All posts by Robin Basham

June 11th 2020 Member Meeting

Registration details coming very soon.

Topic: Data-Centric Security in an entirely Remote World

Atakama protects files using advanced threshold cryptography and by inextricably linking files stored in one location to more than one physical device.

This session introduces the founders speaking on the problems they found and solved. Attendees can get a free trial license and experience the Atakama approach to file level security as required on any type of device and under any permutation of requirements for rights management.

Meet Dimitri Nemirovsky and Scott Glazer from Atakama

Dimitri Nemirovsky

Co-founder & COO Atakama  LinkedIn

 

 

 

About Dimitri Nemirovsky

Scott Glazer,  CRO at Atakama, redefining data security one file at a time

LinkedIn

 

 

About Scott Glazer

About Atakama

Atakama is a one-of-a-kind solution designed to keep business data safe from attacks, even when other security fails. Enhanced information security through multi-factor encryption.

Traditional encryption solutions are heavily dependent on identity and access management controls. User-credentialed applications, group privileges, and third-party data entitlements all require login credentials, which when successfully entered allow the “authorized” user to access everything they have been permissioned to see. Organizations that continue to associate these access controls with information security will eventually experience devastating results. Atakama’s multi-factor encryption is far more secure than the standard tools.

If you want to improve your security and better protect your data, we’re here to help you.

To learn more or to do business with Atakama please contact us:
https://calendly.com/atakama-dimitri/15min
https://www.atakama.com/
Specialties: encryption, cloud security, cybersecurity

May 14th 2020 Member Meeting

Topic: IT Assurance Across System Boundaries

(Registration Below)

IT administrators and security experts face a daunting challenge assuring information security and privacy across numerous interconnected systems, many of which they may not exercise authority over.  These integrated entities, such as vendor applications and industrial control systems, are housed both on-premise and in the cloud.  In this presentation, David will outline the challenge of providing security assurance across system boundaries, show some examples of breaches across system boundaries, and explore risk management techniques for dealing with this seemingly intractable problem.

Speaker: David Trepp, M.S., Partner, IT Assurance

A technology entrepreneur since 1989, David has led over 1,300 comprehensive information security penetration test engagements for satisfied customers across all major industries throughout the United States and abroad. He has given dozens of presentations to audiences nationwide, on a variety of information security topics. David, a US Army veteran, is founder and CEO of Info@Risk (now BPM), a leading comprehensive penetration test firm. David has worked in information security with banking, law enforcement, government, healthcare, utilities, and commercial organizations since 1998.  When not at work testing security controls, David exercises his risk management skills as an avid rock climber and long-distance cyclist.

IT Assurance Across System Boundaries 

Thu, May 14, 2020, 7:00 PM – 9:00 PM PDT

Add to Calendar

1. Click the link to join the webinar at the specified time and date:

Join Webinar

2. Choose one of the following audio options:

TO USE YOUR COMPUTER’S AUDIO:
When the webinar begins, you will be connected to audio using your computer’s microphone and speakers (VoIP). A headset is recommended.

–OR–

TO USE YOUR TELEPHONE:
If you prefer to use your phone, you must select “Use Telephone” after joining the webinar and call in using the numbers below.
United States: +1 (914) 614-3221
Access Code: 660-163-974
Audio PIN: Shown after joining the webinar

About BPM: Our Member Meeting Sponsor!

The BPM Information Security Assessment team (formerly Info@Risk), has worked with all types of organizations throughout the United States. A large percentage of the Information Security Assessment team’s clients are repeat customers, with many of our relationships stretching back nearly to our beginning in 1998. We attribute these enduring relationships to three facts:

  • our clients value the depth and comprehensive quality of our work
  • our clients recognize that to truly manage risk, an unbiased assessment and remediation plan are a priority when choosing a vendor
  • our clients seek a partnership with their impartial assessment vendor to guide them in making informed, risk-based decisions for their organization

BPM’s Information Security Assessment team provides thorough and comprehensive information security assessments so they can make informed, confident risk-based decisions best suited for their organization. We are proud of the work we have done and are confident our references will support this pride.

