Site Logo

Hello, you are using an old browser that's unsafe and no longer supported. Please consider updating your browser to a newer version, or downloading a modern browser.

To be successful, advanced security professionals do more than just stagger from one alert to another. Join CompTIA’s Chief Technology Evangelist, Dr. James Stanger, as he discusses essential steps that professionals take to avoid the “disaster du jour” syndrome.

Avoiding the “security alert dance” syndrome: Taking appropriate action to secure networks

When: 08/17/2021 01:00 PM EST
Duration: 1 Hour

Register: https://trainingcamp.zoom.us/meeting/register/tZYtdOCtrjgqH9OUb9VLVKLdBar0ejdTyLw8

In his presentation, James will discuss the patterns and best practices that successful, advanced practitioners take. For example, he will discuss how security professionals work to create sophisticated alerting fabrics, and how they address “incident response” in at least two different, process-oriented ways. Together in this 1-hour event, we’ll investigate the unique meanings of typical terms we have all heard, but have likely not understood fully.

This Webinar is based on the upcoming CompTIA CASP+ 004 certification, to be released in October, 2021. If you’re interested in the skills that advanced security professionals employ every day, then join James to learn more. Attending this session will count for CPE’s towards CompTIA certifications. As an added bonus, Training Camp will be offering discount vouchers on CompTIA training courses.

About Dr. James Stanger

As CompTIA’s Chief Technology Evangelist, Dr. James Stanger has worked with Information Technology (IT) subject matter experts, hiring managers, CIOs, CISOs, and educators worldwide. James has a rich, 20-year history in the IT space including roles such as security analyst, penetration tester, Linux systems administrator, network administrator, and certification program designer.

Organizations he has consulted with include SoftBank, DBS Bank (Singapore), Dell, Tesco, the Japan Self Defense Force, Northrop Grumman, Boeing, the United States Department of Defense, Western Governors University, Dell, the United States Department of State, IBM, Symantec, the University of Cambridge, and West Point.

He is also an award-winning author, blogger, and presenter and has written titles for O’Reilly Media, McGraw-Hill, Prentice-Hall, IBM, Wiley, and Elsevier, among many others. He regularly presents worldwide at events, including RSA San Francisco, InfoSec Europe, the ITWeb Security Summit (South Africa), the Tokyo HR Summit, and GITEX. Dr. Stanger is a regular contributor to a variety of journals, including CIO Magazine, U.S. News and World Report, Admin Magazine, and Linux Magazine.

He has helped design education programs in topics as diverse as security analytics, web development, kayaking, and British Romantic literature. He lives and plays near Puget Sound in the United States.

Webinar Outline:

Patterns for the successful IT professional 

The traditional “security alert dance”

  • Red alert syndrome
  • Reactive vs. proactive efforts

The problems with brilliance

  • I’ve known many smart security workers
  • Napoleon quote: “Give me lucky generals.”
  • What does “luck” mean?

 Successful patterns for “luck”

  • Reviews
  • Platform
  • Network
  • Code
  • Take action
  • Creating alert fabrics/networks

Two types of response 

  • Acute incident response
  • Strategic incident response (a different type of “incident)

Creating sensors and data feeds 

  • NetFlow
  • Mirroring
  • SNMP
  • Data feeds
    • Cloud
    • Application
  • Alerting as a Process
  • Response to a compromise.
    • Identify indicators of compromise
    • Forensics and response

To poor procedures: Threat management activities

  • Analyze vulnerabilities (2.5)
    • Use process to reduce risk (2.6)
    • For example, increase encryption (domain 3.0).
    • Endpoint security (3.5)
    • Cloud (3.6)
    • GRC (4.0 domain)
  • Review requirements
  • Frameworks

What a “red alert” looks like these days 

  • FIM
  • SIEM
  • DLP
  • IDS/IPS
  • Antivirus
Back to All Posts