February 25, 2015
NJ ISSA Chapter Meeting
New Jersey Chapter ISSA Meeting
Date: Wednesday, February 25, 2015
3:30pm – 7:00pm
Venue: Deloitte, Parsippany NJ
3:30-4:00 Check In/Registration
4:00 – 5:00 Presentation: Mitigating Zero Day Threats and DDOS in the Cloud, Israel Barak, Sentrix
Mr. Barak’s presentation explores the root cause for zero-day attacks as well as why these sorts of attacks are so successful. Improper validation and sanitization of traffic-flows into organizations’ web servers is fundamentally a principal cause for Zero-Day attacks. In a perfect world, web applications and websites would be protected by very tight whitelisting, thereby reducing zero-day attacks such as Shellshock. The effectiveness of these sorts of exploits is dramatically reduced across tightly whitelisted web systems. The question then becomes rather simple—it is a question of manageability. Traditional web security systems require thousands or more rules to be setup properly and continually updated, and if that’s not difficult enough, system management is further complicated by highly dynamic, interactive and rapid time-to-market business environments—making these sorts of web security systems highly impractical for most organizations. The resulting security quagmire is the implementation of a substantially limited security system (based on manageability) that relies on highly inadequate signature-based methodology that, yes, is easier to manage, but cannot stop zero-day attacks or DDOS. What if your web security architecture were able to decouple and separate the web application presentation layer automatically from your business logic layer? This sort of intelligence layer and separation of business logic would dramatically reduce the number of required whitelist rules to a fraction of the number required by the more traditional web security technologies. What you would have is not just the simplest web security system to manage (and the fastest-to-deploy), but most importantly, it would be the most secure.
Israel Barak is the co-founder of Sentrix, co-founding the company in 2011. He currently functions as Sentrix GM business operations for the Americas. Mr. Barak specializes in developing and assimilating innovative technologies and enhancing organizations’ capacity to withstand cyber-attacks. Mr. Barak draws from his extensive background in various security and military bodies, including serving as the Head of the Israeli Defense Forces Cyber Red Team Unit for 5 Years. Mr. Barak also founded one of Israel's leading national cyber security consulting groups (now part of CITI Group). He is an active member of OWASP, the Cloud Security Alliance, and ISSA.
5:00 – 5:15 Break
5:15 – 6:00 Presentation: Enforcing Application Security Against Cyber Attacks, Eric Chazulle, A10 Networks
Every security professional has to tread the line between enforcing application security against increasingly sophisticated cyber attacks, while also providing sufficient access for legitimate end users. If security is too tight, the application may become unusable for the end user; if security is too light, then an organization can be compromised, bringing revenue loss and brand damage. Almost every organization has applications that must be publicly accessible and as technology rapidly evolves, organizations are challenged to ensure this balance between provisioning sufficient security and providing access for legitimate users.
A10 Networks offers a range of security products with the new premium Thunder and original AX application delivery controllers (ADCs) and Thunder Threat Protection System (TPS). Each is built on the Advanced Core Operating System (ACOS) with rich security feature sets. These A10 products can help you scale, improve efficiency and enhance the security posture of your DMZ security infrastructure.
Eric Chazulle is a Senior Systems Engineer for A10 Networks. Over the past 25 years, Eric has actively been involved in designing and implementing enterprise networks and security systems for Fortune 500 companies, law enforcement and various government agencies. Prior to A10, Eric spent six years with Foundry Networks deploying high-speed networks and application delivery solutions. More recently he was instrumental in deploying network security solutions at News Corp. and NYPD.
6:00 – 7:00 Cocktail Reception
From the North:
Take Interstate 287 South to Exit 42. Proceed to the light and turn left onto Parsippany Road. Continue to the next traffic light and turn left onto Route 46. Turn right onto Smith Road (after the Gulf Gas Station). You will pass the Sheraton. Make a left onto Jefferson Road, and another left onto Kimball Drive.
From the South:
Take Interstate 287 North to Exit 41A. Bear right onto the ramp and turn right at the end of the ramp onto Smith Road. You will pass the Sheraton. Take a left onto Jefferson Road, and another left onto Kimball Drive.
From the East:
Take Interstate 80 West to Exit 43B. Follow the signs for Interstate 287 North. Take Route 46 and Smith Road Exit. Turn right at the stop sign. Continue on to the light and turn right onto Smith Road. You will pass the Sheraton. Take a left onto Jefferson Road, and another left onto Kimball Drive.
From the West:
Take Interstate 80 East to Exit 42C. Follow US-202 North to the traffic light. Proceed on through the light to the end of the road. Turn right onto Smith Road. You will pass the Sheraton. Take a left onto Jefferson Road, and make another left onto Kimball Drive.
From New York (World Fi):
Take the Holland Tunnel to New Jersey and follow signs for the New Jersey Turnpike Extension. Then take I-78West. Follow I-78 West to Route 24 West to I-287 North. Take Interstate 287 North to Exit 41A. Bear right onto the ramp and turn right at the end of the ramp onto Smith Road. You will pass the Sheraton.
Take a left onto Jefferson Road, and another left onto Kimball Drive.
From New York (1633 Broadway):
Take the Lincoln Tunnel to NJ, and follow signs for I-95 South/New Jersey TPKE South (towards I-280/Newark/I-78). Take exit 15W and proceed onto I-280 West toward Newark/Kearny. Merge onto I-80 West toward I-287/Mahwah/US-46/Morristown. Take Interstate 80 West to Exit 43B. Follow the signs for Interstate 287 North. Take Route 46 and Smith Road Exit. Turn right at the stop sign. Continue on to the light and turn right onto Smith Road. You will pass the Sheraton. Take a left onto Jefferson Road, and another left onto Kimball Drive.
Back to Calendar Archives