Scariest presentations at DefCon 25 (2017)

Every year there are presentations at DefCon that make you want to move you to a remote mountain cabin and disconnect from all forms of electronics. This year was no different.

Below I will detail five presentations that I personally attended and qualify for scariness. Several will have whitepapers released this week and we will update with links as they are released.

An ACE Up the Sleeve: Designing Active Directory DACL Backdoors https://www.defcon.org/html/defcon-25/dc-25-speakers.html#Robbins

This presentation showed how DACL manipulation can assist in persistence by hiding the unintentional, or adversary added administrative rights that a user may have. Usually found in nested rights granting, the presenter was able to show normal queries alerting an assessor to administrative rights that should be removed. However, using purposeful DACL misconfiguration, those queries were disabled, while the administrative rights persisted.

This causes a serious problem when an adversary gains credentials that might not be apparent to have AD administrative rights, but does. Now finding those privileged accounts and cleaning them up will be difficult, if not impossible. Using this, an adversary could gain administrative privileges through an account and go undetected for quite some time. Even the most common PAM (Privileged Access Management) system could be rendered useless in defense, if the attacker implements this technique correctly.

Get-$pwnd: Attacking Battle-Hardened Windows Server https://www.defcon.org/html/defcon-25/dc-25-speakers.html#Holmes

A Microsoft engineer that participated in designing PowerShell presented on how even hardened Windows Servers can be exploited. Specifically, systems thought to be hardened with configurations such as whitelisted commands and JEA (Just Enough Administration) may still be vulnerable. When the presentation was finished, the demonstration showed that commands that were thought to be restricted and not available on a system could still be executed, including administrative functions that would give attackers significant power.

WSUSpendu: How to Hang WSUS Clients
https://www.defcon.org/html/defcon-25/dc-25-speakers.html#Coltel

Many organizations believe that Air-Gapped networks are the answer. Pulling an entire network, with the most sensitive data, off the internet and creating your own intranet will protect you. The presenters offered a way to compromise a Windows Server Update Services (WSUS) in order to compromise the off-line network for, at the very least, major down time, possibly data loss.

First, the presenter showed how to convince the WSUS that a malware package was a valid Windows Update that was then pushed out to connected clients. Next, the presenters uploaded a second package, not divulging what was in it, in order to show that an air-gapped network that gets its windows update from the master WSUS server on the connected environment can be compromised the same way. The theory is that a CD or USB drive will be created from the online server and “sneaker-net” over to the air-gapped network.

When it was completed, he revealed that it was Ransomware that would have infected THE ENTIRE air-gapped network, encrypted every windows server and caused an outage while restores from backup are completed. Definitely scary!

‘Ghost Telephonist’ Impersonates You Through LTE CSFB https://media.defcon.org/DEF%20CON%2025/DEF%20CON%2025%20presentations/DEFCON-25-Yuwei-Zheng-UnicornTeam-Ghost-Telephonist.pdf

This presentation was an even easier way to compromise an LTE phone than what previously was thought to require some heavy lifting of creating a fake tower and forcing the phone down from LTE. The presentation was based on a finding that there is an authentication step missing from towers when a cell phone drops out of LTE. Now, if you create a device that tells the tower that it is a phone that is in CSFB (Circuit Switched Fallback), the tower will assume it is the other phone and not ask for proof.

At that point, the attacker can intercept calls and SMS texts. As a demonstration, the presenter showed a phone used as an SMS 2FA (two factor authentication) for Gmail being compromised and the Gmail account being taken over, changing the password successfully, while the true phone showed no activity.

Google Authenticator/Okta/Duo anyone? https://en.wikipedia.org/wiki/Software_token

The Black Art of Wireless Post Exploitation
https://www.defcon.org/html/defcon-25/dc-25-speakers.html#Ryan

This presentation really had lots of goodies and a history of how wireless security has evolved. The part of the presentation that stuck out was when he was trying impress upon the audience that EAP-TLS wireless was worth it even with the painful administration. What the presenter explained is that a wireless NAC port-based access control is thought to contain any issues, so that “bad” systems may connect, but will have no access to the rest of the network. While connected in quarantine, they can be scanned, queried and resolved or rejected. This assumes that the unwanted system is foreign to the network. The technique presented showed that even a separate “sensitive” network that has a different connection method can be compromised via a carefully crafted “evil twin” attack. Once a legitimate system is connected to the evil-twin, a payload can be installed and then the system can be returned to the corporate wireless, now compromised. If done correctly, the NAC will not find the compromise and now the attacker can leverage the system to pivot throughout the internal network.

