SlideShare une entreprise Scribd logo

Operationalizing Security Intelligence [ InfoSec World 2014 ]

Rafal Los
Rafal Los

Security intelligence is only worthwhile if a relevant piece of information is obtained and analyzed in a timely manner and able to aide a rapid decision-making process to mitigate an imminent threat – this capability is part of the new school security approach of Detect, Respond, Resolve with greater efficiency and speed which all enterprises should be benefiting from.

TechnologieBusiness
1  sur  107
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. OperationalizingSecurity Intelligence Rafal M. Los Principal, Strategic Security Services HP Enterprise Security Services #InfoSecWorld-2014
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Tosetyourexpectations: Thisisasuper-ultracondensed introductiontoaverycomplex topic.
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. whatis“securityintelligence”?
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. “collective set ofactivities, and artifacts to make intelligence- drivendecisions”
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. detect,respond,resolvemore effectivelyintheattacklifecycle
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. didsomeonesay“killchain”?
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. reconnaissance weaponization delivery exploitationinstallation command & control (c2) actions on objectives TheLockheedMartin“KillChain”
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. youradversariesareorganized
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. youradversariesareadaptable
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. yourdefensesarestatic
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. yourdefensesarepredictable
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. PREVENTIONISAMYTH
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. timeforabetter gameplan
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. oldgoal:don’tgetbreached
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. newgoal:disrupttheattack bonuspointsfordisruptingtheattacker
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. reality: yourdefenseswillbebreached
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. sonowwhat?
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. thistalkisaframeworkforyou
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. ..changeislongoverdue.
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. thepuzzlepieces
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. thetoolbox
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. thedata
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. theoperationalprocesses
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. theactions
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. let’sbreakthatdown…
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. thetoolbox
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. datastore aggregation andanalyticsengine
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. data data intelligence data
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. scalable flexible extensible fast affordable
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. -variousscanningtools -work-streamsystem -collaborationtools
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Thingstolookfor: • normalized input/output data format(s) • inter-operability • extensibility • scriptable automation • scalability • maintainability • feature richness • ease-of-use
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. pickatool-setthatmatchesyour companyprofile
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. thedata
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. internal: knowyourenterpriseattacksurface
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. startwiththefundamentals
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. mapthenetwork identifyexistingtechnologies identifybusinesscriticalassets
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. createrepresentativedatamodels continuouslyupdatethesemodels
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. “currentstate”[snapshot]
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. whatarewevulnerabletorightnow? whatarewedoingaboutit?
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. THISisyourstartingpoint.
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. nowaddcontext
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Attribute Data asset_type <asset_type> asset_criticality <criticality_level> OS <os_name> OS-patch-level <major_minor> purpose <text> owner <owner_name> owner-BU <business_unit> owner-contact-email <email> owner-contact-phone <phone> installed-software . change-info . vulnerability-info . … … software version software_name <version> software_name <version> software_name <version> … … change_info data last-change <date> last-change-made <text> last-change-tech <name> … … vuln_info data vulnerability <severity> … … 10.1.2.100
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. thereisnosuchthing*as “toomuchinformation” * almost…
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. “livedata”[continuousfeeds]
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. detectchanges toenvironment inassets
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. determinenewthreats
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. whatchanged? whatisthepotentialimpact?
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. continuousdetectionofchange • new (previously unseen) node on network • unauthorized configuration change • unauthorized change to application, or system • new/modified user, or access rights • new vulnerability or missing patch
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. requirement: TVMprogram (threat&vulnerabilitymanagement)
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. requirement: configurationmanagementDB (manage,authorizeconfigchanges)
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. requirement: collectivelogging (logkeyitems,onkeyassets)
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. logaggregateanalyzeidentify refine
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Keyloggingquestionstoanswer: • what should you be logging? • what assets should you log from? • what should you look for? • how do you define ‘timely’? • how much should I be storing for analysis?
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. external: besituationallyaware
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. forexample– • sentiment against your brand/organization • threat climate of your business vertical • attacks against similar organizations, vertical • specific threats against your staff/resources • geopolitical issues pertaining to your enterprise • 3rd party reported vulnerabilities • 3rd party reported exploits • weaknesses in your external technologies • reported abused enterprise assets
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. refining‘data’purposefully IP address context external info analysis
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. definingandoperationalizing processes
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. gatheringinformation
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. failyourinformationquickly
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. it’sinteresting… butisituseful?
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. notallinformationisuseful
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. toolstoparedowninformation • simple scripts • data analysis applications • relational mapping tools • ‘big data’ platforms • structured & unstructured data analyses
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. findinginformationiseasy
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. throwingawayjunkishard
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. refiningcollectedinformation
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. convertinformationtoknowledge
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. extremelydifficult
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. manualprocess,foranalysts
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. aidedbyautomation
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 1 2 3 4 5 6
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. deliveringintelligence
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. informationnecessary tomakeadecision
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. must.be.repeatable.
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. must.be.actionable.
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. AnalysisisNOTenough.
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. needtoanswer:“Sowhat?”
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. providethoroughanalysis backedbyactualfacts,data
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. inatimelyfashion
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. inauseful,consumableformat
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. takingaction
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. rulesofengagement (whatareyouallowedtodo?)
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. take‘purposeful’action
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. whichprocessisactivated? incidentresponse securityoperations
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. takingaction
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. detect
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. beproactive out-maneuverthethreat
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. bereactive counteractivethreat
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. respond
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. mitigatethevulnerability
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. minimizetheimpactofattack
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. shutdownanactiveattack
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. activelyshiftdefenses
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. identifytheattacker
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. resolve
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. restoreservices
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Closed Loop Incident Process
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. adjustsecurityoperations
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. shareIOCs
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. quickrecap
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. “SecurityIntelligence”is.. the capability to detect, respond, and resolveyour security incidents though an information-driven approach.
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Youcandothis. Youneedtodothis.
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Knowmore. Defendsmarter.

