CRIME meeting - 10 September @ 10Am @ Verizon

From: George Heuston (GeorgeH@private)
Date: Sat Sep 07 2002 - 18:23:12 PDT

  • Next message: George Heuston: "CRIME FW: Exposing and Preventing Information Security Vulnerabilities"

    Folks,
     
    2nd Call for the CRIME meeting this next Tuesday.  See you there!
     
    Speaker: Gene Kim from Portland's own Tripwire Security.
     
    Topic: "An IT Safety Metric: Why Is It So Difficult To Maintain Control?"
     
    Synopsis:
    The job of security practitioners is bad enough trying to detect bad guys,
    but what happens when forces conspire to make the task of remediation and
    recovering almost impossible?  Rapid capacity expansion and "break/fix"
    cycles often lead to loss of repeatable builds.  This talk describes how the
    loss of production controls, configuration management, and change control
    leads to configuration drift and the loss of what is a "known, good state."
    We also describe how to measure it, and recover it before you need to.
     
    To measure an IT organization's ability to avert "unbounded security
    remediation" efforts, Kim and Dr. Spafford developed the IT Safety Index. We
    present case studies to display the various attributes of Level 0 to Level 5
    organizations to show how basic capabilities map to an IT organizations
    ability to provide business continuity and security.
     
    Gene's Bio:
    As co-creator of the original Tripwire software and co-founder of Tripwire,
    Inc., Gene Kim now serves as Vice President and Chief Technical Officer.
    While his major responsibility is Tripwire products and development of
    future technology, his stamp on Tripwire can be seen everywhere, from new
    products and business development, to sales and marketing. Kim also
    frequently serves as the company evangelist, speaking at industry events and
    contributing articles on security-related topics. 
    Kim co-created the first version Tripwire software in 1992 when he was a
    student at Purdue University working under security luminary, Dr. Eugene
    Spafford. Tripwire worked so well it was quickly embraced by the security
    community and eventually became a part of best practices for computer
    security professionals around the world. After earning his B.S. in Computer
    Sciences from Purdue, he earned an M.S. in Computer Sciences from the
    University of Arizona. Kim also spent summers at the Supercomputing Research
    Center (now known as the Center for Computing
    Sciences) in Maryland working with many of the country's best computer
    scientists, engineers, and mathematicians on high-performance computing
    techniques for the National Security Agency. Following that, Kim worked at
    Intel and then at Infinite Pictures where he met Wyatt Starnes. He and
    Starnes formed Tripwire, Inc. in 1997 to create a dramatically enhanced
    version of Tripwire that would protect data and network integrity for
    Internet-driven businesses.
     
    Directions:
     
    http://crime.zotconsulting.com/directions.php3
    <http://crime.zotconsulting.com/directions.php3> 
     
     
    Geo
     
     
    



    This archive was generated by hypermail 2b30 : Sat Sep 07 2002 - 19:06:13 PDT