Please register for the next (ISC)² Kansas City Chapter Meeting and plan to attend the first Wednesday of the month-December 2nd!  Registering will help us plan accordingly for meeting space, chairs and refreshments.

Register Now at Eventbrite:

Chapter Meeting Details:

  • When: Wednesday, December 2nd, 2015 (The first Wednesday of every month)
  • Time: 6:30 PM to 8:30 PM
  • Where: THE CAVES!  Cavern Technologies Phase 4
  • Address: 17501 W 98th St #856, Lenexa, Kansas 66219
  • Format:  Round table, interactive discussion with security professionals from many different industries, tech companies and organizations, from upper management to operators who have many diverse experiences.  We invite knowledgeable and expert members and guests to facilitate and keep the discussion moving along and on-task.
  • Topic: Incident Response:  “You’ve been breached! Now What?”

    • Terry’s Awesome Story and his Lessons Learned
    • Part 2 of 3
      • Part 1 – Details of a real world breach and why you need trusted partner
      • –>Part 2 – Forensic Analysis
      • Part 3 –  Remediation
    • Goal:  A motivated adversary will get in, which is why defense in depth always requires response.  You must be able to go back in time to find out how the attack started, where it went and what it did; and you must have the right tools to contain the damage and gather data for the investigation.
  • Facilitator:
    • Terry Olaes is a senior Sales Engineer at Damballa, a network security company focused on detection of advanced threats in your environment. Prior to Damballa, Terry was the focal for a security incident at a major retailer that resulted in a trip to Capitol Hill, articles with Brian Krebs, and other unwanted attention.  Terry lives in NW Fort Worth, TX and relaxes by gaming and letting his kids climb all over him.
    • Josh Fazio, Solutions Consultant, Guidance Software – Josh joined Guidance Software in May of this year and has over 20 years of Law Enforcement experience. Josh’s last five years in Law Enforcement were spent as part of the United States Secret Service’s Electronic crimes task force investigating crimes ranging from child exploitation to data theft from major corporations. Josh has also spent the last 4 years working for a consulting firm in Chicago were he led cases ranging from incident response to IP theft.  Josh is EnCE certified and also hold the USSS advanced computer forensic certification.
    • Chris Lord, Head of Research and Development, Bit9 + Carbon Black – Chris leads projects in areas such as machine learning, virtualization, entity analytics and visualization.  Chris was previously Chief Architect for endpoint security products at Bit9 and has worked across many areas of computing including survivability, virtualization, fault tolerance, and distributed systems.  His research interests are in emergent systems and cybersecurity resilience based on his earlier work at CERT.  You can follow him on Bit9’s blog and Twitter (@deteriorata).


  • From Terry:  In this series, I want you to ensure that you are armed with the right knowledge that will positively impact the recovery from a security incident resulting in a breach.  In this first session, we will talk about the importance of being proactive in defining a trusted partner to assist you with investigation and other aspects of an incident.  From establishing client privilege to providing impartial situation reports to unbiased remediation recommendations, this external partner can mean the difference between survive and thrive for you personally and professionally.

Come prepared with your experiences, questions, and your security concerns that you wish to bring before a host of like-minded security professionals.

About -Durk-

I am a first and foremost a dedicated follower of Christ. I am a dad. I am an extrovert, a techie geek, an info security expert-in-training, and a wannabe entrepreneur.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s