Recommandé

Operationalizing security intelligence for the mid market - Rafal Los - RSA C...
Operationalizing security intelligence for the mid market - Rafal Los - RSA C...Operationalizing security intelligence for the mid market - Rafal Los - RSA C...
Operationalizing security intelligence for the mid market - Rafal Los - RSA C...Rafal Los
 
5 Things CFOs Need to Know About Enterprise Security - HP CFO Summit 2013
5 Things CFOs Need to Know About Enterprise Security - HP CFO Summit 20135 Things CFOs Need to Know About Enterprise Security - HP CFO Summit 2013
5 Things CFOs Need to Know About Enterprise Security - HP CFO Summit 2013Rafal Los
 
Rebooting the Enterprise Security Program for Defensibility - ISSA Internatio...
Rebooting the Enterprise Security Program for Defensibility - ISSA Internatio...Rebooting the Enterprise Security Program for Defensibility - ISSA Internatio...
Rebooting the Enterprise Security Program for Defensibility - ISSA Internatio...Rafal Los
 
Losing battles, winning wars
Losing battles, winning warsLosing battles, winning wars
Losing battles, winning warsRafal Los
 
HP Software Performance Tour 2014 - Guarding against the Data Breach
HP Software Performance Tour 2014 - Guarding against the Data BreachHP Software Performance Tour 2014 - Guarding against the Data Breach
HP Software Performance Tour 2014 - Guarding against the Data BreachHP Enterprise Italia
 
Data Science Perspective and DS demo
Data Science Perspective and DS demo Data Science Perspective and DS demo
Data Science Perspective and DS demo PivotalOpenSourceHub
 
Criminal Education: Lessons from the Criminals and Their Methods
Criminal Education: Lessons from the Criminals and Their MethodsCriminal Education: Lessons from the Criminals and Their Methods
Criminal Education: Lessons from the Criminals and Their MethodsHP Enterprise Italia
 
Security intelligence using big data presentation (engineering seminar)
Security intelligence using big data presentation (engineering seminar)Security intelligence using big data presentation (engineering seminar)
Security intelligence using big data presentation (engineering seminar)Marco Casassa Mont
 

Recommandé

Operationalizing security intelligence for the mid market - Rafal Los - RSA C...
Operationalizing security intelligence for the mid market - Rafal Los - RSA C...Operationalizing security intelligence for the mid market - Rafal Los - RSA C...
Operationalizing security intelligence for the mid market - Rafal Los - RSA C...Rafal Los
 
5 Things CFOs Need to Know About Enterprise Security - HP CFO Summit 2013
5 Things CFOs Need to Know About Enterprise Security - HP CFO Summit 20135 Things CFOs Need to Know About Enterprise Security - HP CFO Summit 2013
5 Things CFOs Need to Know About Enterprise Security - HP CFO Summit 2013Rafal Los
 
Rebooting the Enterprise Security Program for Defensibility - ISSA Internatio...
Rebooting the Enterprise Security Program for Defensibility - ISSA Internatio...Rebooting the Enterprise Security Program for Defensibility - ISSA Internatio...
Rebooting the Enterprise Security Program for Defensibility - ISSA Internatio...Rafal Los
 
Losing battles, winning wars
Losing battles, winning warsLosing battles, winning wars
Losing battles, winning warsRafal Los
 
HP Software Performance Tour 2014 - Guarding against the Data Breach
HP Software Performance Tour 2014 - Guarding against the Data BreachHP Software Performance Tour 2014 - Guarding against the Data Breach
HP Software Performance Tour 2014 - Guarding against the Data BreachHP Enterprise Italia
 
Data Science Perspective and DS demo
Data Science Perspective and DS demo Data Science Perspective and DS demo
Data Science Perspective and DS demo PivotalOpenSourceHub
 
Criminal Education: Lessons from the Criminals and Their Methods
Criminal Education: Lessons from the Criminals and Their MethodsCriminal Education: Lessons from the Criminals and Their Methods
Criminal Education: Lessons from the Criminals and Their MethodsHP Enterprise Italia
 
Security intelligence using big data presentation (engineering seminar)
Security intelligence using big data presentation (engineering seminar)Security intelligence using big data presentation (engineering seminar)
Security intelligence using big data presentation (engineering seminar)Marco Casassa Mont
 
Iran Presentation
Iran PresentationIran Presentation
Iran Presentationnycdivestment
 
Teresa Brito Reference Letter.docx
Teresa Brito Reference Letter.docxTeresa Brito Reference Letter.docx
Teresa Brito Reference Letter.docxRicardo Calado
 
Situacion de aprendizaje inducción
Situacion de aprendizaje inducciónSituacion de aprendizaje inducción
Situacion de aprendizaje inducciónGerardo Saavedra Guevara
 
the-prussian-industrial-history-of-public-schooling1 (1)
the-prussian-industrial-history-of-public-schooling1 (1)the-prussian-industrial-history-of-public-schooling1 (1)
the-prussian-industrial-history-of-public-schooling1 (1)Yehudi Meshchaninov
 
