Export or edit this event...

ISSA Portland Chapter November 2014 Symposium - Advanced Malware

Widmer Brothers Gasthaus
955 N Russell St
Portland, Oregon 97227, US (map)

Great Room



Presentations: Beating Cybercriminals: Preventing Compromise in the Face of Advanced Attacks

Cybercriminals combine social engineering techniques with ongoing application vulnerabilities to install advanced malware on both customer devices to compromise financial accounts and employee devices to compromise corporate networks. Advanced malware effectively bypasses authentication technologies and readily evades anti-virus applications. New endpoint solutions have emerged that have some merit, typically with a narrow focus on a single threat vector, but none have proven effective at stopping dynamic threats, and most of these approaches come with a very high operational cost. A new approach to cybercrime protection and preventing compromise is desperately needed.

This presentation will provide an overview of: · The methods cybercriminals use to successfully install advanced malware on endpoint devices · The most recent fraud cybercrime developments and compromise techniques uncovered by Trusteer research · New approaches available to mitigate the increase risk from endpoint devices · Case studies of actual cybercrime prevention results · Demonstration of preventing different advanced attack scenarios

Presented by Christopher Beier - Sr. Product Marketing Manager for IBM/Trusteer. Christopher brings impressive security DNA through his almost 20 years’ experience working for both Symantec, and McAfee. Christopher has deep knowledge and experience in the financial services and online banking security with 5 years as a technical product manager at Fiserv. He is also a 12 year US Navy veteran where he applied IT administration skills to the US submarine corp. Christopher presented on advanced malware issues at Black Hat USA 2014.

Staying Ahead of the Malware Curve Over the last five years the threat curve for dealing with advanced attackers and malware has changed significantly. Keeping ahead of signature updates used to be the battleground, but the escalating arms race has moved on to staying ahead of whitelisting, reputational, and dynamic analysis capabilities—and the people we truly care about keeping out of networks are gaining traction once again. Worse still, these capabilities are moving down the threat curve at an accelerating pace, meaning anyone has the potential to acquire these capabilities. Many in our ranks have given up on keeping our adversaries out of our ranks and instead focused on rapid detection. Though no silver bullet exists in our toolbox, there are new solutions that flip the economics to our favor.

This presentation will provide an overview of: · The methods cybercriminals use to successfully install advanced malware on endpoint devices · Insight into the evolution of malware attacks, focusing on the new techniques in use today · Discussion of cutting edge malware delivery platforms · Demonstration of commodity exploit kits (Blackhole) · Discussion around endpoint application isolation techniques · Demonstration of commodity exploit prevention leveraging non-persistent desktop browsing

Presented by Darrin Mourer - Sr. Solution Architect with Invincea specializing in advanced threat prevention, detection, and forensics. He has been involved in the information security space for over 15 years in both information security officer and vendor roles. He has held various certifications including CISSP, CISA, SANS, and ITIL. Previous to Invincea, Darrin spent over 10 years in various sr. level security roles at Symantec.

Panel Discussion – Key Advanced Malware Countermeasures

Following the two presentations, ISSA Portland will provide lunch followed by a moderated panel discussion on key advanced malware countermeasures and practical implementation concepts. The panel will consist of:

Christopher Beier - IBM Darrin Mourer – Invincea *Additional local Security Expert Panelists being confirmed

The chapter meeting is subsidized by chapter memberships and sponsors. There is a nominal fee of $10 (member) or $25 (non-member) for preregistered attendees. Walk in attendee’s are welcome but will be charged $30 cash at the door.

If you wish to become a member, please visit http://portland.issa.org/join-issa-portland/

CPEs: The chapter maintains proof of attendance for members but it is the member’s responsibility to ensure that these CPE's are credited to their respective accounts. This luncheon will offer 1 CPE per hour of attendance.

Chapter Sponsors ISSA Portland would like to thank our program sponsors, who help make high quality programs like this possible.

Gold Sponsor: IBM Silver Sponsor: Zscaler