There were many more presentations with highly impactful vulnerabilities and attacks, these were the top four ones that I personally attended. Stay tuned for added links to the whitepapers associated to these presentations. Be careful out there!

About the author:

Jean-Paul Bergeaux, Federal CTO, GuidePoint Security

With more than 18 years of experience in the Federal technology industry, Jean-Paul Bergeaux is currently the Federal CTO for GuidePoint Security. JP’s career has been marked by success in technical leadership roles with ADIC (now Quantum), NetApp and Commvault and SwishData. Jean-Paul focuses on identifying customers’ challenges and architecting innovative solutions to solve their complex problems. He is also a thought leader on topics that are top of mind for Federal IT Managers like Cyber Security, VDI, Big Data, and Backup & Recovery.

GuidePoint’s Annual Social Hour Kicks Off RSA 2017

Attend our social hour or schedule a vSOC demo with us while you’re at RSA

Will you be in San Francisco Feb. 13-17 for RSA 2017? We’re looking forward to connecting with you!

Join GuidePoint Security for a fun and informative social hour on Monday, Feb. 13. It’s a great start to the week, and you’ll have a chance to meet and interact with some of the industry’s leading information security and cybersecurity professionals.

The social hour begins at 6:30 p.m. at Town Hall Restaurant, 342 Howard St. in San Francisco. The event, which continues through 8:30 p.m., is free, but you’ll need to register in advance. Click here to register now.

More than 45,000 people typically attend the RSA conference each year, and it’s a great time to learn more about the many ways you can protect your organization and stay ahead of cybersecurity issues and threats.

While we’re there, our team will offer free, private demonstrations of our Virtual Security Operations Center (vSOC). All you have to do is sign up, and a GuidePoint representative will be in touch to set up a time to meet with you. Register now for your exclusive vSOC demo.

During the vSOC demonstration, you’ll learn about how GuidePoint’s managed security services can assist you with identifying threats and vulnerabilities through detection, response, and recovering from validated incidents.

To sign up for our social hour at Town Hall Restaurant on Feb. 13 or to register for a vSOC demo during the conference, visit http://go.guidepointsecurity.com/rsa-social-hour-2017.html.

To learn more about the RSA conference, visit https://www.rsaconference.com/events/us17/about.

About GuidePoint Security
GuidePoint Security LLC provides innovative and valuable cybersecurity solutions and expertise that enable organizations to successfully achieve their missions. By embracing new technologies, GuidePoint Security helps clients recognize the threats, understand the solutions, and mitigate the risks present in their evolving IT environments. Headquartered in Herndon, Virginia, GuidePoint Security is a small business, and classification is with the System for Award Management (SAM). Learn more at: http://www.guidepointsecurity.com.

GuidePoint Senior Security Consultant Selected for Black Hat Europe Arsenal Presentation

Brian Beaudry will speak about OWASP ZSC

Brian Beaudry, senior security consultant, will represent GuidePoint Security at Black Hat Europe Nov. 1-4, as a featured Arsenal presenter.

Brian has been a part of the GuidePoint team for the past two years in the application security practice. He will deliver a special presentation on the OWASP ZSC tool created by Ali Razmjoo. The presentation will be from 10-11:50 a.m. Thursday, Nov. 3, at Arsenal Station 4 in the Business Hall at the Business Design Centre in London.

OWASP ZSC is an open-source tool written in the Python programming language. It allows users to generate customized shellcode as well as obfuscate scripts. The shellcode can then be used to develop proof-of-concept exploits to demonstrate the impact of discovered vulnerabilities. ZSC’s script obfuscation functionality allows it to take code the developer does not want to be easily viewed and obfuscates it to make the reverse engineer’s job more difficult.

