Posted on

3rd annual Los Angeles Cyber Security Summit Invitation!

Cloud Security Alliance members are invited to the 3rd annual Los Angeles Cyber Security Summit.

Join 400+ industry executives, business leaders, and top-tier solution providers at this interactive day of learning.

Learn from cyber thought leaders such as The CIA Associate Deputy Director, The FBI SSA, the CISO of the City of Los Angeles, and experts from Sony, Verizon, Dell, Pulse Secure, CenturyLink, Forcepoint & many more.

Thursday, November 29, 7:45am – 6pm
The Beverly Hilton
9876 Wilshire Blvd.
Beverly Hills, CA 90210

If you are a C-Suite / Senior Level Executive or Director / Manager of IT / Information Security, you may register for a VIP Discounted Pass to this educational forum with promo code CSA18LA

The first 12 members to register will receive Complimentary Admission. After, Code grants $95 admission (standard price $350).

Details & Registration: https://CyberSummitUSA.com/losangeles18/

Each Pass includes a catered breakfast, lunch & cocktail reception. You will also earn 6 CPE Credits with your Full Day Attendance.

Discuss critical topics that can protect your business from potential threats, including: Incident Response Orchestration, Ransomware, Insider Threat & Corporate Espionage, AI and more.

Advisors & Subject Matter Experts Include (Partial List):

• The CIA: Sean P Roche, Associate Deputy Director of Digital Innovation
The FBI: Justin Vallese, Supervisory Special Agent
City of Los Angeles: Timothy Lee, CISO, Information Technology Agency
• Sony Pictures Entertainment: Stevan Bernard, Former Security Chief; Now Heading Bernard Global LLC
Verizon: David Ostertag, Global Investigations Manager, Investigative Response
CenturyLink: John Knies, CISO
ExtraHop Networks: Trish Gundy, Security Engineer
• Dell: Brett Hansen, VP Client Software & General Manager Data Security
Los Angeles Dept. of Public Health: Richard Greenberg, Information Security Officer; President of ISSA & OWASP Los Angeles Chapters
Pulse Secure: Jim Hebler, Americas Director of Cyber-Security Solutions Strategies
Armor: Wayne Reynolds, Head of Security
Darktrace: Parker Ashley, Director
Center for Internet Security: Ryan Spelman, Sr. Director
Forcepoint: Ken Bell, Director of IT Security
Semtech: Arthur Press, Cyber Security Manager
K3DES LLC: Miguel Villegas, Senior Vice President
Inverselogic, Inc: Ara Aslanian, President & CEO

Evaluate the latest cyber security tech solutions from 20+ companies such as Darktrace, Verizon Enterprise Solutions, Dell EMC, CenturyLink, Forcepoint, Pulse Secure, SentinelOne, LogRhythm, Armor, ExtraHop Networks & more.

For full details & to view all upcoming events, visit https://CyberSummitUSA.com

Posted on

Join us at CSA Congress in Orlando on December 10th

We are thrilled to announce the return of our CSA Congress, a full week’s deep dive into cloud security, in Orlando the week of December 10th-12th. As 2018 wraps up we’ve seen a lot of changes in cloud computing and related technologies. The year has been a wild ride and I’d like to invite you to join us in exploring the implications going forward into 2019.

This is a multi-track, multi-day event and will be the deepest dive into cloud security issues you will find anywhere. With special sessions on IoT, Blockchain, DevSecOps and the Emerging Threat Landscape, this conference will explore all facets of the cloud.

As the cloud environment has evolved, we’ve seen the impact of Internet of Things (IoT), FOG Computing, Blockchain and Artificial Intelligence emerge. These technologies will extend the benefits of cloud, but also have the potential to create new attack vectors for adversaries.

We will also address challenges in delivering, measuring and communicating compliance through multitudes of regulations across multiple jurisdictions. You can earn up to 22 CPEs towards your professional development if you attend.

Register using the code CSA18-CLEAD and receive 10% off the current registration rate.

Save Your Seat Here: https://csacongress.misti.com/registration-details-packages/registration-details-packages?utm_source=JimInvite&utm_medium=email

We hope to see you there.

