Contact Us   |   Print Page   |   Sign In   |   Join Now
Raleigh ISSA Chapter Meeting February 7, 2019
Tell a Friend About This EventTell a Friend
Raleigh ISSA  Chapter Meeting February 7, 2019

Sponsor: nccgroup Topic: Notes from the Red Team

When: First Thursday of the month
Where: RTP Headquarters/Conference Center
12 Davis Drive
Research Triangle Park, North Carolina  27709
United States
Presenter: Raleigh ISSA

Online registration is closed.
« Go to Upcoming Event List  

Raleigh ISSA THURSDAY February 7, 2019 Chapter Meeting




5:15 – 6:00pm Career Services (Conference Room 1)

5:15 – 6:00pm Back-to-Basics (Main Room) Mike Mitchell from Swimlane to discuss SOAR/Security Automation & Orchestration

6:00 – 7:00pm Jersey Mikes / Drink / Socializing (Lobby)

7:00 - 7:15pm Board Updates (Main Room)

7:15 – 8:15pm Main Presentation (Main Room) Robert Wessen nccgroup "Notes from the Red Team"






Speaker:  Mike Mitchell

Security Orchestration, Automation and Response: The Importance of an Integrated SecOps Strategy


Topic Description


As cyber-attacks continue to proliferate and evolve, perpetually understaffed SecOps teams face a growing challenge. Not only is the number of alarms that SecOps are required to manage overwhelming, they frequently lack the context necessary for analysts to quickly determine whether or not they represent real threats. And every year the need to respond to new classes of threats gives rise to yet another set of specialized security tools adding to the flood of daily security alarms. The lack of integration and centralized event context combined with staffing and skill shortages makes it difficult for security operations teams to effectively keep up with attackers. 

Join guest speaker Mike Mitchell, SOAR Subject Matter Expert for Swimlane, to learn strategies to help overcome these challenges, and why integrating your security stack and Security Orchestration, Automation and Response (SOAR) is a critical component of an effective SecOps strategy.


This talk will cover:
·      Improving threat management efficiency with centralized event context
·      Optimizing incident response processes through integrated case management, orchestration and automation

·      Reducing mean time to respond (MTTR) by automating repetitive manual tasks

Speaker Bio:


Mike Mitchell is a security orchestration, automation and response (SOAR) SME with 6 years of diverse cyber security experience as a Senior Solutions Engineer and a Sales Engineer. As one of the lead engineers at Foreground Security (acquired by Raytheon), he was responsible for managing and securing the entire corporate and production environment, as well as supporting multiple security operations centers. He was also the lead in developing and shipping a network security monitoring solution to supplement Foreground’s managed solutions.


Main Presentation


Robert Wessen

Senior Security Consultant
NCC Group

Topic: Notes from the Red Team


Speaker: Robert Wessen

Senior Security Consultant
NCC Group

Bio: Robert is a Senior Security Consultant with NCC Group. He has just under 20 years of experience in IT, with 12 of those dedicated to security. He has held positions in support, system administration, and management before finally settling on security. He has worked in almost every industry vertical and his security testing engagements have taken him to a wide variety of locations and technologies; from the bridge of a nuclear submarine to Wall St. and many places in between.

Robert was previously the Enterprise Security Lead for VSR, a boutique information security consulting firm based in Boston, which was acquired by NCC Group in 2015. Before that he worked for several federal contractors in various roles performing work for the Army, Navy, SOCOM and other agencies. He holds a bachelors degree in Computer Science from Northeastern University and multiple industry certifications including CISSP-ISSEP, GREM and GXPN.


You've heard about them, maybe you've even had a test performed against your organization, but what exactly _is_ a Red Team? What do they do? What value do they provide? Are you ready for them?

Like many topics in information security, there are many opinions and certainly no lack of hype around Red Teaming. We will sort through some basic definitions and common scenarios while discussing a few anonymized Red Team case studies. Technical details of real world 0-day vulnerabilities found during recent testing will be dissected. Even in the presence of such unknown vulnerabilities, could the Red Team have been stopped? We believe in some cases they can, and in many others at least contained. We'll finish by going over the things the Red Team hates to see (and therefore you should definitely be doing).

Community Search
Sign In


ISSA International Series: Security Standards Organizations - The good, the bad, and the ugly?

8/3/2019 » 8/8/2019
Black Hat USA 2019

ISSA Thought Leadership Series: Paving the Way to a Passwordless Future

ISSA International Series: Legislative Aspects

ISSA Thought Leadership Series: Update on the latest cyber threats and trends

Copyright © 2016, Information Systems Security Association, All Rights Reserved
Privacy PolicyCopyright Information
This website uses cookies to store information on your computer. Some of these cookies are used for visitor analysis, others are essential to making our site function properly and improve the user experience. By using this site, you consent to the placement of these cookies. Click Accept to consent and dismiss this message or Deny to leave this website. Read our Privacy Statement for more.