A few months back at Black Hat USA 2009 a few members of Cisco Security Intelligence Operations (SIO) delivered our first, of what is expected to be many, training sessions to conference attendees. Well, here we are three months later with Black Hat DC 2010 just around the corner and we (Cisco SIO) are back on the agenda again to deliver our hands-on Detecting & Mitigating Attacks Using Your Network Infrastructure training session. One small change for round 2 though, John Stuppi will be joining us as an instructor for our training session in Arlington, VA. Welcome aboard John -- oh if he only knew what he was getting himself into. ☺
As described in a previous blog post by one of my fellow instructors and esteemed Cisco Security blogger, Tim Sammut, we will be informing and teaching attendees about the built-in features, solutions, and capabilities that exist in devices within your network infrastructure and how to make practical and effective use of the devices to monitor, detect, prevent, and trigger responses to attacks and threats.
A quick snippet of our training session abstract follows:
Detecting & Mitigating Attacks Using Your Network Infrastructure
by Joseph Karpenko, Tim Sammut, and John Stuppi, Cisco Systems
Learn leading network security practices from experts who develop these techniques and put them to practical use.
Security engineering teams often focus on the security of networked workstations, servers and applications, neglecting the network itself. Many networks also receive only rudimentary security implementations that are often deployed inconsistently. These scenarios not only fail to completely protect the network from the threats of today, they fail to fully utilize the network to detect and mitigate attacks against the computing infrastructure of an organization.
One of the key messages of our session is not just the native functionality and capabilities existing in the devices within your network infrastructure, but it is how you as an operator can tactically and strategically implement and deploy them based on a six-phase methodology to incident response. What’s even better is that you as a student are able to do this yourself since our training session also includes hands-on lab objectives. So you are now in the hot seat per se and as Ty Webb from Caddyshack would say, “The Zen philosopher Basha once wrote, ‘A flute with no holes, is not a flute. A donut with no hole, is a Danish.’ He was a funny guy.“
Our Chairman and CEO, John Chambers, has stated on many occasions, “The Network Is The Platform.” Chambers has also stated, “When the network becomes the platform what does it mean? It means that you can deliver things faster than before.” Lets take a step back and look at this from a security perspective and how it relates to you as an operator. You have this interconnected collection of devices, known as your network infrastructure, that transports and processes traffic that is critical to your business, its operations, and delivery of services. So, how can your network infrastructure help you? Well, it is the platform that has the functionality and capabilities to deploy and implement the multiple security solutions and techniques that we will cover in our training session. But lets not stop there, it is your swiss-army knife in the toolbox, giving you multiple options to choose from when you are trying to decide which feature, technique, or solution to deploy when handling an incident. Think of it like this, when your handling an incident -- your network infrastructure is the human-body and your the brain telling it how to react or not react for that matter.
So, come join us in Arlington, VA and during the hands-on labs you may learn some new tricks that you can pull out of your magic hat during your next incident, or you may learn something you can implement and deploy the next time you re-architect your existing network infrastructure or during the design of a new network infrastructure.
FYI, since Black Hat DC 2010 only offers training sessions on two days (January 31st and February 1st, 2010), our two-day session will only be delivered once. At Black Hat USA 2009, we had full sessions, so hurry up and register and we will see ya in a few months.