Our assessment-focused services include:

  • Comprehensive Penetration Test
  • Targeted Application Penetration Test: Web/Mobile/Client-Server
  • Targeted Wireless Penetration Test
  • Stand-Alone Penetration Test, e.g. email Test, Social Engineering Test, Physical Security Test, etc.
  • Password Audit
  • Firewall Ruleset Review
  • Configuration Review
  • Vulnerability Assessment
  • Infosec Program Review
  • IT General Controls Audit
  • Infosec Risk Assessment
  • Infosec Training
  • Social Engineering Awareness
  • Leadership/Governance

Canceled-April 9th 2020 Member Meeting

Canceled – Postponed.

Due to impacts on our board and volunteers from the COVID19 outbreak, we are unable to go forward with chapter activity.

Please be on the lookout for a series of online meetings.

We look forward to inviting Rafae Bhatti to another event.

Cybersecurity and CCPA, Looking at Legal Implications affecting Cyberthreat management and response

Meet Rafae Bhatti, Data protection leader and licensed CA attorney

 

 

 

 

 

Location Online – Link to be emailed to attendees.

February 13th 2020 Member Meeting

Location: Oracle 5805 Owens Dr, Pleasanton, CA 94588, Time: 7:00 to 9:00 PM

7:00 PM Chapter Announcements, pizza

Agenda: Announcing the results of the annual election.

7:15 PM Presentation

Title: Cyber-laundering

Meet Faranak Firozan, Security Incident Response| Investigation| Scrum| Post Mortem| SQL| Anti Money Laundry| KYC| Internal Abuse| CAMS | GISF

Abstract: Among different types of financial crimes facilitated by the Internet, money laundering stands out due to the diverse methods criminals use to legitimize ill-gotten profits. The criminal practice of money laundering in cyberspace through online transactions has been
termed as cyber-laundering. One of the important concepts for launderers are to avoid detection from law enforcement, and the Internet has opened a large window of opportunities for them.
In this talk, we review a couple of malware attacks via email case studies, statistics on source of revenue for cybercriminals, and industry defenses against the most damaging
cyberattacks.
Learning Objectives:

  • How criminals are making their money (through which cybercrime type),
  • How much they are making, and what are the consequences to organizations,
  • How do we stop this by discussing
    • Industry defenses against Business Email Compromise
    • Defenses against Data Breaches
    • Defenses against Ransomeware

With roughly 44% of the $1.5 trillion of cybercrime funds coming from preventable activity (good security postures), not only the cybersecurity is necessary to protect the businesses, but also required to prevent money from getting into the hands of criminals.
Let’s learn from current trends and prevent this money from being stolen.

More from Faranak Firozan https://www.linkedin.com/pulse/neglected-element-human-faranak-firozan/

January 9th 2020 Chapter Meeting

Location: Oracle 5805 Owens Dr, Pleasanton, CA 94588, Time: 7:00 to 9:00 PM

7:00 PM Chapter Announcements, Sponsor Pizza dinner, care of Maze and Associates

Agenda: Chapter Secretary to Announce Intention to open Chapter positions for Election. Asking for nominations to existing and new positions.

Topic: Financial Data in the Cloud Donald E. Hester 

Author and Presenter known for his many contributions including BrightTALK channel https://www.brighttalk.com/channel/17235 and YouTube Channel https://www.youtube.com/user/LearnSecurity

Director of Information Systems Audit at Maze Associates, Don coordinates and performs approximately 75-100 assessments/audits per year some in conjunction with financial audits, assessments, and reviews for; information systems security, network vulnerability scanning, policy and procedures, incident response, business continuity, disaster recovery planning, compliance, physical security, and cloud services. Developed audit plans, checklists and guidelines, set strategy and alternative attestation reports. Developed ransomware risk assessment process for local governments. Acted as an internal auditor for clients on security control self-assessments, risk assessments, and PCI compliance.