Brussels workshop Ricardo Calado Maths
Brussels workshop Ricardo Calado MathsBrussels workshop Ricardo Calado Maths
Brussels workshop Ricardo Calado MathsRicardo Calado
 
Lloyd's List Iran Webinar
Lloyd's List Iran WebinarLloyd's List Iran Webinar
Lloyd's List Iran WebinarLloyd's List
 
C:\users\familia\desktop\los aviones
C:\users\familia\desktop\los avionesC:\users\familia\desktop\los aviones
C:\users\familia\desktop\los avionesguesta76693
 
Toptal roadtrip
Toptal roadtripToptal roadtrip
Toptal roadtripToptal
 
Congkak
CongkakCongkak
CongkakMohammud Hanif Dewan M.Phil.
 
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...amiable_indian
 
Certificate DP Maths SL
Certificate DP Maths SLCertificate DP Maths SL
Certificate DP Maths SLRicardo Calado
 
Workshop on Wireless Security
Workshop on Wireless SecurityWorkshop on Wireless Security
Workshop on Wireless Securityamiable_indian
 
Toolkit for day of the seafarer 2016
Toolkit for day of the seafarer 2016Toolkit for day of the seafarer 2016
Toolkit for day of the seafarer 2016Day of the Seafarer | International Maritime Organization
 
Why OpenStack matters and how you can get involved
Why OpenStack matters and how you can get involvedWhy OpenStack matters and how you can get involved
Why OpenStack matters and how you can get involvedMatthew Farina
 
How to get one of those Open Source jobs
How to get one of those Open Source jobsHow to get one of those Open Source jobs
How to get one of those Open Source jobsMark Atwood
 
A Guide to Cross-Browser Functional Testingv
A Guide to Cross-Browser Functional TestingvA Guide to Cross-Browser Functional Testingv
A Guide to Cross-Browser Functional TestingvTechWell
 
HP Officejet X Enterprise - Five reasons IT is rethinking ink in the office.
HP Officejet X Enterprise - Five reasons IT is rethinking ink in the office.HP Officejet X Enterprise - Five reasons IT is rethinking ink in the office.
HP Officejet X Enterprise - Five reasons IT is rethinking ink in the office.AdFan
 
Hp nfv movilforum as innovation engine for cs ps
Hp nfv movilforum as innovation engine for cs psHp nfv movilforum as innovation engine for cs ps
Hp nfv movilforum as innovation engine for cs psvideos
 
Stop looking for the silver bullet start thinking like a bad guy - IDC IT Sec...
Stop looking for the silver bullet start thinking like a bad guy - IDC IT Sec...Stop looking for the silver bullet start thinking like a bad guy - IDC IT Sec...
Stop looking for the silver bullet start thinking like a bad guy - IDC IT Sec...Jimmy Blake
 
Hybrid Cloud Workloads, Monty Taylor
Hybrid Cloud Workloads, Monty TaylorHybrid Cloud Workloads, Monty Taylor
Hybrid Cloud Workloads, Monty TaylorCloud Native Day Tel Aviv
 
Infrastructure-as-Code with Puppet Enterprise in the Cloud - PuppetConf 2014
Infrastructure-as-Code with Puppet Enterprise in the Cloud - PuppetConf 2014Infrastructure-as-Code with Puppet Enterprise in the Cloud - PuppetConf 2014
Infrastructure-as-Code with Puppet Enterprise in the Cloud - PuppetConf 2014Puppet
 
iKariera 2015
iKariera 2015iKariera 2015
iKariera 2015Tomáš Muchka
 

Contenu connexe

En vedette

Teresa Brito Reference Letter.docx
Teresa Brito Reference Letter.docxTeresa Brito Reference Letter.docx
Teresa Brito Reference Letter.docxRicardo Calado
 
the-prussian-industrial-history-of-public-schooling1 (1)
the-prussian-industrial-history-of-public-schooling1 (1)the-prussian-industrial-history-of-public-schooling1 (1)
the-prussian-industrial-history-of-public-schooling1 (1)Yehudi Meshchaninov
 
Brussels workshop Ricardo Calado Maths
Brussels workshop Ricardo Calado MathsBrussels workshop Ricardo Calado Maths
Brussels workshop Ricardo Calado MathsRicardo Calado
 
Lloyd's List Iran Webinar
Lloyd's List Iran WebinarLloyd's List Iran Webinar
Lloyd's List Iran WebinarLloyd's List
 
C:\users\familia\desktop\los aviones
C:\users\familia\desktop\los avionesC:\users\familia\desktop\los aviones
C:\users\familia\desktop\los avionesguesta76693
 
Toptal roadtrip
Toptal roadtripToptal roadtrip
Toptal roadtripToptal
 
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...amiable_indian
 
Certificate DP Maths SL
Certificate DP Maths SLCertificate DP Maths SL
Certificate DP Maths SLRicardo Calado
 
Workshop on Wireless Security
Workshop on Wireless SecurityWorkshop on Wireless Security
Workshop on Wireless Securityamiable_indian
 

En vedette (13)

Iran Presentation
Iran PresentationIran Presentation
Iran Presentation
 
Teresa Brito Reference Letter.docx
Teresa Brito Reference Letter.docxTeresa Brito Reference Letter.docx
Teresa Brito Reference Letter.docx
 
