Learn how to respond to a ransomware threat proactively, ideally to prevent an attack, or to have the resources to recover if one occurs. Looking beyond the infamous components of an extortion attack – data encryption and demands for ransom – this will cover the most common methods for gaining access, use of lateral movement and privilege escalation, and how an attacker uses fear to increase the chance of getting payment. I will focus on prevention, ideally to stop the attacker from gain access by following best practices in IT security. Logging and monitoring can detect an attack before data is encrypted, although that may not prevent data exfiltration. Effective backup strategy, having backups offline and keeping them long enough that there will be a backup from before the initial compromise, is essential to recovery.
This presentation maintains that SharePoint as a collaborative tool provides an effective online solution for digital curation and sharing of resources to meet the information needs of instructional design communities across campus. Furthermore, it provide tips, tricks and best practices to effectively implement a SharePoint Resource Library with MS Teams using collaborative project management strategies.
After completing this presentation, participants will be able to: Identify the steps for implementing a SharePoint Library. Recognize how a SharePoint Library organizes information. Access a SharePoint Library from MS Teams. Reflect on Project Management best practices for implementing a collaborative project.
It may be useful to have knowledge and experience with MS Teams, SharePoint and MS Office applications.
This session will provide a technical look at UW-Madison’s new institutional data warehouse using the platform Snowflake, branded Badger Analytics, hosted by the ETL developers within the Office of Data Management and Analytics Services who were integral to bringing Badger Analytics to life. They will share the story of the modernization of the environment, the project’s progress to date, the architecture, benefits, and how the modernization has revolutionized the work they do and freed up capacity through speed and automation. This practical session, by technical professionals for technical professionals, will provide details about the technologies and how they have been leveraged to provide value and unlock previously unimagined capabilities. Learn about the potential to leverage this modernization for the benefit of other units and divisions within the UW-Madison community.
This session builds on last year’s presentation by Cathy Lloyd, chief data officer, about cloud data warehousing for UW-Madison’s institutional data and the overall analytics strategy.
The last 15 minutes of the session “IT Policy Bootcamp” on Thursday, June 3rd, 11:00 am – 12:00 pm will be dedicated to Q&A from this flash talk.
Those who watch this session will be provided with updates on current IT Policies in development at UW-Madison and upcoming policies for AY2021-2022. Attendees will also be provided with contact information if they wish to request additional information or are interested in participating on current or upcoming policy initiatives.
Basic knowledge of campus IT Policies beneficial, but not required.
My presentation is for people who have considered presenting at a conference but not taken that leap. I will go over the process of deciding what to submit, submitting a proposal to a conference, deciding on the format, creating the content for the presentation and what it’s like to present.
This presentation discusses the Qualys Container Security scanner GitLab integration. DevOps is quickly changing the way that organizations build and deploy web applications such as Docker containers. With container technology, build workflow needs rapid release cycles and continuous deployment. By integrating automated security testing into the development tool chain workflows, developers can identify security issues associated with containers early in their build process. We will discuss the scripts and source code for tools to provide access to the Qualys container vulnerability scanning system through GitLab CI/CD jobs. This integration into a GitLab project allows developers to trigger a Docker container image scan pipeline on the image of their choosing. Any vulnerabilities found will be posted as a GitLab issue in the project from which it is executed. This integration uses a pre-configured VM for the GitLab runner that obtains access to what it needs via AWS IAM roles. This allows any developer with a project on the same GitLab instance to incorporate the Qualys scanner job by including a GitLab CI/CD template in their own gitlab-ci.yml file without having to set up access to the Qualys API for themselves. At the end of the presentation, participants will be able to learn about the architecture, scripts and source code, sample reports as well as setup instruction documentation and on-going improvements.
The architecture, scripts and source code, sample reports as well as benefit of container scanning, setup instruction documentation, and on-going improvements.
This presentation discusses the user groups led by the Office of Cybersecurity Testing and Cyber Defense team in collaboration with the campus community. In 2019, the first Firewall User Group meeting was held to support campus firewall administrators. Following that successful example, AMP and Qualys user groups started and have been gaining significant momentum of campus participation. One of the strategies we take is the creation of community engagement for mutual support. Campus IT administrators are expected to use numerous technical tools in their role, and many admins have different skill sets and backgrounds. As such, distributed IT can lead to distributed pockets of knowledge, with different groups possessing different skill sets. User groups seek to bridge that knowledge gap to allow admins to coordinate with one another effectively, share information, report problems, and brainstorm new ideas. User Groups can provide engagement of subject experts such as Network engineers, Server administrators and Security engineers to share their expertise to help facilitate campus community engagement. At the end of the presentation, participants will be able to learn about the User Groups, tips for successful User Group meetings, benefit of participating in the User Group meetings as well as latest topics and discussions.
Participants will be able to learn about the User Groups, tips for successful User Group meetings, benefit of participating in the User Group meetings as well as latest topics and discussions.