Loading Events

« All Events

  • This event has passed.

ISSA-LA March Dinner Meeting

March 18, 2015 @ 6:15 pm - 8:30 pm


Topic: Not Your Father’s Remediation
Today’s incident response team can’t just rely on having a whole weekend to remediate. You’ve also got to be able to start frustrating the attacker earlier and earlier in the response. Suppose an advanced attacker had figured out how to reliably evade your boxes, your endpoint software, your DLP. And he’s using your credentials against you. Could you find and frustrate him? Or would you pour a steaming cup of fail in your own lap? In this course, you’ll learn a few ways that hunters lock down authentication credentials during a hot incident, when we’re engaging in a running firefight with the adversary on your own network. We’ll show you the tactics and when to apply them. Attendees will learn how to conduct adversary-based hunting operations using existing technology; improve authentication credential protection during live IR and prepare for adversary evolution. And yeah, we’ll use tactics from current incidents we responded to.

Speakers: Wendi Rafferty and Chris Scott

Wendi Rafferty has over 10 years of experience in the computer security industry, including a career with the US military. As the Vice President of Services for CrowdStrike, Wendi is responsible for all professional services offered by the company. Along with her team, Wendi responds to critical security breaches and provides customers with solutions to complex adversary problems. Prior to her work at CrowdStrike, Wendi was a Managing Director for Mandiant’s Los Angeles office. In this role, she was responsible for leading a team of security consultants that responded to large security breaches throughout the world. Her work focused on the energy sector, critical infrastructure, technology, and defense industrial base verticals. Wendi has amassed tremendous experience working for the US Government and the world’s largest Fortune 500 companies.

Christopher Scott has over 15 years experience working with the Department of Defense and Fortune 500, and Defense Industrial Base companies to develop business and network security processes and procedures.  He has particular expertise in targeted threat detection and prevention.   As a Director at CrowdStrike Services, Christopher specializes in developing and implementing remediation plans for clients.  In addition, he supports a variety of other engagements including conducting security reviews, leading incident response teams, performing insider threat analysis and engineering threat detection systems, business continuity and disaster recovery processes. Christopher has presented several times to peers at closed-session DoD and DIB conferences. He frequently collaborates on techniques and processes to detect some of the most advanced targeted attacks companies face today.


Darktrace is March2014-DarkTracea cyber threat defense company with a fundamental new approach to helping organizations manage the risk of advanced cyber-attacks, including insider threat. Darktrace’s Enterprise Immune System is based on machine learning and mathematics developed at the University of Cambridge, combined with expertise from US and UK intelligence agencies. Darktrace’s technology is uniquely capable of detecting previously-unseen threats in real time, from within the network. The company is headquartered in Cambridge, UK and Washington D.C., with offices in London, Milan, New York, Paris, San Francisco and Singapore.

Register early online before the Monday prior to the the event, and get a discount!
ISSA-LA Members & Members of other ISSA chapters, OWASP, ISC2, CSA & Students: $30
Non-Members: $40


March 18, 2015
6:15 pm - 8:30 pm


Microsoft Technology Center
13031 W Jefferson Blvd Suite 200
Playa Vista, CA 90094 United States
+ Google Map