Situacion de aprendizaje inducción
Situacion de aprendizaje inducciónSituacion de aprendizaje inducción
Situacion de aprendizaje inducción
 
the-prussian-industrial-history-of-public-schooling1 (1)
the-prussian-industrial-history-of-public-schooling1 (1)the-prussian-industrial-history-of-public-schooling1 (1)
the-prussian-industrial-history-of-public-schooling1 (1)
 
Brussels workshop Ricardo Calado Maths
Brussels workshop Ricardo Calado MathsBrussels workshop Ricardo Calado Maths
Brussels workshop Ricardo Calado Maths
 
Lloyd's List Iran Webinar
Lloyd's List Iran WebinarLloyd's List Iran Webinar
Lloyd's List Iran Webinar
 
C:\users\familia\desktop\los aviones
C:\users\familia\desktop\los avionesC:\users\familia\desktop\los aviones
C:\users\familia\desktop\los aviones
 
Toptal roadtrip
Toptal roadtripToptal roadtrip
Toptal roadtrip
 
Congkak
CongkakCongkak
Congkak
 
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
 
Certificate DP Maths SL
Certificate DP Maths SLCertificate DP Maths SL
Certificate DP Maths SL
 
Workshop on Wireless Security
Workshop on Wireless SecurityWorkshop on Wireless Security
Workshop on Wireless Security
 
Toolkit for day of the seafarer 2016
Toolkit for day of the seafarer 2016Toolkit for day of the seafarer 2016
Toolkit for day of the seafarer 2016
 

Similaire à Operationalizing Security Intelligence [ InfoSec World 2014 ]

Why OpenStack matters and how you can get involved
Why OpenStack matters and how you can get involvedWhy OpenStack matters and how you can get involved
Why OpenStack matters and how you can get involvedMatthew Farina
 
How to get one of those Open Source jobs
How to get one of those Open Source jobsHow to get one of those Open Source jobs
How to get one of those Open Source jobsMark Atwood
 
A Guide to Cross-Browser Functional Testingv
A Guide to Cross-Browser Functional TestingvA Guide to Cross-Browser Functional Testingv
A Guide to Cross-Browser Functional TestingvTechWell
 
HP Officejet X Enterprise - Five reasons IT is rethinking ink in the office.
HP Officejet X Enterprise - Five reasons IT is rethinking ink in the office.HP Officejet X Enterprise - Five reasons IT is rethinking ink in the office.
HP Officejet X Enterprise - Five reasons IT is rethinking ink in the office.AdFan
 
Hp nfv movilforum as innovation engine for cs ps
Hp nfv movilforum as innovation engine for cs psHp nfv movilforum as innovation engine for cs ps
Hp nfv movilforum as innovation engine for cs psvideos
 
Stop looking for the silver bullet start thinking like a bad guy - IDC IT Sec...
Stop looking for the silver bullet start thinking like a bad guy - IDC IT Sec...Stop looking for the silver bullet start thinking like a bad guy - IDC IT Sec...
Stop looking for the silver bullet start thinking like a bad guy - IDC IT Sec...Jimmy Blake
 
Infrastructure-as-Code with Puppet Enterprise in the Cloud - PuppetConf 2014
Infrastructure-as-Code with Puppet Enterprise in the Cloud - PuppetConf 2014Infrastructure-as-Code with Puppet Enterprise in the Cloud - PuppetConf 2014
Infrastructure-as-Code with Puppet Enterprise in the Cloud - PuppetConf 2014Puppet
 
eDevOps in HPSW from buzzword to reality
eDevOps in HPSW from buzzword to realityeDevOps in HPSW from buzzword to reality
eDevOps in HPSW from buzzword to realityAgileSparks
 
Rediscover Software Development Edward Hieatt Web Summit 2014
Rediscover Software Development Edward Hieatt Web Summit 2014Rediscover Software Development Edward Hieatt Web Summit 2014
Rediscover Software Development Edward Hieatt Web Summit 2014VMware Tanzu
 
Casablanca a Cloud Security od HP – Miroslav Knapovský
Casablanca a Cloud Security od HP – Miroslav KnapovskýCasablanca a Cloud Security od HP – Miroslav Knapovský
Casablanca a Cloud Security od HP – Miroslav KnapovskýCasablanca
 
Chris Peltz - Transforming Zombies Into Advocates
Chris Peltz - Transforming Zombies Into AdvocatesChris Peltz - Transforming Zombies Into Advocates
Chris Peltz - Transforming Zombies Into AdvocatesInfluitive
 
What Does Your Platform Do For You? by Karun Bakshi
What Does Your Platform Do For You? by Karun BakshiWhat Does Your Platform Do For You? by Karun Bakshi
What Does Your Platform Do For You? by Karun BakshiVMware Tanzu
 
Continuous Delivery Summit, Washington D.C., 2015
Continuous Delivery Summit, Washington D.C., 2015Continuous Delivery Summit, Washington D.C., 2015
Continuous Delivery Summit, Washington D.C., 2015karunbakshi
 
What Does Your Platform Do For You? by Karun Bakshi
What Does Your Platform Do For You? by Karun BakshiWhat Does Your Platform Do For You? by Karun Bakshi
What Does Your Platform Do For You? by Karun BakshiVMware Tanzu
 

Similaire à Operationalizing Security Intelligence [ InfoSec World 2014 ] (20)

Why OpenStack matters and how you can get involved
Why OpenStack matters and how you can get involvedWhy OpenStack matters and how you can get involved
Why OpenStack matters and how you can get involved
 
How to get one of those Open Source jobs
How to get one of those Open Source jobsHow to get one of those Open Source jobs
How to get one of those Open Source jobs
 
A Guide to Cross-Browser Functional Testingv
A Guide to Cross-Browser Functional TestingvA Guide to Cross-Browser Functional Testingv
A Guide to Cross-Browser Functional Testingv
 
HP Officejet X Enterprise - Five reasons IT is rethinking ink in the office.
HP Officejet X Enterprise - Five reasons IT is rethinking ink in the office.HP Officejet X Enterprise - Five reasons IT is rethinking ink in the office.
HP Officejet X Enterprise - Five reasons IT is rethinking ink in the office.
 