Please RSVP to president@isc2-eastbay-chapter.org,  President & Conferences Co-Chair (ISC)2 East Bay)

Save to your calendar

Thank you for being our sponsor this evening, Oracle as our location host and Maze Associates for our supper and the presenter.

About Maze Associates: We are a leading Northern California Accounting Firm specializing in Municipal & Nonprofit Audit, Tax for individuals and all types of entities, Information System Audits, Security Reviews, as well as PCI Scans and certified training. We can help you with implementing new GASB regulations, Tax Planning, or meeting FISMA and NIST compliance guidelines for your systems. Call Us Today!

Website
http://www.mazeassociates.com

October 10th Chapter Meeting

Venue is Oracle 5815 Owens Drive Pleasanton, CA 94588

Please arrive at 6:45 – Registration is required – email programs@isc2-eastbay-chapter.org AND conferencedirector@isc2-eastbay-chapter.org to assure we list you for pizza count and we have your name at the door to let you in.

Running a Successful Crowdsourced Security Program: Tips on How to Not Fail: Running A Successful Crowdsourced Security Program_ Tips On How Not To Fail

Scaling application and infrastructure security has been, and continues to be, a problem most organizations tend to face, but often don’t have the resources or bandwidth to tackle effectively. This is a fundamentally human problem. There are plenty of scanners, but we still need people to validate those results and to find the issues that scanners aren’t capable of catching – as well as identifying any exposed attack surface that the automated tools aren’t even covering. Enter the idea of the “crowd.” While crowdsourced security through bug bounties is not a new concept, adoption has only recently begun to pick up. Which is surprising considering there’s tremendous ROI and value to be gained from the crowd-at-large with relatively little effort.

So in what ways can an organization leverage the power of the crowd (which is just a fancy word for a large contingent of humans with highly diverse and creative security skill sets)? And more importantly, how can one do so successfully? That’s what I aim to cover with this presentation. As someone who has been directly involved in the creation, management, and growth of hundreds of crowdsourced security programs, I bring both a ground floor and 30,000 foot view of the current landscape of crowdsourced security. This talk is aimed to help organizations and security teams: a) Realize the value and varying ways they can leverage the crowd (crowdsourcing security has the potential to go well beyond just bug bounties); and b) Provide practical tips for running a successful program, as well as how to grow your program over time. I see a lot of badly managed or under-utilized programs in the wild, and want to help educate the world in terms of what can be accomplished through the power of crowdsourced security (hint: it’s a lot), and how to run a more effective program. 

Bugcrowd, Inc. BugCrowd

Bugcrowd is the #1 crowdsourced security company. More Fortune 500 organizations trust Bugcrowd to manage their Bug Bounty, Vulnerability Disclosure, and Next Gen Pen Test programs. Bugcrowd’s award-winning platform combines actionable, contextual intelligence with the skill and experience of the world’s most elite hackers to help leading organizations identify and fix vulnerabilities, protect customers, and make the digitally connected world a safer place. Based in San Francisco, Bugcrowd is backed by Blackbird Ventures, Costanoa Ventures, Industry Ventures, Paladin Capital Group, Rally Ventures, Salesforce Ventures and Triangle Peak Partners. Learn more at www.bugcrowd.com.

Grant (McCracken)
Currently the Director of Solutions at Bugcrowd, Grant has extensive experience in the crowdsourced security space – having been directly involved with the creation and maintenance of hundreds of crowdsourced security programs over the last few years. An OSCP, with a background in application security, Grant understands the hacker side of security, as well as the necessary logistical components and considerations to take into account when running and managing successful crowdsourced security programs.