Sincerely,

Posted on

CSA-LA Chapter Board Elections – January 9, 2018

Hello,
Our annual elections for our CSA-LA chapter board will take place during our January, 9th 2019 meeting. If you wish to run for one of the positions, you just need to be an existing chapter member that has attended at least 2 meetings in 2018 and be willing to contribute up to 2 hours/week of time towards chapter initiatives as well as attend at least 50% of the meetings in 2019.
The following are descriptions of existing roles that are up for election:
  • Chapter President
    Coordinate board member activities and ensure chapter keeps on track with agreed upon focus area. Identify ways to increase chapter’s recognition and membership stature in the cloud industry.
  • Secretary of the board
    Ensure chapter meets CSA organization requirements.
  • Director of Communications
    Send out chapter announcements and meeting notices. Maintain chapter website and presence on social networking sites.
  • Director of Finance,
    Manage the intake and dispersing of chapter funds for agreed upon uses.
  • Director of Sponsorship
    Establish cloud vendor relations. Seek out sponsors to cover chapter costs and fund initiatives. Establish guidelines for vendor fees to cover meeting costs and build chapter fund.
  • Director of Membership and Special Projects
    Manage memberships to ensure retention of existing members and outreach to IT security and cloud practitioners to recruit new memberships. Work with other Directors and chapter members to develop and execute a Board approved Membership portfolio Strategic Plan, in concert with the focus of the chapter.
  • Director of Presentations
    Seek out vendors and speakers to present at chapter meetings.
  • Director of Meeting Organization
    Arrange location with parking and conference room for chapter meetings and presentations.
  • Director of Research
    Dedicated contact for CSA research activities.
If you would like to run for one of these positions (or feel you have another area that you could help in), please email Harry Wan (harry+csa@wanfamilyorg) a bio about yourself and a paragraph about why you’re interested in being one of the chapter leaders. This will posted on the MeetUp site for member consideration.
Please send this to Harry or any other board member by Monday, December 26th. For positions where multiple candidates are running, those candidates will have an opportunity at the January meeting to speak to the voting members about why they are running and there may be an opportunity for us to have Co-Directorship.
Thank you,
Harry Wan
2018 CSA-LA President
Posted on

CLOUD SECURITY SUMMIT: A MORE SECURE EVERYWHERE

A More Secure Everywhere
The Cloud Security Summit Palo Alto Networks

The cloud has changed everything, making the world our new perimeter and adding tremendous complexity for security teams. There’s so much we can learn from each other to make securing these complex and fast-changing environments easier.

Join us for our Cloud Security Summit on Tuesday, October 23rd , where you’ll hear from cloud and security experts from Amazon Web Services (AWS) and Palo Alto Networks®, as well as other providers, partners and peers. We’ve designed the day around addressing the various challenges you’ll encounter as you make your journey to the cloud.

EVENT DETAILS:
Tuesday, October 23rd, 9:30 a.m. – 5:00 p.m. PST
[AV] Irvine, 16500 Scientific, Irvine, CA 92618

In collaboration with our community of technology partners and customers, we’ll be presenting sessions to help you:
• Start secure and stay secure throughout your cloud journey.
• Learn how to convince developers and users to love security.
• Automate incident response for faster remediation.
• Ensure you stay secure and compliant through every deployment.
• Adapt your security practices as you begin using new technologies, such as containers and serverless compute.

We look forward to seeing you there and sharing ideas about how to secure valuable assets everywhere – across networks, mobile, endpoints, and cloud.

SPONSORED BY:

Amazon Web Services (AWS) is a secure cloud services platform, offering compute power, database storage, content delivery and other functionality to help businesses scale and grow.

 

Posted on

July 11th Meeting: “Tin’s spin” on DBIR and DBD.

Title: Tin Zaw: “Tin’s spin” on DBIR and DBD.Hacker Craft: Preventing the Breach

Location:  Verizon Digital Media Services, 13031 W Jefferson Blvd Ste 900, Los Angeles, CA

Speaker Bio: Tin Zaw resides in sunny southern California, where he seeks a Zen state of mind amid the chaotic mix of technology, society and cyber threats. Wanting to make the world safer online, he gave up his beloved programming job to focus on cyber security. He is a former president of OWASP Los Angeles and he currently co-leads OWASP Automated Threats project. Tin currently works at Verizon to make the Internet safer and more secure.

https://www.linkedin.com/in/tinzaw/

Dinner is provided by CSA-LA: This month your dining option is Pizza! Come on out, learn, and get a slice on us.