OWASP ZSC uses new encoding techniques and methods many antivirus suites will not detect. OWASP ZSC encoders generate shellcode with random encodings, which allows it to generate thousands of new dynamic shellcodes within the same job in just a second. The software runs on Windows/Linux/OSX under Python.

Brian recently served as a Google Summer of Code mentor for OWASP, providing subject matter expertise to the ZSC project on Windows-based shellcode. He was also involved in presenting the tool at Defcon 2016 Demo Labs.

During Black Hat’s interactive Arsenal, presenters like Brian share the latest in open-source tool and product development, including demonstrations and thought-provoking conversations. Each tool submitted to the Arsenal undergoes a review by the Black Hat Europe review board to find the best and most innovative tools under development in the security space.

“We are so excited that Brian has this chance to share his knowledge and enthusiasm about OWASP in a global market,” said Bryan Orme, principal of information assurance, at GuidePoint Security. “It’s a unique opportunity for talented GuidePoint professionals like Brian to connect with others from around the world to brainstorm and network about cutting-edge technologies, solutions, and tools that continue to advance the ever-evolving information security industry. We are all proud of Brian, and can’t wait to see his presentation.”

By participating in Black Hat Europe 2016 trainings and briefing sessions, attendees get hands-on learning opportunities with some of the world’s leading information security researchers and developers, while exploring industry trends in a vendor-neutral environment.

For more information about Black Hat Europe and to register for the event, visit https://www.blackhat.com/eu-16.

About GuidePoint Security

GuidePoint Security LLC provides innovative and valuable cyber security solutions and expertise that enable organizations to successfully achieve their mission. By embracing new technologies, GuidePoint Security helps clients recognize the threats, understand the solutions, and mitigate the risks present in their evolving IT environments. Headquartered in Herndon, Virginia, GuidePoint Security is a small business, and classification is with the System for Award Management (SAM). Learn more at: www.guidepointsecurity.com.

blackhat-europe-2016-blog-graphic-header

From Cyber Analysts to Cyber Hunters: GuidePoint Security Expert to Speak at Anomali Detect

Are you ready to go from your regular job as a cyber analyst to a full-fledged cyber hunter? Join GuidePoint Security at Anomali Detect Sept. 11-13, 2016, at the Westin Washington, D.C. City Center, for a special presentation, “Cyber Hunters: Operationalizing Threat Intelligence for Cyber Analysts.”

GuidePoint Security is a Gold sponsor for the conference, and Matt Keller, our vice president of federal services, will lead a session about how analysts in Security Operation Centers (SOC) can evolve from a detection and response team to proactive cyber hunters who seek out threats before damage occurs.

Matt’s presentation will be from 3:10-4 p.m. Tuesday, Sept. 13, in room National C. He will talk about how to utilize threat feeds to reduce the amount of time it takes to identify incidents and help you plan for responses within the “Cyber Golden Hour.” He will share insight on how your security team can identify threats in real time, moving from cyber analysts to full-fledged cyber hunters.

We’ll also have a table top display set up during Anomali Detect, so be sure to stop by and view a demonstration on our Virtual Security Operations Center (vSOC). By using the cloud to provide dynamic scalability and cost savings, our vSOC analysts can provide validated security incidents so your team can focus on remediation.

For more information about Anomali Detect, visit https://www.anomali.com/anomali-detect. To register for the conference, click here.

For more information about our vSOC and how we can help protect your organization from insider threats, visit www.guidepointsecurity.com.

About GuidePoint Security

GuidePoint Security LLC provides innovative and valuable cybersecurity solutions and expertise that enable organizations to successfully achieve their mission. By embracing new technologies, GuidePoint Security helps clients recognize the threats, understand the solutions, and mitigate the risks present in their evolving IT environments. Headquartered in Herndon, Virginia, GuidePoint Security is a small business, and classification can be found with the System for Award Management (SAM). Learn more at: http://www.guidepointsecurity.com.

GuidePoint Security Is Headed to Vegas for Black Hat, BSidesLV, and Def Con

Our GuidePoint Security team members will be in Las Vegas the first week of August for all three major information security conferences — Black Hat, BSidesLV, and Def Con.