Hp nfv movilforum as innovation engine for cs ps
Hp nfv movilforum as innovation engine for cs psHp nfv movilforum as innovation engine for cs ps
Hp nfv movilforum as innovation engine for cs ps
 
Stop looking for the silver bullet start thinking like a bad guy - IDC IT Sec...
Stop looking for the silver bullet start thinking like a bad guy - IDC IT Sec...Stop looking for the silver bullet start thinking like a bad guy - IDC IT Sec...
Stop looking for the silver bullet start thinking like a bad guy - IDC IT Sec...
 
Hybrid Cloud Workloads, Monty Taylor
Hybrid Cloud Workloads, Monty TaylorHybrid Cloud Workloads, Monty Taylor
Hybrid Cloud Workloads, Monty Taylor
 
Infrastructure-as-Code with Puppet Enterprise in the Cloud - PuppetConf 2014
Infrastructure-as-Code with Puppet Enterprise in the Cloud - PuppetConf 2014Infrastructure-as-Code with Puppet Enterprise in the Cloud - PuppetConf 2014
Infrastructure-as-Code with Puppet Enterprise in the Cloud - PuppetConf 2014
 
iKariera 2015
iKariera 2015iKariera 2015
iKariera 2015
 
eDevOps in HPSW from buzzword to reality
eDevOps in HPSW from buzzword to realityeDevOps in HPSW from buzzword to reality
eDevOps in HPSW from buzzword to reality
 
Rediscover Software Development Edward Hieatt Web Summit 2014
Rediscover Software Development Edward Hieatt Web Summit 2014Rediscover Software Development Edward Hieatt Web Summit 2014
Rediscover Software Development Edward Hieatt Web Summit 2014
 
TIAD : Automation day by Jerôme Labat
TIAD : Automation day by Jerôme LabatTIAD : Automation day by Jerôme Labat
TIAD : Automation day by Jerôme Labat
 
Ironic summary @ LCA 2014
Ironic summary @ LCA 2014Ironic summary @ LCA 2014
Ironic summary @ LCA 2014
 
Casablanca a Cloud Security od HP – Miroslav Knapovský
Casablanca a Cloud Security od HP – Miroslav KnapovskýCasablanca a Cloud Security od HP – Miroslav Knapovský
Casablanca a Cloud Security od HP – Miroslav Knapovský
 
Chris Peltz - Transforming Zombies Into Advocates
Chris Peltz - Transforming Zombies Into AdvocatesChris Peltz - Transforming Zombies Into Advocates
Chris Peltz - Transforming Zombies Into Advocates
 
Member Meeting | 31015 | HP
Member Meeting | 31015 | HPMember Meeting | 31015 | HP
Member Meeting | 31015 | HP
 
What Does Your Platform Do For You? by Karun Bakshi
What Does Your Platform Do For You? by Karun BakshiWhat Does Your Platform Do For You? by Karun Bakshi
What Does Your Platform Do For You? by Karun Bakshi
 
Continuous Delivery Summit, Washington D.C., 2015
Continuous Delivery Summit, Washington D.C., 2015Continuous Delivery Summit, Washington D.C., 2015
Continuous Delivery Summit, Washington D.C., 2015
 
TT3161_Afonin
TT3161_AfoninTT3161_Afonin
TT3161_Afonin
 
What Does Your Platform Do For You? by Karun Bakshi
What Does Your Platform Do For You? by Karun BakshiWhat Does Your Platform Do For You? by Karun Bakshi
What Does Your Platform Do For You? by Karun Bakshi
 

Plus de Rafal Los

The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
The 5 Ps of Preparedness - Hope is Not a Strategy [1].pdf
The 5 Ps of Preparedness - Hope is Not a Strategy [1].pdfThe 5 Ps of Preparedness - Hope is Not a Strategy [1].pdf
The 5 Ps of Preparedness - Hope is Not a Strategy [1].pdfRafal Los
 
Irrational But Effective - Applying Parenthood Lessons to Cyber Security
Irrational But Effective - Applying Parenthood Lessons to Cyber SecurityIrrational But Effective - Applying Parenthood Lessons to Cyber Security
Irrational But Effective - Applying Parenthood Lessons to Cyber SecurityRafal Los
 
SAINTCON 21 - Of Sandcastles and Luck (Fixing Vulnerability Management)
SAINTCON 21 - Of Sandcastles and Luck (Fixing Vulnerability Management)SAINTCON 21 - Of Sandcastles and Luck (Fixing Vulnerability Management)
SAINTCON 21 - Of Sandcastles and Luck (Fixing Vulnerability Management)Rafal Los
 
Strategies and Tactics for Effectively Managing Vulnerabilities in Diverse En...
Strategies and Tactics for Effectively Managing Vulnerabilities in Diverse En...Strategies and Tactics for Effectively Managing Vulnerabilities in Diverse En...
Strategies and Tactics for Effectively Managing Vulnerabilities in Diverse En...Rafal Los
 