September 12th 2019 Chapter Meeting

 Venue:  SABA Software 

Saba Software (Mother Teresa Conference Room) 2nd floor
4120 Dublin Blvd, Dublin CA

Please arrive between 6:45-7:00 PM

7:00 PM – Pizza and chapter business

Presenting our 2019 Annual Scholarship Award to James Logan High School Robotics Club

(Read More at https://isc2-eastbay-chapter.org/mission-vision-goals/scholarship-and-sponsorship/)

Session 1: Title: API Security: When OAuth Is Not Enough
7:15 – 8:15
Description: Attribute Based Access Control (ABAC), OAuth 2.0 and OpenID Connect (OIDC) are complementary standards that can be used individually or in concert to offer comprehensive access control for applications that are built using microservice and API approaches. In this session, we’ll outline a set of examples where security standards work together in addressing requirements that are difficult or impossible to meet by using OAuth or OIDC alone.

Learn how you secure your APIs and Microservices using Externalized Dynamic Authorization.

Key agenda items

  • Covering API security basics
  • Avoiding bad security practices
  • Overcoming OAuth limitations
  • Managing authorization as a microservice

Thanks for sharing the ISC2 EB chapter meeting presentation and the links to more information.

  • https://www.axiomatics.com/resources/topics/apis-microservices/
  • https://www.axiomatics.com/resources/authorization_kong/
  • https://www.axiomatics.com/resources/dynamic-authorization-for-the-apigee-api-gateway/
  • https://github.com/ioannis-iordanidis/kong-axiomatics-plugin

About our Speaker: 

Jonas Iggbom, the VP of Sales Engineering at Axiomatics, has over 20 years of experience in product management and technical sales in endpoint security and access control. His expertise lies in encryption technologies, keys, certificates, and SSH, as well as access control solutions for privileged and end user accounts, databases, and applications.

Prior to Axiomatics, Jonas worked as the Director of Product Management at Fox Technologies and as a Product Manager at Check Point Software Technologies, both in California. He also held the position of Senior Sales Engineer/Product Manager at Pointsec Mobile Technologies in Chicago and Sales Engineer at their office in Stockholm, Sweden.

Jonas earned his bachelor’s degree in computer science from the Royal Institute of Technology in Kista, Sweden. Along with his expertise in encryption technologies and access control solutions, Jonas is also knowledgeable in intrusion detection, anti-virus, data leakage prevention, content control, and client virtualization.

Thanks to our topic sponsor: Axiomatics authorization solutions are utilized around the world to share sensitive data securely, meet compliance and minimize data fraud. From our offices in Chicago and Stockholm we serve a global customer base within finance, healthcare, insurance, manufacturing, media, pharma, software/high tech and the public sector. Our dynamic authorization suite for applications, databases, Big Data, APIs and Microservices enables a policy-based approach to access control to protect the most critical assets – on premise or in the cloud. Our product suite is built on Attribute Based Access Control (ABAC) in accordance with National Institute of Standards and Technology (NIST) guidelines. For the US Federal Government, Axiomatics is a member of the CDM program and actively participates in the GSA schedule. Website http://www.axiomatics.com

Session 2: Leon Jiang sharing his analysis of the Capital One Data Breach
8:15 – 8:45
Read More https://www.roostify.com/blog-home/2019/7/31/capital-one-data-breach-step-by-step-analysis
Lessons Learned from Capital One Breach & More

June 13th 2019 Chapter Meeting

Location: Oracle 5805 Owens Dr, Pleasanton, CA 94588

Time: 7:00 to 9:00 PM

Agenda:

7:00 PM Chapter Announcements, pizza

7:10 PM Meet Garima Gupta represent James Logan, a Union City High School, presenting their interest in earning scholarship, finding internships, engaging in activities that further their path to careers in engineering and technology.

7:25 – 7:30 PM Plan of Action, How ISC2 East Bay organizes for local schools, mechanisms to work in special committee with Chapter Directors for Education and CyberSecurity Awareness and Training.

