March 21, 2018 CPE Luncheon

Topic: Cloud Access Security Broker (CASB)

Join us for this presentation by Alejandro “Ale” Cadena, Netskope

Time and Location: March 21st, at Boise Plaza, 1111 West Jefferson @ 11:30 AM to 1:00 PM.

There will be no cost to attend the CPE event.

Presentation Summary:   “Cloud Access Security Brokers – What’s All the Hype?”  An introduction to the growing Cloud Access Security Broker (CASB) space, with demonstrations of some of the most common use cases for protecting sensitive data in a world where data is being moved to and shared in the cloud as the traditional perimeter disappears.

Speaker:  Alejandro “Ale” Cadena began his information security journey over sixteen years ago in the Marine Corps, leading to work in the Department of Defense where he focused his expertise on a broad swath of technologies. After a move to Seattle where he resides today, he helped build and protect the T-Mobile USA network as a Senior Security Engineer with a heavy emphasis on large scale proxy and firewall implementations. For the last several years Ale has shifted his focus to helping his customers and architect complex data security solutions for private and public cloud implementations. He is currently a Sr. Sales Engineer at Neskope and spends his free time seeking out great live music or experimenting with exotic spices in his kitchen.

February 21, 2018 CPE Luncheon

Topic: Auditor’s Guide to AD Security.

Join us for this presentation by Adam Steed, Associate Director, Protiviti

Time and Location: February 21st, at Boise Plaza, 1111 West Jefferson @ 11:30 AM to 1:00 PM.

Presentation Summary:  Over the last 18 months one of the most consistent findings for Internal Penetration tests involve Credential Theft and Pass the Hash (PtH) attacks in Active Directory. Organizations need to create comprehensive audit programs that can assess these types of threats and assess other top Active Directory security risks.

In this session, we will cover:

  • Fundamentals of Credential Theft and Pass the Hash
  • Demonstrate common Credential Theft and Pass the Hash attack tools
  • Explain the controls an organization must put in place to protect against these types of attacks
  • Discuss the other top 5 security issues common in Active Directory environments
  • Define the elements needed in an Active Directory security audit work program

Speaker:  Adam is an Associate Director in Protiviti’s Salt Lake City office. He brings over 20 years of experience in Healthcare, Banking and Internet E-Commerce. Adam has demonstrated experience in helping organizations move Identity Management  beyond compliance to optimized processes and security by finding a balance between business process optimization, usability and security. His former employers include W.J. Bradley Mortgage (Top 20 Mortgage Company), Zions Bank (15,000 Employees) and (6,000 Servers).  Adam is also a sought after speaker on at conferences such as Defcon, ISACA events, BSides, and Oktane.

Compunet Red vs Blue Workshop

ISACA Boise has partnered with Compunet to offer a free Red vs. Blue Workshop on Friday, February 9th.  This offer is being offered to Boise ISACA members and seating is limited.  Compunet will compile the registrations. If we exceed the allotted seats, they may offer and additional afternoon session.

Limited Space Available

CompuNet’s Red vs Blue Competition Workshop

Have you ever detected an attack while it was happening? Have you ever been the attacker? Red versus Blue is a hands-on workshop where participants experience security attacks from the perspective of an attacker and a defender.

Join us for our security competition Red vs Blue.This workshop allows participants to experience security attacks from the perspective of an attacker and a defender.
As a Blue Team participant, you’ll be monitoring a live environment looking for anomalous behaviors.  It will be your job to identify the breach and make recommendations for remediation.  Blue team players will get hands-on experience using tools for attack detection.
Red Team participants will receive a playbook with step-by-step instructions for a series of attacks against the Blue Team.  All Red Team tools are included with Kali Linux.
This event is designed for players of all abilities.
What to bring:  A laptop capable of booting Kali Linux is required.

COBIT 5 User Group

The Boise Chapter of ISACA is starting a COBIT 5 User Group.  COBIT 5 is ISACA’s framework to help organizations govern and manage enterprise IT.  What makes COBIT 5 so unique is it is an umbrella framework that leverages other compliance and operational frameworks.  Such framework areas as Sarbanes Oxley (SOX) compliance, PCI, HIPAA, service management, and project management fit very well under the umbrella.  The Boise chapter wants to set up a user group that will meet every other month for an hour or two to share ideas, best practices, and learnings on implementing COBIT 5.  We encourage IT executives, managers and professionals to participate in this user group forum.

Please contact John Stiffler at if you are interested in attending the user group meetings.  Once we have 7 to 10 interested individuals, we will schedule our first user group session.

January 17, 2018 CPE Luncheon

Topic: Orchestration and Automation in the Real World.

Join us for this presentation by Ken Dunham | MSS Technical Director, Optiv

Time and Location: January 17th, at Boise Plaza, 1111 West Jefferson @ 11:30 AM to 1:00 PM.

Presentation Summary:  TBA

Speaker:  Ken Dunham – CISSP, GCFA Gold (forensics), GCIH Gold (honors, incident handling), GSEC (network security), GREM Gold (reverse engineering), GCIA (intrusion detection), Certified Information Security Manager (CISM-ISACA)