Lies, Fables and Security Metrics
Lies, Fables and Security MetricsLies, Fables and Security Metrics
Lies, Fables and Security MetricsRafal Los
 
Cloud Security Alliance- Challanges of an elastic environment v8a [public]
Cloud Security Alliance- Challanges of an elastic environment v8a [public]Cloud Security Alliance- Challanges of an elastic environment v8a [public]
Cloud Security Alliance- Challanges of an elastic environment v8a [public]Rafal Los
 
Threat modeling the security of the enterprise
Threat modeling the security of the enterpriseThreat modeling the security of the enterprise
Threat modeling the security of the enterpriseRafal Los
 
Making Measurable Gains - Contextualizing 'Secure' in Business
Making Measurable Gains - Contextualizing 'Secure' in BusinessMaking Measurable Gains - Contextualizing 'Secure' in Business
Making Measurable Gains - Contextualizing 'Secure' in BusinessRafal Los
 
Security BSides Atlanta - "The Business Doesn't Care..."
Security BSides Atlanta - "The Business Doesn't Care..."Security BSides Atlanta - "The Business Doesn't Care..."
Security BSides Atlanta - "The Business Doesn't Care..."Rafal Los
 
Software Security Assurance - Program Building (You're going to need a bigger...
Software Security Assurance - Program Building (You're going to need a bigger...Software Security Assurance - Program Building (You're going to need a bigger...
Software Security Assurance - Program Building (You're going to need a bigger...Rafal Los
 
The Future of Software Security Assurance
The Future of Software Security AssuranceThe Future of Software Security Assurance
The Future of Software Security AssuranceRafal Los
 
Defying Logic - Business Logic Testing with Automation
Defying Logic - Business Logic Testing with AutomationDefying Logic - Business Logic Testing with Automation
Defying Logic - Business Logic Testing with AutomationRafal Los
 
Ultimate Hack! Layers 8 & 9 of the OSI Model
Ultimate Hack! Layers 8 & 9 of the OSI ModelUltimate Hack! Layers 8 & 9 of the OSI Model
Ultimate Hack! Layers 8 & 9 of the OSI ModelRafal Los
 
Into the Rabbithole - Evolved Web App Security Testing (OWASP AppSec DC)
Into the Rabbithole - Evolved Web App Security Testing (OWASP AppSec DC)Into the Rabbithole - Evolved Web App Security Testing (OWASP AppSec DC)
Into the Rabbithole - Evolved Web App Security Testing (OWASP AppSec DC)Rafal Los
 
Oh No They Didn't! 7 Web App Security Stories (v1.0)
Oh No They Didn't! 7 Web App Security Stories (v1.0)Oh No They Didn't! 7 Web App Security Stories (v1.0)
Oh No They Didn't! 7 Web App Security Stories (v1.0)Rafal Los
 
The QA Analyst's Hacker's Landmark Tour v3.0
The QA Analyst's Hacker's Landmark Tour v3.0The QA Analyst's Hacker's Landmark Tour v3.0
The QA Analyst's Hacker's Landmark Tour v3.0Rafal Los
 
Magic Numbers - 5 KPIs for Measuring SSA Program Success v1.3.2
Magic Numbers - 5 KPIs for Measuring SSA Program Success v1.3.2Magic Numbers - 5 KPIs for Measuring SSA Program Success v1.3.2
Magic Numbers - 5 KPIs for Measuring SSA Program Success v1.3.2Rafal Los
 
Sans Feb 2010 - When Web 2 0 Attacks v3.3
Sans Feb 2010 - When Web 2 0 Attacks v3.3Sans Feb 2010 - When Web 2 0 Attacks v3.3
Sans Feb 2010 - When Web 2 0 Attacks v3.3Rafal Los
 
StarWest 2009 - Detective Work For Testers: Finding Workflow Based Defects
StarWest 2009 - Detective Work For Testers: Finding Workflow Based DefectsStarWest 2009 - Detective Work For Testers: Finding Workflow Based Defects
StarWest 2009 - Detective Work For Testers: Finding Workflow Based DefectsRafal Los
 

Plus de Rafal Los (20)

The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
The 5 Ps of Preparedness - Hope is Not a Strategy [1].pdf
The 5 Ps of Preparedness - Hope is Not a Strategy [1].pdfThe 5 Ps of Preparedness - Hope is Not a Strategy [1].pdf
The 5 Ps of Preparedness - Hope is Not a Strategy [1].pdf
 
Irrational But Effective - Applying Parenthood Lessons to Cyber Security
Irrational But Effective - Applying Parenthood Lessons to Cyber SecurityIrrational But Effective - Applying Parenthood Lessons to Cyber Security
Irrational But Effective - Applying Parenthood Lessons to Cyber Security
 
SAINTCON 21 - Of Sandcastles and Luck (Fixing Vulnerability Management)
SAINTCON 21 - Of Sandcastles and Luck (Fixing Vulnerability Management)SAINTCON 21 - Of Sandcastles and Luck (Fixing Vulnerability Management)
SAINTCON 21 - Of Sandcastles and Luck (Fixing Vulnerability Management)
 
Strategies and Tactics for Effectively Managing Vulnerabilities in Diverse En...
Strategies and Tactics for Effectively Managing Vulnerabilities in Diverse En...Strategies and Tactics for Effectively Managing Vulnerabilities in Diverse En...
Strategies and Tactics for Effectively Managing Vulnerabilities in Diverse En...
 
