Tuesday & Wednesday, October 26 & 27, 2010 | Washington, D.C. area
CSI 2010 Annual also hosts one- and two-day Workshops, allowing you to combine your conference experience with intensive training in the days preceding the CSI Annual Conference.
One-Day Workshops Include: |
Two-Day Workshops Include: |
Computer Forensics Kickstart
October 26, 2010 | 9:00AM–5:00PM
Mark Spencer
Arsenal Consulting of Boston and Beyond
**This is a hands-on workshop, please be sure to bring your laptops.**
This fast-paced hands-on workshop will provide you with exposure to three major components of computer forensics: identification, preservation, and analysis of electronic evidence.
Instructor Mark Spencer will draw upon his extensive experience in both the public and private sectors to lead the class through applying the proper tools to a “seized” hard drive in a case involving employee wrongdoing. Open-source and free tools designed to forensically tackle different types of electronic data will be applied during the investigation.
This workshop has been designed to prepare you to successfully select and implement computer forensics tools in your organization. Learn how to identify where electronic evidence might exist and how to preserve it, and which tools are critical to conducting successful computer forensics.
Course Outline:
- Identifying the “Universe of Data”
- Critical computer forensics tools
- Acquiring data at rest and in motion
- Constructing proper searches
- Evidence goldmines
Prerequisites:
- Experience with Microsoft Windows Command-Line
- Laptop running Windows XP Professional (Must have administrative access)
- Thumb drive (4GB or smaller)
Who Should Attend
Anyone curious about computer forensics as well as experienced practitioners looking for a refresher course.
Back to top
Developing an Information Security Strategy
October 27, 2010 | 9:00AM–5:00PM
John Pironti
IP Architects, LLC
Information security has become a critical issue within organizations, and a key success factor for businesses. In order to effectively maintain the integrity and security of an organization's information infrastructure an organized information security strategy must be developed and implemented. Learn the concepts of an information security program, threat and vulnerability management, and metrics for effective information security governance. Key functional areas will be discussed in depth and will be highlighted for their importance to the strategy, activities that they will perform, and their associated key performance indicators (KPI's). This workshop will utilize interactive discussions and case studies to highlight operationally capable models and solutions.
Course Outline
- Introduction of an Information Security Program
- Threat and Vulnerability Management
- Developing Metrics for Effective Information Security Governance
- Final Thoughts
Who Should Attend
- Individuals who have the responsibility to provide data security and privacy service within their organization
- Business executives and who have the responsibility of designing, implementing, and operating information security programs within their organization
- Business executives who would like to understand how to implement an effective information security program within their organization
- Information security auditors who are responsible for providing oversight to enterprise information security solutions
Back to top
Enterprise Security Monitoring: Architecting a complete security service
October 27, 2010 | 9:00AM–5:00PM
Michael Legary
Seccuris Inc.
Focused on linking business objectives to your SIEM program, this workshop will guide you in developing an Information Security Monitoring program from the top down. Learn how to design, deliver and support a comprehensive security services architecture that integrates fully and seamlessly with your existing IT management and business infrastructure and practices.
Course Outline
- Identification of business and technical audience requirements for enterprise security monitoring including executive, internal and external audit, technical management and staff.
- Strategy and architecture design requirements for enterprise security monitoring programs
- Definition and review of potential security services and how each satisfies enterprise audience requirements including common implementation pitfalls to avoid
- Definition and review of standard management policy and related processes for program operations
- Technical review of common components available on the market today and strategies in combining COTS, Open source and custom solutions in your environment
- Overview of outsourcing strategies for management and technical program components
- Techniques for defining successful reporting strategies and review of example monitoring dashboard elements
Back to top
Information Security and Privacy: Where are We Going and How Can We Measure Success?
Top 20 Trends Where Information Security, Privacy and Compliance Must Collaborate
October 27, 2010 | 9:00AM–5:00PM
Rebecca Herold
Rebecca Herold, LLC
Successful information security, privacy and compliance programs require the strategies to be complementary and integrated throughout all of the enterprise—within every business process stage and at every level within the organization. How can companies effectively work to ensure information security, privacy and compliance areas collaborate to make initiatives most successful?
