fighting dynamic attacks, and even freeing up time for IT professionals; AI-fueled automation has been a boon for system defenders. But before we get too comfortable, we need to remember that there is another side to this fight. In this talk, we'll take a look at how AI technologies are enhancing adversarial capabilities and how challenges in defensive machine learning are opening up new attack surfaces.Gavin is a senior consultant and researcher who has a passion for network security, both attack and defense. Through that passion, he runs NetSec Explained; a blog and YouTube channel which covers intermediate and advanced level network security topics, in an easy to understand way. His work has given him the opportunity to be published in industry magazines and speak at conferences such as Defcon and CactusCon. Currently, he is researching ways to address the cybersecurity skills gap, by utilizing machine learning to augment the capabilities of current security analysts.Gavin has presented to the group before in Jan of 2019 on Machine Learning with very positive reviews.Netsec Explained; netsecexplained.comGavin's Youtube; youtube.com/channel/UCsKK7UIiYqvK35aWrCCgUUA
Warfare: Cyber vs. Conventional by John Jacobs of Fortinet SWCSF 2020-02-05 | What is cyber warfare? How is cyber warfare different from a conventional war? How would a modern conflict between nation states manifest it self with todays technical landscape. How would a cyber war impact the private sector?Join John as he reviews the new landscape of warfare and how most countries are preparing for the likelihood that the next war will be a hybrid between cyber and conventional, and the impact to all of us that are in the line of fire.Bio: As Vice President of Systems Engineering, John currently leads teams for a number of Fortinet’s largest customers and service providers. With 20 years of experience in network design, engineering and global operations, he continuously works to strategize, construct and operate data and content delivery that can scale and survive modern business needs. As the industry has shifted from a focus of simple connectivity to one of continuous access, real-time security, and expanded platforms, he is proud to be part of a leading security organization as a consultative member of the Fortinet Security Fabric team, offering direct feedback from the field to help best determine not only how we shape our technology, but also the ecosystem growth through partners and their complimentary solutions. John resides in Seattle, Washington, holds a bachelor’s degree in business management, and will obtain his master’s degree in cybersecurity and information assurance in 2020.
Methods and Tactics of Advanced Persistent Threat Actor: Wizard Spider by Matt Russell SWCSF 2020-01-11 | "The Not So Itsy Bitsy Spider" PRESENTED BY Matt Russell, Threat Intelligence Advisory Lead- The Americas, CrowdstrikeTopic: Wizard Spider, made famous by their commodity banking malware “TrickBot” and “Ryuk”, is a notorious threat actor that conducts high impact attacks across a variety of industry verticals and sectors. We’ll start off with an overview of the current e-crime landscape and emerging trends, and the begin to breakdown the tactics, techniques, and procedures that Wizard Spider leverages as they conduct operations across the globe. Focus will be on the TrickBot, Ryuk, and AnchorDNS malware families, providing high-level overviews of their functionality and deployment. A victimology case study will provide a deep-dive into a real world scenario where both the failures and lessons learned will be on display. This talk will conclude with defensive strategies to help mitigate the threat, as well as, an interactive question and answer session.Bio: Matt Russell an internationally seasoned business and technology executive. He combines the exceptional leadership skills he learned leading and training intelligence teams in US Special Operations, with his commercial experience in consulting and industry to successfully operate across a variety of business domains, geographic boundaries, and cultural landscapes. Matt spent 5 years living and working in Asia and possesses advanced fluency in both Korean and Spanish.
The Need for Advanced Incident Response Tools and Capabilities with Michael McAndrews SWCSF 2020-01-11 | With the ongoing epidemic of cyber security breaches, the need to successfully execute an incident response plan is of the utmost importance to shorted the time between breech and recovery and lower the overall risk to the organization. Michael discusses incident response and how full network packet capture and end-point detection/response technologies can be leveraged together as a powerful combination to improve the investigative and remediation process. Actual scenarios are shared where WGM and CrowdStrike have worked together on an international Incident Response engagement.Bio: Michael McAndrews has been involved in Information Technology and Security for more than 25 years. Michael worked in the financial services, manufacturing and pharmaceutical industries before joining the Federal Bureau of Investigation in 2006 as a Special Agent. During his time with the FBI, he investigated numerous violations, but focused primarily on computer crimes such as intrusions, Internet frauds and intellectual property violations. He was also a member of the FBI's Cyber Action Team, a group of selected agents who would deploy worldwide for the most critical of intrusions. With experience in both the National Security and Criminal arenas, Michael left the FBI in December 2013 to rejoin the private sector. He now works as an expert in the field using leading edge security devices and performing awareness training to groups worldwide.Michael is a Certified Information Systems Security Professional (CISSP) and has been certified by GIAC as a GSEC professional, an Intrusion Analyst (GCIA), and Incident Handler (GCIH). Michael also holds the A+ and Network+ certifications from Comptia.
