2025 February Training Session

When:  Feb 5, 2025 from 13:00 to 16:30 (ET)
Associated with  Research Triangle Chapter

2025 February Training Session Announcement
When: February 05, 2025 1300-1630
Where: Zoom or in person at Paramount Event Venue, Morrisville NC
Cost: Free


You are encouraged to attend in person so as to be able to interact with the speakers and network with chapter members
The Zoom link will be shared with registrants one day prior to the session.


Session I
Topic: Achieving Cloud Security Certifications - CCSK and CCZT

Whether you're new to cloud security or looking to expand your skillset, this talk will provide valuable insights into how to develop cloud security skills and achieve Certificate of Cloud Security Knowledge (CCSK) and Certified Cloud Zero Trust Professional (CCZT) certification.

  • The growing importance of cloud security skills in today's digital landscape
  • Key areas covered by CCSK and CCZT certifications
  • How these certifications can boost your career and benefit your organization
  • Tips for exam preparation and success

Topic: Breaking Bad: Leveraging AI ML for Monitoring and Incident Response

In this technical presentation, author will dissect five incident scenarios from common to more complex, that a typical incident responder must deal with. And walk through the anatomy of an attack and how to leverage AI capabilities to detect and respond to such cyber attacks using code, logs, attribution, past incident data.
Author is Principal Engineer for Cisco's incident response team (CSIRT) and leads the AI ML initiative for last 3 years. As part of this initiative team has developed and improved 50+ detections and utilities leveraging AI and Machine Learning models. Using a hands-on approach, we will guide you through the anatomy of each attack, exploring how AI tools like Scikit-learn, Pandas, Splunk MLTK, Lang Chain, LLMs, vector databases, and generative AI can be leveraged to analyze logs, attribution data, and past incident information. We'll delve into specific use cases, including:

  • Sensitive Data Exfiltration: Identifying unauthorized data transfers using AI-driven anomaly detection.
  • Identity-Based Attacks: Detecting compromised credentials and abnormal user behavior patterns.
  • Abuse of Compromised Credentials: Uncovering malicious activities associated with stolen or compromised accounts.

By the end of this session, you'll gain a comprehensive understanding of how to apply AI/ML techniques to enhance your security monitoring and incident detection capabilities, enabling you to stay ahead of evolving threats.

Speaker: Vinay Bansal, CTO/Principal Engineer, CSIRT, Cisco Systems and Training Director, CSA Triangle Chapter

Vinay K. Bansal is CTO and Principal Engineer for Cisco's Cybersecurity/CSIRT team. In his current role he is responsible for technical leadership and running strategic security initiatives that includes cloud security, improving threat detection and incident response leveraging advancements in AI/ML. He previously held various roles including chief architect for Cisco's 100+ cloud offers, global security lead for Cisco’s “Web and Application Security Architecture Team”, that improves security of Cisco’s 2000+ IT Web Applications, databases, mobile services. Vinay has 30+ years of industry leadership experience in securing and architecting innovative solutions. Prior to Cisco Vinay has worked at various Fortune 500 companies including IBM, AT&T, Nokia, Experian, and Plessey Telecom (UK). Vinay holds a Master's degree in Computer Science from Duke University.


Session II

Topic: Introduction to Powershell for Auditors

Auditors and IT professionals work with substantial amounts of data, requiring the need for a variety of tools to help them work with this data. Many of these tools are expensive and may not provide the capabilities that auditors need. One of the most versatile (and free) platforms that auditors can take advantage of PowerShell®, which is included in all Windows operating systems. While designed to help systems administrators with their tasks, it also has powerful capabilities that auditors can use in performing their audits.
In this session, Mike Howard will provide an introduction on how auditors (and IT professionals) can use this platform to analyze data and/or collect information from common sources. Mike will provide real- world scenarios and demonstrations on using PowerShell to extract and analyze data from commonly used files CSVs and Excel files as well as extracting data from popular software such as Active Directory, Windows Logs, Nessus, and Azure AD. By the end of this session, you will have a greater awareness of how PowerShell can expand your auditing skills and the next steps for learning how to use this powerful platform to create your own custom audit tools.
Mike has written an article for the GWDC on Why all Auditors Should Be Using PowerShell® for those interested in a read-ahead on this session.

Speaker: Mike Howard, CISA

Mike Howard is an experienced IT auditor with 30 years of IT auditing experience in the Federal Government. Mike is a technical auditor who has audited a wide variety of technologies, including mainframes, Unix environments, Active Directory, databases, Cisco devices, Windows devices, and a variety of applications. Mike embraces innovative technologies to accomplish his audits, most notably using PowerShell to write custom scripts. Over the 14+ years that he has been using PowerShell, he has written over 400 PowerShell scripts. Mike has also taught seminars and workshops for the ISACA Greater Washington D.C. Chapter on how to use PowerShell in auditing Active Directory, Windows Logs, and Azure Entra ID as well as analyzing data from variety of data sources including CSVs, Excel Spreadsheets, and XML files.
Mike is a member of the ISACA Greater Washington D.C. chapter and has served on the board for 17+ years in various technology and communications Director positions. Mike is currently the IT Director, where he manages the chapter’s website and manages chapter communications. Mike uses PowerShell to accomplish tasks related to his Chapter duties, including updating mailing lists and managing CPEs for chapter events.
Mike has a B.S. in Accounting from Old Dominion University and a Masters in Business Administration from George Mason University.


Location

Paramount Event Venue
5180 Paramount Parkway
Morrisville, NC 27560

Pricing Information

Registration Price
All Registrants $0.00