Black Hat

On Tuesday, Aug. 2, GuidePoint Security, together with our participating vendors, CrowdStrike, Prelert, RSA, and Skybox, will host a Black Hat Social Hour. It will be from 5:30-8 p.m. in the Rí Rá Irish Pub at The Shoppes at Mandalay Bay Place. Join us for lively conversation, great entertainment, and libations. RSVP here.

A little bit about our vendors who are co-sponsoring our Black Hat Security Social Hour:

  • CrowdStrike: CrowdStrike™ is a leading provider of next-generation endpoint protection, threat intelligence, and pre- and post-incident response services. Through CrowdStrike-as-a-Service, clients have access to a highly scalable subscription-based business model to multiply security teams’ effectiveness and expertise, including 24/7 endpoint visibility, monitoring, and response.
  • Prelert is the leading provider of behavioral analytics for IT security, IT operations, and business operations teams. By analyzing an organization’s log data, Prelert finds anomalies, links them together and lets the data tell the story behind advanced security threats, IT performance problems, and business disruptions.
  • RSA provides more than 30,000 customers worldwide with essential security capabilities to protect valuable assets from cyber threats. With RSA’s award-winning products, organizations can effectively detect, investigate, and respond to advanced attacks; confirm and manage identities; and ultimately, reduce IP theft, fraud, and cybercrime.
  • Skybox Security meets clients’ network vulnerability and threat management needs. With the help of Skybox’s predictive analytics, enterprises can monitor and protect their networks in a timely manner. They can also eliminate attack vectors, manage firewalls, and stay ahead of threats using one platform without ever disrupting normal network operations.

BSidesLV

Beginning at 11 a.m. Tuesday, Aug. 2, you’ll find us as a sponsor of the 2016 BSidesLV Hire Ground, a two-day event focusing on topics ranging from job networking to mock interviews and resumes. Look for us in the Recruitment/Mentorship area. We’ll be there through 7 p.m. Tuesday, and then back again from 10 a.m.-7 p.m. Wednesday, Aug. 3.

We’re also planning a special career development talk at BSidesLV at 2 p.m. Wednesday, so be sure to stop by the Recruitment/Mentorship area and network with us.

Def Con

We’ll also have GuidePoint team members at Def Con, so we hope to connect with you there, too.

Please join us at all of the following events:

Black Hat USA 2016
When: July 30-Aug. 4, 2016
Where: Mandalay Bay, Las Vegas, NV
More info: https://www.blackhat.com/us-16

GuidePoint Security, CrowdStrike, Prelert, RSA, and SkyBox Security: 2016 Black Hat Social Hour
When: 5:30-8 p.m. Aug. 2, 2016
Where: Rí Rá Irish Pub | The Shoppes at Mandalay Bay Place, Las Vegas, NV
RSVP: http://go.guidepointsecurity.com/20160802-event-reg.html

BSidesLV Hire Ground Event
When: 11 a.m.-7 p.m. Aug. 2, 2016, and 10 a.m.-7 p.m. Aug. 3, 2016
Where: Tuscany Suites, Las Vegas, NV
More info: https://www.bsideslv.org/hire-ground

BSidesLV Career Development Presentation
When: 2 p.m. Aug. 3, 2016
Where: Tuscany Suites, Las Vegas, NV

DEF CON
When: Aug. 4-7, 2016
Where: Paris & Bally’s | Las Vegas, NV
More info: https://defcon.org/html/defcon-24/dc-24-index.html

At GuidePoint Security, our mission is to serve as a trusted security expert that addresses your pressing security challenges. We are excited to participate in the upcoming events at BSidesLV, Black Hat and Def Con. We look forward to networking with you in Vegas!

About GuidePoint Security

GuidePoint Security LLC provides innovative and valuable cybersecurity solutions and expertise that enable organizations to successfully achieve their mission. By embracing new technologies, GuidePoint Security helps clients recognize the threats, understand the solutions, and mitigate the risks present in their evolving IT environments. Headquartered in Herndon, Virginia, GuidePoint Security is a small business, and classification can be found with the System for Award Management (SAM). Learn more at: http://www.guidepointsecurity.com.