Next Generation Firewalls: How to select, plan and deploy a modern cybersecurity fabric. SWCSF 2019-11-19 | This video is about Next Generation Firewalls (NGFW) including Palo Alto, Checkpoint, Sophos, Fortinet/Fortigate and Cisco Firepower and covers features, management & integration and how to select, plan and deploy a modern unified cyber security fabric.There is a lot of confusion and misconceptions, even among security professionals about what modern firewalls do. Even the terms Next Generation, NGFW or 4th Generation Firewall which are commonly thrown around by vendors can be confusing and misleading. John Nash will break down the features of a sampling of the the leading firewall vendors and allow you to leave with a clear picture of what the proper role of a perimeter firewall plays in your organization and how it ties into your overalls security strategy.The presentation was delivered at (ISC)2 at Rio Salado College, Tempe, AZ July 16th, 2019 by John R. Nash, VP of Phreedom Tech © 2019 Phreedom Technologies phreedom.comGoals 0:00Contributors / Sources 0:50Preface 1:23The Death of the Firewall Has Been Greatly Exaggerated 3:56Overview 6:52What is a Firewall (Basic)? 8:37Firewall Timeline 9:22Is it a firewall? - Maybe, depends on what it does 11:16Your Grandfather's Firewall 11:30NGFW / Enterprise Firewall 12:28Success vs Failure 17:32Network Protocols 20:02Governing Bodies 21:48 Eg. Bluetooth Special Interest Group 22:08IETF / IRTF 23:21IETF / RFCs 23:49IP (TCP/UPD) Suite 25:15Common IP Ports 26:17IPV6 / IP version 6 27:04OSI Protocol Stack 28:52OSI vs. IP (TCP/UPD) Suite Network Protocols 29:36Network Architectures 30:02Internet Circa 1971 30:47Internet 1980 32:09USENET 1986 32:23Internet 2013 32:36Is Encryption Important? 32:52Encryption 33:54Need for Encryption 35:37Encryption Types 35:54 DES/3DES Block cipher AES Block cipher SHA-2 Hash Algorithm RSA Encryption + Digital SignatureCommon Secure Protocols 37:32Encryption: Ciphers 38:10 Microsoft Prioritizing Schannel Cipher Suites 38:47 OpenSSH session using “verbose” 39:02Threat Landscape 39:50Vulnerability Databases 40:24NVD Data Feeds 41:29CVE Scoring 41:56CVE Vector String 44:41Mary Meeker Internet Trends 2019 47:07Packet-filtering firewalls (Legacy) 48:52Circuit-level gateways 48:58Stateful inspection firewalls 49:18Proxy Firewalls (Application-level gateways) 49:21UTM Firewalls 49:46NGFW / Enterprise Firewall 50:03NextGen Firewalls 50:30NextGen Firewall / Generation 4? 54:51NextGen Firewalls Challenges 55:01 Throughput: 55:29 Ease of Use: 55:35 Decryption (SSL, TLS, SFP, etc): 55:50OSI Seven Layers - Review 56:13Risk is where you aren’t looking 56:18Firewall Deployment Models 56:29VMware Micro-segmentation 56:39NGFW Feature Summary 57:05 Real time threat updates Integrated IDS/IPS Web/URL filtering BotNet Detection BGP / OSPF Deep Packet Inspection Certificate Generation/Management Application Policies AD Integration Device/Ad correlation Suggestive Actions Dynamic trust model Multi-dimension heuristics Provides Unified Interface Open API Feed Integration High Availability Bump on the wire Data Integration SIEM Integration Machine LearningGartner Report 2018 Report for Enterprise Network Firewalls 57:12Gartner Magic Quadrant for Enterprise Firewalls 2018 57:58Check Point Software 58:47Palo Alto Networks 1:07:40Cisco Firepower 1:01:58Fortinet 1:04:22Palo Alto 1:07:40 Panorama manages your network security with a single security rule base for firewall, threat prevention, URL filtering, application awareness, user identification, sandboxing, file blocking, and data filtering. Example: Fortinet Product Line-Up 1:10:35 Feature Product Line Up Firewalls Fortigate (SMB, Chassis, VM & SD-WAN) Virtual Segmentation Fortigate VDOM’s Proxy FortiProxy Wi-Fi FortiWiFI Switch FortiSwitch Router Integrated SD-WAN Integrated Off-line Analysis FortiSandbox End-Point Protection FortiClient / EMS Cloud Offering AWS, Azure and FortiCloud Authentication Token/Authenticator Mail FortiMail WebFiltering fortiWeb DDOS FortiDDoS BotNet Protection Integrated SSL/TLS Inspection Integrated (ASIC) Digital Feeds FortiGuard Threat heuristics Integrated Single Sign-On Integrated Analytics FortiAnalyzer SIEM FortiSIEM NAC FortiNACGartner Magic Quadrants 2017 1:14:41NSS Labs NGFW Comparative Report 1:14:58 Author – Thomas Skybakmoen JULY 17, 2018 2018 Tested Products Barracuda Networks CloudGen Firewall F800.CCE v7.2.0 Check Point 15600 Next Generation Threat Prevention (NGTP) Appliance vR80.20 Cisco Firepower 4120 Security Appliance v6.2.2 Forcepoint NGFW 2105 Appliance v6.3.3 build 19153 (Update Package: 1056) Fortinet FortiGate 500E V5.6.3GA build 7858 Palo Alto Networks PA-5220 PAN-OS 8.1.1 SonicWall NSa 2650 SonicOS Enhanced 6.5.0.10-73n Sophos XG Firewall 750 SFOS v17 MR7 Versa Networks FlexVNF 16.1R1-S6 WatchGuard M670 v12.0.1.B562953
Cybersecurity Threat Update with Erik Graham (2019-11) SWCSF 2019-11-17 | This video is the monthly Southwest CyberSec Forum update on cybersecurity threats, breaches and best practices by Erik Graham - November 4th Erik presents recent events and his recommendations with his uniquely entertaining style.