Lies, Fables and Security Metrics
Lies, Fables and Security MetricsLies, Fables and Security Metrics
Lies, Fables and Security Metrics
 
Cloud Security Alliance- Challanges of an elastic environment v8a [public]
Cloud Security Alliance- Challanges of an elastic environment v8a [public]Cloud Security Alliance- Challanges of an elastic environment v8a [public]
Cloud Security Alliance- Challanges of an elastic environment v8a [public]
 
Threat modeling the security of the enterprise
Threat modeling the security of the enterpriseThreat modeling the security of the enterprise
Threat modeling the security of the enterprise
 
Making Measurable Gains - Contextualizing 'Secure' in Business
Making Measurable Gains - Contextualizing 'Secure' in BusinessMaking Measurable Gains - Contextualizing 'Secure' in Business
Making Measurable Gains - Contextualizing 'Secure' in Business
 
Security BSides Atlanta - "The Business Doesn't Care..."
Security BSides Atlanta - "The Business Doesn't Care..."Security BSides Atlanta - "The Business Doesn't Care..."
Security BSides Atlanta - "The Business Doesn't Care..."
 
Software Security Assurance - Program Building (You're going to need a bigger...
Software Security Assurance - Program Building (You're going to need a bigger...Software Security Assurance - Program Building (You're going to need a bigger...
Software Security Assurance - Program Building (You're going to need a bigger...
 
The Future of Software Security Assurance
The Future of Software Security AssuranceThe Future of Software Security Assurance
The Future of Software Security Assurance
 
Defying Logic - Business Logic Testing with Automation
Defying Logic - Business Logic Testing with AutomationDefying Logic - Business Logic Testing with Automation
Defying Logic - Business Logic Testing with Automation
 
Ultimate Hack! Layers 8 & 9 of the OSI Model
Ultimate Hack! Layers 8 & 9 of the OSI ModelUltimate Hack! Layers 8 & 9 of the OSI Model
Ultimate Hack! Layers 8 & 9 of the OSI Model
 
Into the Rabbithole - Evolved Web App Security Testing (OWASP AppSec DC)
Into the Rabbithole - Evolved Web App Security Testing (OWASP AppSec DC)Into the Rabbithole - Evolved Web App Security Testing (OWASP AppSec DC)
Into the Rabbithole - Evolved Web App Security Testing (OWASP AppSec DC)
 
Oh No They Didn't! 7 Web App Security Stories (v1.0)
Oh No They Didn't! 7 Web App Security Stories (v1.0)Oh No They Didn't! 7 Web App Security Stories (v1.0)
Oh No They Didn't! 7 Web App Security Stories (v1.0)
 
The QA Analyst's Hacker's Landmark Tour v3.0
The QA Analyst's Hacker's Landmark Tour v3.0The QA Analyst's Hacker's Landmark Tour v3.0
The QA Analyst's Hacker's Landmark Tour v3.0
 
Magic Numbers - 5 KPIs for Measuring SSA Program Success v1.3.2
Magic Numbers - 5 KPIs for Measuring SSA Program Success v1.3.2Magic Numbers - 5 KPIs for Measuring SSA Program Success v1.3.2
Magic Numbers - 5 KPIs for Measuring SSA Program Success v1.3.2
 
Sans Feb 2010 - When Web 2 0 Attacks v3.3
Sans Feb 2010 - When Web 2 0 Attacks v3.3Sans Feb 2010 - When Web 2 0 Attacks v3.3
Sans Feb 2010 - When Web 2 0 Attacks v3.3
 
StarWest 2009 - Detective Work For Testers: Finding Workflow Based Defects
StarWest 2009 - Detective Work For Testers: Finding Workflow Based DefectsStarWest 2009 - Detective Work For Testers: Finding Workflow Based Defects
StarWest 2009 - Detective Work For Testers: Finding Workflow Based Defects
 

Dernier

08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 

Dernier (20)

08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 

Operationalizing Security Intelligence [ InfoSec World 2014 ]