Top GuidePoint Security Consultants to Present At Sold Out 2016 BSides Boston Training Session

Two of GuidePoint Security’s consultants will be among the featured instructors and presenters at this bsidesbos_est1year’s Security BSides Boston Conference, on May 20-21, 2016. The event, which is being held at the Microsoft NERD Building, at 1 Memorial Drive, Cambridge, MA, includes key speakers, presentations and training sessions. GuidePoint will also be a participating exhibitor on Saturday, May 21.

David Bressler and Casey Dunham, both members of the GuidePoint Application Security Team, will be leading an “Advanced Web Hacking,” all-day training session on May 20 for a sold-out audience. The pair will also be heading up a presentation titled, “Advanced XSS and Injection Attacks,” slated for May 21.

The Security BSides Boston Conference includes Friday training sessions running from 10 a.m. – 5:30 p.m., while the Conference discussions and presentations will be held from 9 a.m. – 6 p.m. on Saturday, May 21, 2016.

If you are unable to attend the events with Bressler and Dunham, be sure to stop by the GuidePoint Security table on Saturday.

About the Advanced Web Hacking Session

The all-day session involves hands-on learning through an instructor-led, simulated web application assessment against a proprietary web application that was built specifically for this course. The course moves beyond the basic OWASP Top 10 Web Application Vulnerabilities by introducing advanced forms of these common vulnerabilities, built from our own penetration testing experience. Focus is also placed on creating realistic proof of concepts to show higher impact, as well as what an attacker could do if the vulnerabilities were exposed.

About the Advanced XSS and Injection Attacks Presentation

In this presentation, Bressler and Dunham will review advanced forms of Cross Site Scripting (XSS) in the AngularJS framework through improper usage of the AngularJS templating language and injection attacks through the Hibernate Query Language (HQL), as well as breaking the HQL Lexer to run arbitrary SQL commands. They will also be presenting methods of auditing applications for these issues and preventing the vulnerabilities.

About GuidePoint Security LLC

GuidePoint Security LLC provides customized, innovative and valuable cybersecurity solutions and expertise that enable organizations to successfully achieve their mission. By embracing new technologies, GuidePoint Security helps clients recognize the threats, understand the solutions, and mitigate the risks present in their evolving IT environments. Headquartered in Herndon, Virginia, GuidePoint Security is a small business, and classification can be found with the System for Award Management (SAM). Learn more at: www.guidepointsecurity.com.

 

Opportunities to Meet GuidePoint Security at SecureWorld Boston

GuidePoint Security is looking forward to exhibiting, speaking, and hosting an SecureWorld Logo-Icon 2015after hours reception at the 2016 SecureWorld Expo in Boston.

You’ll find us at booth #118, where we will be hosting a Technology Showcase this year with our partners Cyberark, Cyphort, Exabeam, Tenable, and Varonis.
When: March 29-30, 2016
Where: Hynes Convention Center, Exhibit Hall D, Booth #118, Boston, MA

The software and services offered by our partners enables GuidePoint to create comprehensive security solutions for virtually any client’s network, large or small. Below you’ll discover a few reasons why we will be showcasing their technologies at SecureWorld.

  • For over a decade CyberArk has led the market in securing enterprises against cyber attacks that take cover behind insider privileges and attack critical enterprise assets.
  • Cyphort helps you respond to an avalanche of network attacks, prioritize your work, and go after the really harmful security threats that are targeting your enterprise.
  • Exabeam is a leading provider of user and entity behavior analytics, based on security-based data science and innovative Stateful User Tracking technology. Exabeam enables customers to detect and thwart cyber attacks that would otherwise go unseen by most enterprises.
  • Tenable Network Security transforms security technology for the business needs of tomorrow through comprehensive solutions that provide continuous visibility and critical context, enabling decisive actions to protect your organization.
  • Varonis protects sensitive information from insider threats, automates time-consuming tasks, and extracts valuable insights from enterprise data.

At the 2016 SecureWorld Expo in Boston, you’ll have the opportunity to attend the following GuidePoint speaking sessions:

GRC – Trials & Tribulations
Speaker: Michael Cook, Senior Security Consultant, GuidePoint Security
March 29, 1:15pm – 2:15pm
Session description: This session addresses GRC Industry status (Gartner, OCEG, CSA) and tips for planning, implementation, and maintenance of a GRC Program (learned the hard way).