Zeek-Bro Security Monitoring with Tim Garcia SWCSF 2019-11-17 | This video is about threat detection using the open source tool, Zeek/Bro to perform traffic logging and security monitoring on corporate networks by Tim Garcia, SANS instructor (Tool Time with Tim) VP-CISSP,GSEC,GCDA,GCCC,GMON,GCEDCan a 20 year old technology help give you strategic visibility into a modern enterprise netowork? The answer is yes!. Welcome to a powerful network monitoring/logging tool most people have never heard of.Tim Garcia will review the capabilities and use of the the Zeek and Bro IDS (two separate tools that are often used together) for security threat hunting.(Originally the presentation was to be on the use of the Yara scripting tool to identify malware signatures but the Zeek/Bro topic won out due to popular demand).Tim is SANS Instructor primarily focused on blue team activities, ethical hacking, incident handling, security management and general information security principles. Instructor in Information Systems Security, Systems Analysis and Project Management for several local universities in the Phoenix area.
In-House Risk Based Security Control Assessments (SCA) Process SWCSF 2019-10-12 | This video is about implementing and managing technology security control assessments in large organizations primarily involved in federal and/or healthcare contracts, portions of which can be useful for organizations of any size that are faced with responsibility for their own risk or compliance regiments.Dr. Jerry Craig reviews a new process in which Security Controls Assessments (SCA) are managed and operated by in-house assessor teams—which allow the federal government to reduce engagement periods and costs; perform continuous monitoring and risk-based system vulnerabilities analysis; develop deeper knowledge into control families and individual controls; gain greater visibility into systems, perform and most importantly result in the ability to stand in a defensible position in the event of a data breach.The event occurred during the October 7th meeting of the Southwest CyberSec Forum at University of Advancing Technology in Tempe, AZ.Table of Contents:Introduction 0:11Major Experience 1:28Core Questions 3:00What is an SCA? 4:23What Do Restaurants & SCAs Have in Common? 5:42What is Adaptive Capabilities Testing? 7:17ACT Snapshot Analogy (Goal) 7:44SCA/ACT Information Source Comparison 8:24Failed Controls vs. Mapping Example 14:18Alignment of Controls & Testing 17:49Control Family Test Plans 18:32Benefits of Aligned Test Plans 19:19Funding Approaches 20:55System of Record vs. Piecemeal 23:09Conflict of Interest 24:50Staffing for Success 25:42Mowing the Lawn 31:05DHS CDM Phases & Approach 32:46Continuous Monitoring 33:51Individual Control Family Deep Dives 36:38Cost Savings 39:42Bringing on Contractor Labor vs. In-House Labor (FTEs) 40:44Lessons Learned 41:47About Ventech Solutions 44:51Our Core StrengthsKey HIDS Program AchievementsFull Security Suite
Cybersecurity Threat Update with Erik Graham (2019-10) SWCSF 2019-10-11 | This video is the monthly Southwest CyberSec Forum update on cybersecurity threats, breaches and best practices by Erik Graham - October 7th Erik presents recent events and his recommendations with his uniquely entertaining style.