7:30 – 8:30 PM Speaker

8:30 -900 Q&A Networking

About our High School Guests: The James Logan Robotics team is a club at James Logan High school located in Union City. The club meets weekly and invites all high school students to learn more about the STEM field and dive into engineering concepts and coding.  <Read More @ http://www.jameslogan.org/engineering>

Their mission is to help others find their love for STEM and offers guidance and direction to pursue a career in this field. ISC2 East Bay invites JL Robotics to engage with us in finding mentors who will support them in their pursuit of activities in the field of engineering and technology.
Speaker Topic: The Mitre Att&ck Framework:
The MITRE ATT&CK framework is a very effective tool for “adversary emulation”, cataloging how adversaries behave, what they’re trying to do, and the techniques used to accomplish their means. Moreover, the framework aims to provide a common language and vocabulary for practitioners, vendors, and all parties working to understand common threat actors and techniques.

In November 2018, MITRE evaluated a subset of techniques in an open-test environment, working with vendors to analyze their detection capabilities against these common techniques. With the results of this first evaluation now published, many are trying to make sense of results to understand the efficacy of different solutions in the marketplace today.

Matt Bouis, Senior Sales Engineer at Cybereason, will boil down the complexity of the MITRE ATT&CK framework so your organization can understand:

• How to adapt the framework to your company’s environment and needs in order to get the most utility out of it
• What different detection categories mean and how to interpret results of ATT&CK Framework evaluations
• How Cybereason allows customers to search and understand their environment based on the ATT&CK Framework

Matt Bouis, Sr. Engineer in Cybersecurity data analytics.

About Cybereason:

Cybereason is the leader in endpoint protection, offering endpoint detection and response, next-generation antivirus, managed monitoring and IR services.
Founded by elite intelligence professionals born and bred in offense-first hunting, Cybereason gives enterprises the upper hand over cyber adversaries.
The Cybereason platform is powered by a custom-built in-memory graph, the only truly automated hunting engine anywhere. It detects behavioral patterns across every endpoint and surfaces malicious operations in an exceptionally user-friendly interface.
Cybereason is privately held and headquartered in Boston with offices in London, Tel Aviv, and Tokyo.

Kindly confirm your attendance for the meeting by June 12th, 2019, along with your preference of pizza (Veg/Non-Veg).

We need to provide the attendee list to our host for badges.

To RSVP please send your name, *ISC2 ID  and the subject line “attending June 13th 2019 meeting” to programs@isc2-eastbay-chapter.org, and conferencedirector@isc2-eastbay-chapter.org.

Oracle 5805 Owens Dr, Pleasanton, CA 94588

Look for the (ISC)2 East Bay Meeting Sign pointing to the entrance of 5805. We meet just inside the main lobby.

*If you are not a member of ISC2 or ISC2 East Bay Chapter, please complete the membership application form and send the application with your notice of intent to attend.  Membership is still free, but we do need to know who you are.

May 9th 2019 Chapter Meeting

ATTENTION DATE WAS WRONG – is 2nd Thursday May 9th

Location change – 6101 Bollinger Canyon Rd, San Ramon, CA 94583 Room BR1X – 1150

 

Why CISO’s Fail, in the words of the author, Barak Engel

Information security is now a really big deal, yet we keep screwing it up. Big breaches are in the news every day, and they are only the tip of the iceberg. Security leaders average less than two years in tenure, and job satisfaction – their own, and others’ of their performance – is lower than that of watching paint dry. Fingers go ablamin’, but in security we just end up pointing them elsewhere.

Why? and more importantly, what can we do about it?

Claimed in its origin by many cultures, the ancient saying “The Fish Stinks from the Head” applies to the emerging discipline of information security, just as much as it does to organizational rot and mis-development. Providing a useful guide for an irreverent look at ourselves, the speaker in this open-to-the-audience talk will touch on both the “why” and the “what to do” parts, while doing his best to make you laugh.

Real-life experiences, both amusing and embarrassing, will be shared liberally.

Speaker Bio: Barak Engel is known for having come up with the concept of “virtual CISO” back when security was a four-letter word that no one could spell. He stubbornly insisted, and ultimately developed a consulting practice around it. Almost two decades later his company, EAmmune, develops and manages security programs for organizations, large and small, across all industries. Barak himself has served as CISO for many of them (e.g. MuleSoft), and often for several at once.