Industry Expert Panel: You’ve Got Humans on Your Network
Speakers include: Michael Cook, Senior Security Consultant, GuidePoint Security
March 30, 1:15pm – 2:15pm
Session description: Breaches are expensive. So expensive that cyber insurance coverage is often lacking. This presentation explores the economics of breaches, the differences between breach and incident response and how you can align your security team’s goals with company values.

GuidePoint will also be hosting a networking event in Boston with our technology partners. Register here to connect with your peers and industry professionals.
Security Social Hour at Kings Bowling Alley
March 29, 4-7pm

For more information about the 2016 SecureWorld Expo in Boston, visit www.secureworldexpo.com/boston/home.

About GuidePoint Security

GuidePoint Security LLC provides customized, innovative and valuable information security solutions and proven cyber security expertise that enable commercial and federal organizations to successfully achieve their security and business goals. By embracing new technologies, GuidePoint Security helps clients recognize the threats, understand the solutions, and mitigate the risks present in their evolving IT environments. Headquartered in Herndon, Virginia, GuidePoint Security is a small business, and classification can be found with the System for Award Management (SAM). Learn more at: www.guidepointsecurity.com.

GuidePoint Security and Exabeam Join Forces for AFCEA WEST 2016

west_logo2016The United States is facing more technological and security challenges than ever before. Identifying the right solutions for the unique and pressing needs of the military and government are just some of the issues that will be discussed during the upcoming AFCEA WEST Conference and Exhibition, on Feb. 17-19, 2016, at the San Diego Convention Center in San Diego California.

Experts from both GuidePoint (GuidePoint Security) and Exabeam will be on hand in booth #1011 to provide valuable insight on technological services, strategic solutions related to national cybersecurity issues, and concerns about protecting critical information and data.

GuidePoint delivers innovative solutions that address the tough security challenges facing the country’s defense and armed forces divisions. Exabeam is a user behavior analytics solution that leverages existing log data to quickly detect advanced attacks and accelerate incident response. As industry leaders, GuidePoint and Exabeam were natural partners for the three-day event, which will include exhibitor presentations, town hall discussions and an exchange of ideas on best practices and methods for stopping future threats and attacks.

Stop By and See the Latest Security Solutions Demos

GuidePoint’s team of experts will be focusing on services including Identity Access Management (IdAM), which specializes in deploying Security Access Managers (SAM) and seamlessly integrating the customer’s Public Key Infrastructure (PKI) to meet the goal of securing sites and applications while safeguarding data.

Consider the most devastating information breaches of the decade, involving insiders like Chelsea Manning and Edward Snowden; solutions must include the means to stop such access threats while ensuring that classified information remain protected and in the hands of authorized users only.

GuidePoint’s IdAM solution delivers the necessary layer of protection to stop such incidents while safeguarding valuable data. IdAM is a culmination of over two years of work by the GuidePoint federal services team, who set out to develop a solution that would provide the simplicity of a single information system while providing PKI authentication and authorization for hundreds of web applications.

Through GuidePoint’s unique services, organizations are able to strengthen their security posture and improve the ease of use of their web applications. This secures the agency from insider threats while simultaneously meeting the requirements of current policies and directives in regard to information access.

Exabeam, a leader in security analytics and intelligence solutions, will demonstrate its user behavior analytics and threat hunting software. The product enables security analysts to detect insider threats and external hackers within a network, to hunt for new threats on the network, and to automate investigation and response. Detection includes key signals such as lateral movement and privilege escalation. Threat hunting includes searching for user sessions based on any combination of attributes or activities. Investigation includes automatically stitching together all activities and context related to an attack and presenting that in a way that even Tier 1 analysts can understand. The Exabeam demo will show all of the above to clearly highlight the productivity and security benefits of the solution. For more information visit www.exabeam.com.

