Putting Security Into your Virtual World

When: November 20, 2008 (12:00 noon)
Where: Terminal City Club (837 West Hastings St.)
Cost: $35 non-members, $25 ISSA members, and $20 students
RSVP: (space is limited)


Speaker: Speaker: Yen-Ming Chen (Director of Consulting, Foundstone)

As virtualization technology grows in popularity, the big question about security is buzzing: "How will this technology affect my existing security posture?" Taking a one-size-fits-all approach is definitely not the answer. Many may think that technology alone is the answer; but it isn't! There are key considerations on this journey and each should be taken seriously: people, process and technology.

Join Yen-Ming Chen as he discusses these factors from the security impact of virtualization – positive and negative – as well as the best practices that need to be adopted to fit into this exciting new paradigm. During this talk, Yen-Ming will review the following:

  • Security in a Virtualized World
  • Virtualization: The Expanded Attack Surface
  • Virtual Machines: The Risks
  • Building Security In: People, Process and Technology
  • Technology: Defining a Security Assessment Framework
  • Looking Ahead: A More Secure Environment


Speaker Bio:

Yen-Ming leads Foundstone consultants to provide strategic security consulting services to the clients. His duties include managing all consulting and training activities, ranging from sales support to project execution.  He brings extensive knowledge in both business and technology. He focuses primarily on generic security assessment. In client engagements, Yen-Ming helps clients align their security strategies with their business goals. He established the first Foundstone Asian Pacific office in Singapore, and has been instrumental in developing and growing new markets like China, Hong Kong, Singapore, Indonesia, and Saudi Arabia.  He has also managed regional distributors and resellers of the Foundstone vulnerability scanner and helped them increase regional sales revenues. In addition, he served as a Lead Instructor for Foundstone’s Ultimate Hacking, Ultimate Hacking Expert, Ultimate Web Hacking and Ultimate Hacking: Incident Response classes.

Prior to joining Foundstone, Yen-Ming worked in the CyberSecurity Center at Carnegie Mellon University. He created the prototype for an intrusion detection system appliance and wrote the first intrusion detection log correlation and analysis program, snort-stat for Snort.

On-site registration and networking begins at noon, and lunch will be served at approximately 12:15. The presentation will run from 1:00pm to 2:00pm, to be followed by an open discussion forum. Members and non-members of the ISSA are welcome but space is limited. Cost for the event is $35.00 for non-members, $25.00 for ISSA members and $20.00 for students payable in advance at our web site using Paypal®, or at the door in cash or by cheque payable to “ISSA Vancouver”. RSVP to to guarantee your seat. Please note that we require 72 hours notice of any cancellations, or you will be invoiced for the event since we are required to finalize the food orders.

Please note that the TCC has a business-casual dress code, and contact us in advance if you have special dietary requirements or would like wheel chair accessible parking so that we can make the necessary arrangements on your behalf.

James Crooks: (604) 806-7027.