In another clear mark of insanity, he decided to write a book about security management while still actively practicing, rather than from the comfort and safety of retirement. The 2017 book, Why CISOs Fail, keeps getting incredible reviews from those who stumble upon it, delighting Barak every time it happens. It also serves as the inspiration for this talk.

Chevron World Headquarters

Location change – 6101 Bollinger Canyon Rd, San Ramon, CA 94583 –Room BR1X – 1150

San Ramon, CA 94583
Time: 7:00 to 9:00PM
RSVP by replying back to the member email by 5/8/2019 or send your ISC2 ID and subject line “Attending 5/14/2019 member meeting to Director Programs.
The phone number to call if lost or need directions:  (925) 842-1000 and ask for the main security reception. Our hosts at Chevron are Ana Colocho or Frank Fabsits or ask for Robin Basham
Parking: Park in Visitor Lot Across the Loop Road (Right Turn at first stop sign, and your first right turn into parking lot – walk across road to building behind flagpoles and fountain. Meeting room is BEFORE Security Desk just inside double glass doors on the right)

 

March 14th Chapter Meeting at Oracle

Location: Oracle 5805 Owens Dr, Pleasanton, CA 94588

Time: 7:00 to 9:00 PM

Topic:  IoT Threat Detection

With the explosive growth in connected smart devices which break user centric security controls, with devices communicating in multiple spectra redefining the enterprise perimeter (WiFi, BT, Ble, 5G), with IT/OT convergence exposing IT managed networks to a multitude of custom devices; visibility, risk assessment and control of these devices are a major problem for every enterprise. These trends are leading to incorrect configurations, wider than required access rights, and vulnerable devices being installed into networks. Using a few examples of attacks that we detected, this talk discusses a learning driven, device centric security approach that establishes deep context about devices, provides risk assessment and automates access control to let enterprises safely handle smart devices at a large scale.

Srinivas Akella

Founder & CTO

Srinivas Akella is an entrepreneur and a technologist with a strong cyber security, cloud and SaaS background.  He is the Founder, Chief Products and Technology Officer at WootCloud.

Kindly confirm your attendance for the meeting by March 12th, 2019, along with your preference of pizza (Veg/Non-Veg) so that we place orders accordingly.

We need to provide the attendee list to our host for badges.

To RSVP please send your name, *ISC2 ID  and the subject line “attending March 14 2019 meeting” to programs@isc2-eastbay-chapter.org. If you intend to participate in earning CPE for conference planning, please copy conferencedirector@isc2-eastbay-chapter.org.

Oracle 5805 Owens Dr, Pleasanton, CA 94588

*If you are not a member of ISC2 or ISC2 East Bay Chapter, please complete the membership application form and send the application with your notice of intent to attend.  Membership is still free, but we do need to know who you are.

Chapter Meeting Jan 10 2019

Industrial Control System Cyber Security Design and Regulation

Presented by Michael Cole, CISSP, CCNP – Control System Cybersecurity Analyst – Turlock Irrigation District

In the previous UTC Journal, Jon Stizel described how Ameren is using the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) to improve the maturity of their cybersecurity program with metrics and reporting.  Turlock Irrigation District (TID) has also used the NIST CSF, Energy Sector Cybersecurity Framework Implementation Guidance (ESCFIG) and the Electric Subsector Cybersecurity Capability Maturity Model (ES-C2M2) for its NERC CIP program foundation…

Michael Cole is a Control System Cybersecurity Analyst for the Turlock Irrigation District, where he provides expertise on NERC CIP Standards and Program design. Turlock Irrigation District is a Central California public utility that provides water for irrigation and power to customers in its service area. Michael has a Bachelor of Science in Computer Science, is a Certified Information Systems Security Professional (CISSP), and a Cisco Certified Network Professional (CCNP). Michael has focused on building a NERC CIP Documentation Architecture that is based on the NIST Cyber Security Framework (CSF) and Electric Subsector Cybersecurity Maturity Model (ES-C2M2). The architecture uses the ES-C2M2 cybersecurity domains as an abstraction for Turlock Irrigation District’s NERC CIP Program.

