UPDATE: Due to an error by me on timezones, I have adjusted the time of the event. Sorry about this and I hope everyone can still make it.
On July 17th a blog was posted on Splunk site that caught my eye with a title of "Checking for SIGRed (CVE-2020-1350) and CISA ED 20-03 with Splunk". For those who haven’t heard about CVE-2020-1350, it is an unauthenticated, remote code execution (RCE) vulnerability in Microsoft Windows Domain Name System (DNS) servers. Successful exploitation allows attackers to run any code they want with local SYSTEM access. RCEs are bad vulnerabilities, unauthenticated ones are even worse. Pair this with one of the most common authentication platforms (Microsoft Active Directory), and you’re in for a world of hurt.
Splunk
Cybersecurity Advisor
Splunk
Senior System Engineer at Splunk
Experienced cybersecurity professional and advisor with deep technology experience and proven accomplishments protecting, defending, and securing global, critical networks. Leadership skills demonstrated in both supervisory and non-supervisory roles, focused on fostering teamwork and innovative problem solving across organizational boundaries.
Bryan enjoys working with data and problems of all sizes and shapes. The majority of his career he has focused on security but has started to open his purview in the last few years. His fifteen years of security experience has taken him through analyst, engineering, architect, consulting and management positions. He spent over eight years on various DoD operation floors, primarily in the cyber domain. After that he worked for a large global MSSP, consulting with organizations on their security programs and log management journey. He helped those organizations mature their programs, fight fraud, and respond to security incidents. Bryan likes to think outside the box when developing solutions to complex problems.
Cribl.io
Product Advocacy Manager
I was the founder of the Splunk user group for the Lincoln/Omaha area, Splunk402. I have been part of the SplunkTrust since the founding. I was the 2022 Splunkie award winner for Community. I have been involved in coaching of youth sports. I have coached athletes as young as pre-kindergarten through high school students. I have helped athletes through coaching and mentoring in tee ball, baseball, wrestling, weight training, and track and field. Most recently I have been the assistant coach and defensive coordinator for a youth football team as well as a grade school soccer coach. I have been privileged to help grow my own children through sports as one of their coaches or their biggest supporter on the sidelines.
Leader, Nebraska 402 Splunk User Group
Nebraska User Group Leader