  • 1. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. OperationalizingSecurity Intelligence Rafal M. Los Principal, Strategic Security Services HP Enterprise Security Services #InfoSecWorld-2014
  • 2. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Tosetyourexpectations: Thisisasuper-ultracondensed introductiontoaverycomplex topic.
  • 3. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. whatis“securityintelligence”?
  • 4. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. “collective set ofactivities, and artifacts to make intelligence- drivendecisions”
  • 5. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. detect,respond,resolvemore effectivelyintheattacklifecycle
  • 6. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. didsomeonesay“killchain”?
  • 7. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. reconnaissance weaponization delivery exploitationinstallation command & control (c2) actions on objectives TheLockheedMartin“KillChain”
  • 8. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. youradversariesareorganized
  • 9. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. youradversariesareadaptable
  • 10. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. yourdefensesarestatic
  • 11. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. yourdefensesarepredictable
  • 12. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. PREVENTIONISAMYTH
  • 13. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. timeforabetter gameplan
  • 14. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. oldgoal:don’tgetbreached
  • 15. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. newgoal:disrupttheattack bonuspointsfordisruptingtheattacker
  • 16. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. reality: yourdefenseswillbebreached
  • 17. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 18. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. sonowwhat?
  • 19. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. thistalkisaframeworkforyou
  • 20. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. ..changeislongoverdue.
  • 21. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. thepuzzlepieces
  • 22. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. thetoolbox
  • 23. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. thedata
  • 24. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. theoperationalprocesses
  • 25. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. theactions
  • 26. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. let’sbreakthatdown…
  • 27. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. thetoolbox
  • 28. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. datastore aggregation andanalyticsengine
  • 29. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. data data intelligence data
  • 30. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. scalable flexible extensible fast affordable
  • 31. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. -variousscanningtools -work-streamsystem -collaborationtools
  • 32. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Thingstolookfor: • normalized input/output data format(s) • inter-operability • extensibility • scriptable automation • scalability • maintainability • feature richness • ease-of-use
  • 33. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. pickatool-setthatmatchesyour companyprofile
  • 34. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. thedata
  • 35. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. internal: knowyourenterpriseattacksurface
  • 36. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. startwiththefundamentals
  • 37. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. mapthenetwork identifyexistingtechnologies identifybusinesscriticalassets
  • 38. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. createrepresentativedatamodels continuouslyupdatethesemodels
  • 39. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. “currentstate”[snapshot]
  • 40. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. whatarewevulnerabletorightnow? whatarewedoingaboutit?
  • 41. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. THISisyourstartingpoint.
  • 42. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. nowaddcontext
  • 43. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Attribute Data asset_type <asset_type> asset_criticality <criticality_level> OS <os_name> OS-patch-level <major_minor> purpose <text> owner <owner_name> owner-BU <business_unit> owner-contact-email <email> owner-contact-phone <phone> installed-software . change-info . vulnerability-info . … … software version software_name <version> software_name <version> software_name <version> … … change_info data last-change <date> last-change-made <text> last-change-tech <name> … … vuln_info data vulnerability <severity> … … 10.1.2.100
  • 44. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. thereisnosuchthing*as “toomuchinformation” * almost…
  • 45. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. “livedata”[continuousfeeds]
  • 46. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. detectchanges toenvironment inassets
  • 47. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. determinenewthreats
  • 48. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 49. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. whatchanged? whatisthepotentialimpact?
  • 50. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. continuousdetectionofchange • new (previously unseen) node on network • unauthorized configuration change • unauthorized change to application, or system • new/modified user, or access rights • new vulnerability or missing patch
  • 51. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. requirement: TVMprogram (threat&vulnerabilitymanagement)
  • 52. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. requirement: configurationmanagementDB (manage,authorizeconfigchanges)
  • 53. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. requirement: collectivelogging (logkeyitems,onkeyassets)
  • 54. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 55. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. logaggregateanalyzeidentify refine
  • 56. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Keyloggingquestionstoanswer: • what should you be logging? • what assets should you log from? • what should you look for? • how do you define ‘timely’? • how much should I be storing for analysis?
  • 57. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. external: besituationallyaware
  • 58. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. forexample– • sentiment against your brand/organization • threat climate of your business vertical • attacks against similar organizations, vertical • specific threats against your staff/resources • geopolitical issues pertaining to your enterprise • 3rd party reported vulnerabilities • 3rd party reported exploits • weaknesses in your external technologies • reported abused enterprise assets
  • 59. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. refining‘data’purposefully IP address context external info analysis
  • 60. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. definingandoperationalizing processes
  • 61. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. gatheringinformation
  • 62. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. failyourinformationquickly
  • 63. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 64. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. it’sinteresting… butisituseful?
  • 65. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. notallinformationisuseful
  • 66. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. toolstoparedowninformation • simple scripts • data analysis applications • relational mapping tools • ‘big data’ platforms • structured & unstructured data analyses
  • 67. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. findinginformationiseasy
  • 68. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. throwingawayjunkishard
  • 69. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. refiningcollectedinformation
  • 70. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. convertinformationtoknowledge
  • 71. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 72. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. extremelydifficult
  • 73. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. manualprocess,foranalysts
  • 74. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. aidedbyautomation
  • 75. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 1 2 3 4 5 6
  • 76. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. deliveringintelligence
  • 77. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. informationnecessary tomakeadecision
  • 78. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. must.be.repeatable.
  • 79. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. must.be.actionable.
  • 80. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. AnalysisisNOTenough.
  • 81. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. needtoanswer:“Sowhat?”
  • 82. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. providethoroughanalysis backedbyactualfacts,data
  • 83. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. inatimelyfashion
  • 84. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. inauseful,consumableformat
  • 85. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. takingaction
  • 86. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. rulesofengagement (whatareyouallowedtodo?)
  • 87. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. take‘purposeful’action
  • 88. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. whichprocessisactivated? incidentresponse securityoperations
  • 89. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. takingaction
  • 90. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. detect
  • 91. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. beproactive out-maneuverthethreat
  • 92. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. bereactive counteractivethreat
  • 93. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. respond
  • 94. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. mitigatethevulnerability
  • 95. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. minimizetheimpactofattack
  • 96. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. shutdownanactiveattack
  • 97. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. activelyshiftdefenses
  • 98. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. identifytheattacker
  • 99. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. resolve
  • 100. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. restoreservices
  • 101. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Closed Loop Incident Process
  • 102. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. adjustsecurityoperations
  • 103. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. shareIOCs
  • 104. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. quickrecap
  • 105. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. “SecurityIntelligence”is.. the capability to detect, respond, and resolveyour security incidents though an information-driven approach.
  • 106. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Youcandothis. Youneedtodothis.
  • 107. © Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Knowmore. Defendsmarter.