Venue: Optiv at 3875 Hopyard Rd., Pleasanton, CA 94588

Kindly confirm your attendance for the meeting by January 9th, 2019, along with your preference of pizza (Veg/Non-Veg) so that we place orders accordingly.

We need to provide the attendee list to our host for badges.

To RSVP please send your name, *ISC2 ID  and the subject line “attending January meeting” to conferencedirector@isc2-eastbay-chapter.org.

*If you are not a member of ISC2 or ISC2 East Bay Chapter, please complete the membership application form and send the application with your notice of intent to attend.  Membership is still free, but we do need to know who you are.

REMINDER: Arrive on time or there will not be anyone to open the door.  We begin door duty at 6:30 and end at 7:00 PM – NO EXCEPTIONS

Take the elevators to the second floor, take a left, we are all the way at the end of the hallway.

Chapter Meeting October 11th, 2018

Topic: Guidance to Implementing Network Security for Kubernetes

Topic: Security and Compliance for Kubernetes, Containers, and Microservices.   Modern application development and deployment have evolved significantly over the last several years. While it brings great productivity, efficiency and time to market advantages for software teams, it creates significant friction for traditional security and compliance architectures. This presentation will discuss how modern security and compliance teams can become business enablers and support agile software development.  Please join this session to learn about:

  • Key challenges facing security & compliance teams towards securing kubernetes based environments,
  • A reference guide and some best practices
  • A real-world case study on how a large SaaS provider is implementing security for their kubernetes based environments.

About Amit Gupta: Product Management leader with 18+ years of professional history developing, positioning and marketing software and services for Enterprises and Service Providers across the world. 10+ years of industry experience in enterprise infrastructure and data center solutions. 14+ years of background in application and infrastructure hosting and cloud services. Professional experience in both entrepreneurial and large corporate environments, driving strategy and tactical execution. Well versed with various Public / Private / Hybrid Cloud service consumption models.

About Tigera: Tigera provides Zero Trust network security and continuous compliance for Kubernetes platforms. Tigera Secure Enterprise Edition extends enterprise security and compliance controls to Kubernetes environments with support for on-premises, multi-cloud, and legacy environments. Tigera Secure Cloud Edition is available on the AWS marketplace and enables fine-grained security and compliance controls for Kubernetes on AWS and Amazon EKS. Tigera powers all of the major hosted Kubernetes environments including Amazon EKS, Azure AKS, Google GKE, and IBM Container Service.  Reach out to Amit Gupta  VP Product Management, Tigera amit@tigera.io

Venue: Chevron World Headquarters

6001 Bollinger Canyon Road
Conference Room A1020 – Building A (CHVPKA 1020)
San Ramon, CA 94583
Time: 7:00 to 9:00 PM Please arrive by 6:55.

Dinner

Pizza and Salad.

RSVP

RSVP to conferencedirector@isc2-eastbay-chapter.org with the subject “Attending October 11th at Chevron building A”. Include your name and ISC2 ID. If you don’t have an ISC2 ID and are not yet a member of our chapter, include the membership application with your email and copy membership@isc2-eastbay-chapter.org

We will be meeting in Building A in room 1020., 6001 Bollinger Canyon Rd, San Ramon, CA 94583. Park in the visitor parking lot and proceed to BLDG A.

Don’t get lost

The phone number to call if lost or need directions:  (925) 842-1000 and ask for the main security reception. Our hosts at Chevron are Ana Colocho (Chevron)  or ask for Robin Basham conferencedirector@isc2-eastbay-chapter.org
Parking: Park in Visitor Lot Across the Loop Road (Right Turn at first stop sign, and your first right turn into the parking lot – walk across the road to building behind flagpoles and fountain. The meeting room is BEFORE Security Desk just inside double glass doors on the right)