Sept 10th Mtg: Defending Intel UEFI systems from firmware attackers

Date: Sep 10th, 2015
Time: 7pm
Place: Stamatatos Lab, 2211 Elliot Ave, 1st Floor, Seattle WA
Directions: Map
Subject: How to pick your next SAN
Presenters: Lee Fisher

In this talk, we’ll give an overview of the open source firmware security tools you can use to help detect ‘bootkits’, ‘firmworms’, and other firmware-level malware (as well as other defects and system failures), as well as some ideas how you might integrate firmware security into your long-term maintenance plan. Tools include: CHIPSEC, UEFITool, UEFI Firmware Parser, and some others. The speaker is a local freelance firmware developer and security researcher; his blog is the first/primary firmware security news source,
.

Aug 13th Mtg: How to pick your next SAN

Date: Aug 13th, 2015
Time: 7pm
Place: Stamatatos Lab, 2211 Elliot Ave, 1st Floor, Seattle WA
Directions: Map
Subject: How to pick your next SAN
Presenters: Ski Kacoroski

This discussion/presentation covers the basics of Storage Area Networks (SANs), why they are used, the different type and options for SANs, questions you need to ask the vendor, and the gotchas you need to be aware of when purchasing a SAN.

BIO:
During Ski’s 30+ years experience as a system admin and IT Manager, he has seen major changes in storage and system administration. He currently is the a system admin at the Northshore School District responsible for an infrastructure that supports 20K children and 3500 staff including 440GB of managed storage. When not busy, Ski enjoys working in his garden, volunteering with LOPSA and King County Search & Rescue, and hiking in our wonderful Cascades.

July 9th Mtg: Breaking the Kill Chain: Prevent, Detect, and Mitigate Threats to Your Organization

Date: July 9th, 2015
Time: 7pm
Place: Stamatatos Lab, 2211 Elliot Ave, 6th Floor, Seattle WA
Directions: Map
Subject: Breaking the Kill Chain: Prevent, Detect, and Mitigate Threats to Your Organization
Presenters: Jason Gifford

The discussion/presentation revolves around layering different technologies (IPS, App Inspection, etc.) to find and defeat different types of malware and invasions. There’s a fair amount of time talking about how SSL Intercept / MITM works and some light discussion on sandboxing for zero day variants. All of it ties in to providing the access that the business requires, the users desire, and the security we
all need.

BIO:
Jason has over 18 years of experience in the field of network security including extensive experience in HIPAA and Financial regulations. Over the course of his career Jason has designed and implemented network security solutions across the entire spectrum of company sizes from single 3 person offices to global company WANs that spread over multiple continents. In addition to the design and implementation work he has also assisted both local and federal law enforcement agencies in various cyber security incidents.

Seattle based special interest group for system and network administrators