About GuidePoint Security

GuidePoint Security, LLC provides customized, innovative and valuable information security solutions and proven cyber security expertise that enable commercial and federal organizations to successfully achieve their security and business goals. By embracing new technologies, GuidePoint Security helps clients recognize the threats, understand the solutions, and mitigate the risks present in their evolving IT environments. Headquartered in Herndon, Virginia, and with offices in Georgia, Massachusetts, Michigan, Minnesota, Missouri, Florida, Texas, and North Carolina, GuidePoint Security is a small business, and classification can be found with the System for Award Management (SAM). Learn more at: www.guidepointsecurity.com.

 

Ask the Insider Threat Experts at the 2015 DoDIIS Worldwide Conference

GuidePoint Security will be showcasing Insider Threat Solutions at DoDIIS Worldwide Conference on August 23rd thru Aug 26th, 2015.

GuidePoint has been working closely with the federal government over the past three years to develop PKI integrations for mission critical and business applications through F5 Networks, and integrating the resulting audit data into a Splunk application to assist in monitoring PKI access and authorization. This new capability assists in identifying users that mean harm to government networks.

In addition, GuidePoint has partnered with multiple industry- leading vendors including Digital Guardian, Exabeam, Apcon, and Pernix Data on enhancing network and system data for identifying suspicious activity across the enterprise, ultimately supporting the identification of anomalous activity. With these capabilities, GuidePoint enables a holistic approach to insider threat and anomaly detection for government networks.

GuidePoint Security is extremely excited for the opportunity to demonstrate newly developed solutions and capabilities at DODIIS Worldwide to help our customers and partners better understand the options available when working with GuidePoint.

Information about our partners:

Digital Guardian: Digital Guardian, formerly Verdasys, is a network security company focused on securing the sensitive data of the world’s most inventive, influential companies.

Exabeam: Exabeam is a user behavior analytics solution that leverages existing log data to quickly detect advanced attacks and accelerate incident response. Exabeam’s Stateful User Tracking™ automates the work of security analysts by resolving individual security events and behavior anomalies into a complete attack chain. Built by seasoned security and enterprise IT veterans from Imperva and Sumo Logic, Exabeam is headquartered in San Mateo, California and is privately funded by Norwest Venture Partners, Aspect Ventures and Investor Shlomo Kramer.

Apcon: APCON develops innovative, scalable technology solutions to enhance network monitoring, support IT traffic analysis, and streamline IT network management and security. APCON delivers state-of-the-art IT data aggregation, filtering, and network switching products, as well as leading-edge management software. APCON is headquartered near Portland, Oregon, where it has operated since 1993.

PernixData: PernixData is fundamentally changing how storage is designed and operated in virtualized data centers. The company’s software puts storage intelligence into high speed server media, establishing a control point for optimizing application performance and managing data center operations with true scale-out growth. With PernixData software, customers can leverage any storage platform for capacity, creating a decoupled storage architecture that maximizes design flexibility while minimizing storage costs.

Event information:

When: August 23-26, 2015
Where: Henry B. Gonzalez Convention Center | San Antonio, TX

The Defense Intelligence Agency (DIA) 2015 Department of Defense Intelligence Information Systems (DoDIIS) is a conference hosted by the DIA Chief Information Officer. This year’s theme is “Accelerating Intelligence Integration-Powered by Innovation & Technology, designed to highlight the DIA CIO’s commitment and intent to unify the defense intelligence infrastructure and information sharing initiatives through innovation, collaborative partnerships and technologies. Visit https://www.ncsi.com/dia/2015/index.php for more information.

Our technical experts from GuidePoint Security look forward to the opportunity to share our knowledge and newly developed solutions with attendees. We hope to see you at DoDIIS!

About GuidePoint Security
GuidePoint Security, LLC provides customized, innovative and valuable information security solutions and proven cyber security expertise that enable commercial and federal organizations to successfully achieve their security and business goals. By embracing new technologies, GuidePoint Security helps clients recognize the threats, understand the solutions, and mitigate the risks present in their evolving IT environments. Headquartered in Herndon, Virginia, GuidePoint Security is a small business, and classification can be found with the System for Award Management (SAM). Learn more at: www.guidepointsecurity.com
.