Building Security Dashboards on ELK Stack/Elasticsearch to supercharge your SIEM SWCSF 2019-06-10 | This video is about building security dashboards from Windows event logs and firewall syslogs in Elasticsearch by John R. Nash of Phreedom Technologies [phreedom.com]We walk through the steps to select a logging platform and them implement an Elasticsearch cluster, a logstash layer, Cerebro, ingest, parse data and perform initial discovery and reporting in Kibana and finally use Grafana to create more advanced graphs.See the Table of contents below:Overview / Agenda / Intro 1:02The need for security monitoring 1:16What do we have to work with? 2:07Getting started with log analysis 3:34What data should be collected? 5:41Firewall and windows log data 6:18Typical logging architecture 9:44Selecting a logging platform 10:40Merits of Elasticsearch/ELK 13:46 Elasticsearch deployment 17:25 Phreedom ELK topology 19:42Cerebro intro 27:00Logstash deployment 29:18Configuring SysLog on your FW 32:26Installing Winlogbeat agents 32:40 Ingesting data into Elastisearch 32:57Elasticsearch indicies 33:22Installing Kibana 33:47Kibana overview 35:09 Using Kibana 35:20Building security reports 36:56SIEM security questions 37:12Fortigate log types 37:42Windows Eventlog types (Channels) 37:52NSA whitepaper on Windows IOC 38:24Nagios PowerShell IOC Check 39:03Investigating your Windows Data with Kibana 39:48Investigating your Firewall Traffic with Kibana 41:29Kibana - Visualize 42:55Kibana - TimeLion 43:33Installing / Using Grafana 44:40Building your first Grafana Graphs 45:32Grafana - Windows Failed Logins 45:41Grafana - Firewall Policy Heatmap 46:26Grafana - TCP Session Count by Server 47:01Final Security Dashboard 47:36
Cybersecurity Threat Update with Erik Graham (2019-06) SWCSF 2019-06-09 | This video is an update and analysis of cybersecurity news with a primary focus on cybersecurity breaches.Erik reviews each and discusses the impact with the audience with his uniquely entertaining style.
Next Generation Firewall (NGFW) Feature Roundup with John Nash SWCSF 2019-05-29 | There is a lot of confusion and misconceptions, even among security professionals about what modern firewalls do. Even the terms Next Generation, NGFW or 4th Generation Firewall which are commonly thrown around by vendors can be confusing and misleading. John R. Nash of Phreedom Technologies will break down the features of a sampling of the the leading firewall vendors and allow you to leave with a clear picture of what the proper role of a perimeter firewall plays in your organization and how it ties into your overalls security strategy. This is open to professionals at every stage in their career.Over the last 34 years, John has worked for Rockwell International in the R&D labs for the GPS system, as a field engineer for communication carriers deploying packet switched technologies and is now VP of Technology for Phreedom Technologies with his business partner Dean Moore.Chapters / Table of IndexWhat is a Firewall: 0:17History of Firewalls: 0:57Network Protocols 3:50IPv4 / IPv6 Comparison 9:07IPv6 Firewall Support 9:45Packet Filtering Firewalls 11:57Circuit Level Gateways 12:27Stateful Inspection Firewalls 13:15Proxy Firewalls (Application Gateways) 13:39UTM Firewalls (Unified Threat Management) 15:25Next Generation Firewalls (NGFW) 15:57NGFW Challenges - Architecture 25:50NGFW Challenges - Throughput 26:25NGFW Challenges - Ease of Use 27:44NGFW Challenges - SSL Decryption 28:30Non-IP Security - USB Firewalls 30:09Non-IP Security - Bluetooth 31:00VMware Micro-segmentation 33:28Fortigate NGFW Capabilities 34:55Fortigate NGFW - Traffic Bubble Map 34:55Fortigate NGFW - Threat Bubble Map 39:51Gartner Magic Quadrant- Firewalls 40:39NGFW Feature Summary 41:45Security Analytics Dashboard 41:58
The Past, Present and Future of Cyber Security with John Nash SWCSF 2019-04-12 | John Nash, VP of Technology for Phreedom Technologies, reviews the history of cybersecurity from the inception of the Internet to today and extrapolates those trends out into the future. The presentation is rich with history of technology and underscores why the technology we use every day works the way it does and why we have the issues with cybersecurity and probably always will.
ISO 27001 Info Security Management with Dave Anders SWCSF 2019-04-12 | Dave Anders reviews the method and approach used to apply the ISO 27001 framework to multinational organizations with complex risk modelsAs CEO/Partner of iCertWorks, ISO Manager and SecuraStar, Dave has worked for decades managing a broad spectrum of risk management products and services for some of the largest organizations in the world
Hacking Hired with Rachel Harpley SWCSF 2019-04-12 | Rachel Harpley of Recruit Bit Security presents on the insider track on how to manage your cyber security career trajectory.There are no traditional career paths in cyber security, but the recruiting process often lacks transparency. Learn from an insider to build your own career. This talk, “Hacking Hired,” identifies the four primary vectors of your job search and shares insights on how to work these vectors to your advantage to create the career you want. From a high-level, these vectors are the tools, technology, organizations and people. This is open to professionals at every stage in their career.