Course Outline
- 20 top trend areas where information security, privacy and compliance practitioners need to work together and how to be effective
- Benefits of performing a privacy impact assessment (PIA), when to perform a PIA, and how to perform a PIA—guided by a case study of the PIA Rebecca led for the NIST Smart Grid privacy subgroup
- How to use metrics and supporting tools valuable to both areas
- Key information about how to perform privacy impact assessments
- How other organizations are handling privacy and information security challenges.
- About many resources and tools to successfully meet these complex and difficult challenges
Who Should Attend
This course is intended for CISO, CSO, CPO, CIO, Legal Counsel, Director, Manager, and IT Audit Director and Manager levels.
Back to top
Learn to Think Like a Hacker: Secure Application Development Training
October 26, 2010 | 9:00AM–5:00PM
Andrew Gavin & Chris Foster
Verizon Business
Learn what hackers look for when attempting to compromise applications. Designed to be language agnostic, this course provides security vulnerability examples in all modern languages. During this workshop, the Verizon instructors will demonstrate the most common security issues, as identified by our analysts and the OWASP Top 10 (http://www.owasp.org/index.php/OWASPTop10-2010-PressRelease), which includes SQL injection, cross-site scripting and other critical business logic vulnerabilities.
Course Outline
- Live demonstration of security issues
- Hands-on exploitation of vulnerabilities is
- Remediation steps to teach the attendees how to prevent these security issues from occurring within an application
- Essential practices for applications, infrastructure issues (network and platform hardening), and threat modeling
Who Should Attend
Anyone curious about on strengthening their knowledge of security issues affecting today's applications.
Back to top
Crash Course in Penetration Testing
October 26–27, 2010 | 9:00AM–5:00PM
Joe McCray
Learn Security Online
**This is a hands-on workshop, please be sure to bring your laptops.**
Learn some of the newer aspects of penetration testing, including Open Source Intelligence Gathering with Maltego and other Open Source tools. Web Application penetration testing will be discussed as well, with focus on practical exploitation of cross-site scripting (XSS), cross-site request forgery (CSRF), local/remote file includes, and SQL Injection.
Emphasis throughout the entire workshop will be placed on being as stealthy as possible, and dealing with popular defensive technologies such as: Network Intrusion Detection/Prevention Systems; Host-Based Intrusion Detection/Prevention Systems; Web Application Firewalls; Anti-Virus; and Content-Filtering Proxies.
Course Outline
- Penetration Testing Fundamentals
- The Down & Dirty —Open Source Intelligence (OSINT) , Maltego, and other tools
- Scanning and Stealth Scanning Techniques
- Enumeration —including Bannergrabbing , HTTP Fingerprinting and SMB Version Detection
- Vulnerability Testing —Using Nessus Attack Scripting Language (NASL) and how to Correlate Scan results to public exploits
- Owning Boxes for Fun and Profit —Exploitation, Post-Exploitation (Old School), and Metasploit (MSF)
- Transitioning from Network to Web App Penetration Testing
- What Makes up a Web Application Assessment
- Injection Vulnerabilities
- Abuse of Trust Vulnerabilities
- File Handling/Redirection Vulnerabilities
- Filter/IDS/Web Application Firewall Evasion
Who Should Attend
Anyone curious about penetration testing. Students should be familiar with IT Security best practices, and have a good understanding of TCP/IP and common web technologies: Basic Windows administration for servers and workstations ; Basic command line proficiency on *NIX systems ; and Basic Linux/*NIX system administration skills . Students should also be familiar with the following web technologies and languages: HTTP; HTML; Javascript; ASP; PHP; and SQL
Laptop Requirements
Each student must bring his own laptop with Windows XP/Vista or a recent Linux distribution such as: Fedora, RHEL, Gentoo, or Ubuntu
Software packages that should be install prior to class are:
Windows Specific Tool:
Linux Specific Tool:
Back to top
How to Complete a Risk Assessment in a Week or Less
October 26–27, 2010 | 9:00AM–5:00PM
Thomas Peltier
Thomas R. Peltier Associates, LLC
Learn the tools and skill set needed to complete a successful risk assessment in 5 days, or less. Using the Facilitated Risk Analysis and Assessment Process (FRAAP) methodology, this workshop will examine different ways to improve the risk assessment process so that it will work best for you and your organization. FRAAP, a world-wide qualitative risk assessment process, was developed for those with limited time and budgets. Leave with all of the materials needed to successfully conduct a risk assessment when you return to your work place.