 

 

Ask the Experts: Learn from GuidePoint Security’s Experts in Las Vegas at Black Hat, BSidesLV, & DEF CON

Screen Shot 2015-07-21 at 4.58.37 PMIn search of expert Information Security advice while in Las Vegas? Look no further: the technical experts of GuidePoint Security will be present at the Black Hat, BSidesLV, and DEF CON conferences in August to answer all of your pressing information security questions.

Participating alongside GuidePoint Security are vendors Checkpoint, ForeScout, Kaspersky, Skybox, and Tenable. Look for our participants at any of the above conferences — we’ll be wearing matching t-shirts and/or buttons that say “Ask the Experts” at each event. We encourage attendees to stop and talk with our technical experts for a ten-minute, free consultation. We’ll be making ourselves available to answer any security questions your organizations have, whether they’re federal or commercial-related. GuidePoint Security’s expertise is in Information Security, and we strive to share our knowledge on relevant products and services.

Following the Black Hat and Def Con conferences, GuidePoint Security will be hosting social networking events (see details below), and welcome all conference attendees to join us.

A little bit about our participating vendors:

Checkpoint: Check Point Software Technologies Ltd. is an international provider of software and combined hardware and software products for IT security, including network security, endpoint security, data security and security management.

ForeScout: ForeScout enables organizations to continuously monitor and mitigate security exposures and cyber-attacks. The company’s flagship CounterACT™ appliance dynamically identifies and assesses network users, endpoints and applications to provide visibility, intelligence and policy-based mitigation of security issues. ForeScout’s open ControlFabric™ technology allows a broad range of IT security products and management systems to share information and automate remediation actions.

Kaspersky: Kaspersky is one of the world’s fastest-growing cybersecurity companies, and the largest that is privately-owned. They operate in 200 countries and territories and have 34 offices in 31 countries. They are a global corporation with a global vision and a focus on international markets.

Skybox Security: Skybox Security meets the network vulnerability and threat management needs of our clients. With the help of Skybox’s predictive analytics, enterprises can monitor and protect their networks in a timely manner. They can also eliminate attack vectors, manage firewalls, and stay ahead of threats using one platform−without ever disrupting normal network operations.

Tenable: Tenable Network Security provides continuous network monitoring to identify vulnerabilities, reduce risk and ensure compliance. Our family of products includes SecurityCenter Continuous View™, which provides the most comprehensive and integrated view of network health, and Nessus®, the global standard in detecting and assessing network data.

You’re invited:

Join GuidePoint Security, Check Point, Forescout, Kaspersky, Skybox, and Tenable for a Security Social Hour after Black Hat.
When: August 4, 2015, 5:30 PM – 7:30 PM
Where: Ri Ra Irish Pub | Shoppes at Mandalay Bay Place | Las Vegas, NV
Registration: http://go.guidepointsecurity.com/BlackHat_Networking-Events-Template_01LP—Reg-Page.html

Meet with GuidePoint Security for a Happy Hour and Networking event after DEF CON.
When: August 7, 2015 5:30 PM – 7:30 PM
Where: Planet Hollywood | EXTRA Lounge | Las Vegas, NV
Registration: http://go.guidepointsecurity.com/20150807DefCon_Networking-Events-Template_01LP—Reg-Page.html

Event(s) information:

BSidesLV
When: August 4-5, 2015
Where: Tuscany Suites | Las Vegas, NV

Black Hat
When: August 1-6, 2015
Where: Mandalay Bay | Las Vegas, NV

DEF CON
When: August 6-9, 2015
Where: Paris & Bally’s | Las Vegas, NV

At GuidePoint Security, our goal is to serve as your trusted information security advisors around-the-clock. We’re looking forward to the opportunity to participating in the upcoming conferences and networking events and sharing our expertise. Look for our “Ask the Experts” t-shirts and buttons. We hope to see you there!

About GuidePoint Security

GuidePoint Security, LLC provides customized, innovative and valuable information security solutions and proven cyber security expertise that enable commercial and federal organizations to successfully achieve their security and business goals. By embracing new technologies, GuidePoint Security helps clients recognize the threats, understand the solutions, and mitigate the risks present in their evolving IT environments. Headquartered in Herndon, Virginia, GuidePoint Security is a small business, and classification can be found with the System for Award Management (SAM). Learn more at: www.guidepointsecurity.com.