Cloud Security Alliance, Los Angeles Chapter

Los Angeles, CA
753 Members

The Los Angeles Chapter of the Cloud Security Alliance is an organization formed to promote the use of leading practices for providing security assurance within Cloud Computin…

Next Meetup

Cloud Security Alliance Los Angeles (CSA-LA)/ ISSA-LA Joint …

Wednesday, Oct 3, 2018, 6:00 PM
4 Attending

Check out this Meetup Group →

Posted on

TOOLS TO ASSESS AMAZON AWS SERVICES

If you have ever had to test Amazon’s AWS services from a blackbox perspective, you will quickly find out how difficult it can be to assess configurations and policies. Luckily, there are several tools that aid in this process and are listed below.

  1. prowler – Tool based on AWS-CLI commands for AWS account hardening, following guidelines of the CISAmazon Web Services Foundations Benchmark (https://d0.awsstatic.com/whitepapers/compliance/AWS_CIS_Foundations_Benchmark.pdf)
  2. nccgroup/Scout2 – Security auditing tool for AWS environments
  3. cloudsploit/scans – AWS security scanning checks
  4. The amazon inspector‍ – The default tool Amazon provides.  https://aws.amazon.com/inspector/
  5. Netflix/security_monkey – Security Monkey monitors your AWS and GCP accounts for policy changes and alertson insecure configurations
  6. Aardvark – Aardvark is a multi-account AWS IAM Access Advisor API
  7. Repokid – AWS Least Privilege for Distributed, High-Velocity Deployment
  8. DenizParlak/Zeus – AWS Auditing & Hardening Tool that aligns with CIS AWS benchmarks  http://www.denizparlak.com/?p=386
  9. Nimbostratus – Tools for fingerprinting and exploiting Amazon cloud infrastructures + video presentation and intro blog post
  10. Bucket finder – This is a fairly simple tool to run, all it requires is a wordlist and it will go off and check each word to see if that bucket name exists in the Amazon’s S3 system. Any that it finds it will check to see if the bucket is public, private or a redirect.
  11. Cloud Security Suite – One stop tool for auditing the security posture of AWS infrastructure. This tool includes Scout2, Prowler, and Lynis for assessing host configurations.
  12. Macie – Amazon Macie is a security service that uses machine learning to automatically discover, classify, and protect sensitive data in AWS. Amazon Macie recognizes sensitive data such as personally identifiable information (PII) or intellectual property, and provides you with dashboards and alerts that give visibility into how this data is being accessed or moved.  Currently on available for S3 but support for other data stores will come.

If there are any Cloud Security tools you know about or have experience using, feel free to reach out to our CSA-LA board and we will happily help create another blog post.

Thanks to the Peerlyst post who put this initial list together.

Posted on

June 13th Meeting: “Blockchain as Security Mechanism for real world IoT”

Title: Blockchain as Security Mechanism for real world IoT

Speaker: Anant Kadiyala, Director, Blockchain & IoT Industry Solutions, Oracle

Anant has worked with customers in telco, healthcare, utilities, public sector, retail, logistics, manufacturing and banking. His area of expertise is IoT, Blockchain, and Digital solutions for enterprises and governments.

Speaker Bio: https://www.linkedin.com/in/akadiyala/

Discussions will include:
1) Understanding Blockchain – Overview
2) Trust vs Security – differences and implementations
3) Real World examples using IoT
4) Wrap-up Q&A

Dinner is provided by CSA-LA

Come and join us as at your local chapter of the Cloud Security Alliance. Please RSVP in advance. We must have the names of all attendees by 3pm the day before the meeting. With that in mind, RSVP “YES” and change it later if required. This also requires that your MeetUp profile include your full name.

*** OUR VENUES REQUIRE ALL MEMBERS TO HAVE THEIR GOVERNMENT ISSUED ID AT ALL TIMES ***

Parking:
Guest parking free – please use the blue painted spaces that say cross campus visitors.

The CSA meets 10 times a year and we do not have meetings in July or December

Cloud Security Alliance Los Angeles (CSA-LA) Chapter Meeting

Wednesday, Jun 13, 2018, 7:00 PM

Location details are available to members only.

13 Members Attending

Title: Blockchain as Security Mechanism for real world IoT Speaker: Anant Kadiyala, Director, Blockchain & IoT Industry Solutions, Oracle Anant has worked with customers in telco, healthcare, utilities, public sector, retail, logistics, manufacturing and banking. His area of expertise is IoT, Blockchain, and Digital solutions for enterprises and go…

Check out this Meetup →