Course Outline
- Difference between risk analysis and risk assessment
- Risk assessment using FRAAP methodology
- Pre-FRAAP deliverables
- FRAAP Session
- Post-FRAAP Process
- Using Gap Analysis
- Pre-screening methodology
Who Should Attend
- Enterprise risk management personnel
- Audit and Information Security
- Project Management Professionals
- Consultants
- Those responsible for business case development
Back to top
ISACA's Certified Information Security Manager® (CISM®) Boot Camp
October 26–27, 2010 | 9:00AM–5:00PM
Dr. Eugene Schultz
Emagined Security
CISM certification demonstrates proven experience. The demand for skilled information security management professionals is increasing and earning a CISM designation provides a competitive advantage.
Being a CISM:
- Demonstrates your understanding of the relationship between an information security program and broader business goals and objectives
- Distinguishes you as having not only information security expertise, but also knowledge and experience in the development and management of an information security program
- Puts you in an elite peer network
If you plan to take the December 2010 Certified Information Security Manager® (CISM®) exam, prepare by attending this workshop. Designed to assist and enhance the study process, the workshop will highlight key information security management practices, issues and concepts. It will emphasize topics that are likely to be on the CISM exam. Participants will receive handout material provided by ISACA.
Who Should Attend
Anyone planning to take the December 2010 Certified Information Security Manager® (CISM®) exam.
Back to top
(ISC)²® CISSP® CBK® Review Seminar
October 26–27, 2010 | 9:00AM–5:00PM
The CISSP® credential is recognized as the leading information security credential I the world. It is the only IT certification to have been ANSI accredited under the ISO/IED Standard 17024.
The Official (ISC)²® CISSP® CBK® Review Seminar is the most comprehensive, complete overview of information security concepts and industry best practices, and the only review course endorsed by (ISC)². Conducted by (ISC)² Authorized Instructors, this workshop will address key areas in each of the 10 domains of the CBK with an emphasis on assisting information security professionals in attaining the broad and comprehensive level of knowledge required to provide expert service to clients and employers as a Certified Information Systems Security. Professional (CISSP). After completing the Official (ISC)² CISSP CBK® Review Seminar, you’ll be ready to take on the CISSP exam.
Who Should Attend
Anyone planning to take the CISSP® exam.
Back to top
Security Awareness & Training: CSI Security Awareness Peer Group Meeting
October 26–27, 2010 | 9:00AM–5:00PM
Find out what awareness programs look like when organizations are “all in” with their commitment to employee awareness. Kick start your own efforts by spending time with awareness specialists who tackle the task with energy and creativity.
Join facilitator Steve Conrad and members of the CSI Security Awareness Peer Group for two days of intense exploration into today’s sophisticated awareness strategies. Topics from past meetings include: awareness program metrics, challenges of portable media, executive awareness and buy-in, security and social networks, and how to keep messages fresh and compelling.
Attendees themselves will create the agenda for this meeting about a month prior—so if you’d like your hot topics on the agenda, please register early.
The CSI Security Awareness Peer Group is a corporate membership of awareness specialists who meet quarterly to discuss security awareness exclusively. This is your chance to attend a meeting as a non-member and find out why members love it.
Who Should Attend
Attendance is limited to those working on internal corporate or government awareness programs—consultants and vendors attend only by invitation. All attendees must sign a Non-Disclosure Agreement prior to the event.
For more information or a sample agenda from a past meeting, contact Pam Salaway at 631.878.2205 or .
Back to top
