8:30 Doors Open, Continental Breakfast, Registration
9:00 Introduction & Welcome, David Escalante & Michael Bourque, Boston College
9:15 Docker Container Security – What is it good for (and not good for)?
Jeff Schiller, MIT
2014 was the year of Docker. This lightweight container technology was all the rage. In reality, Docker is new packaging for some very old (and in some cases tried and true) technology, combined into a very compelling application. This talk will briefly discuss what Docker is and how it works, leading into a discussion of its security properties and where it fits in our toolbox of security techniques.
10:00 Coffee Break
10:15 Advanced Threats and Threat Identification
Terry Hect, AT&T, Director & Chief Security Strategist
Advanced threats are here for good, and the tools & techniques necessary to find APTs are already available to you. How flow, meta and log data can be used to find malicious activity within your network.
11:00 Mitigating DDoS Attacks
Harry Hoffman, David LaPorte, MIT
Your organization is in the cross-hairs, your organization is off-line - - the DDoS deluge has begun…what do you do next? The speakers discuss real-world experiences and mitigation strategies.
11:45 Vulnerability Management
Patrick Cain, Cooper Cain Group, Moderator
Harry Hoffman, MIT
Jamie John, Boston College
Dan Modini, Tufts
George Moore, Salem State University
System vulnerability identification and management is a requirement in many environments. The panelists will discuss how they use the Nessus security scanner for vulnerability management, its good points, things that are challenging, and their (fluid) plans for the future.
1:30 Information Security Awareness at Harvard
Christian Hamer, Harvard
As cyber criminals continue to steal data and capture headlines, its easy for people to feel helpless. Though the risks will always exist, there are certain common sense measures people can take to protect themselves. Behavior changes are an important part of any public safety campaign- from encouraging hand washing to discouraging texting while driving. Cyber safety will be no different. Join us to discuss the key behaviors, how we will promote them, and how we will measure success.
2:15 Identity and Access Management (IAM)
Panelists to be announced
Panelists speak about their IAM strategies and plans.
3:15 Breach Insurance
Speaker to be announced
We will go over the different types of coverage currently available, some carriers, what is covered, what is not covered, and how the policies work.
4:00 Malware analysis
Speaker to be announced