Amateur Hour: Why APTs Are The Least Of Your Worries

•

2 j'aime•911 vues

InfoSec World 2016

Amateur Hour
Why APTs Are the Least of Your Worries

Ed Bellis
• Co-founder and CTO at Kenna Security, an
automated risk & vulnerability intelligence
platform
• Orbitz CISO for 6 years
• 20+ years Info Security experience
including Bank of America, CSC, E&Y
• Contributing Author Beautiful Security
• Frequent speaker at events such as…
About Me

Warning
This presentation contains large amounts of data
used for the purpose of proving an information
security theory. No marketers were harmed
during the making of this presentation.

“APT-1, Titan Rain,
GhostNet, Aurora,
Stuxnet, Red October,
and Duqu, Oh my!!”

Real but Likely??
• Spreadsheets that require a black belt in Excel
• COUNT ALL THE THINGS!

Likely or Very Likely?
74%

Don’t Worry, We Got This
67%

“What is real?
How do you define real?”

2016 DBIR
A Sneak Preview

Your Threat Model Is Backwards
“While 2015 was no
chump when it came to
successfully exploited
CVEs, the tally of
really old CVEs which
still get exploited in
2015 suggests that the
oldies are still
goodies.”

Your Confidence Is Unwarranted
“…we need to see
more of targeted
remediation
efforts which more
often than not
focus on those
vulnerabilities
which attackers
are successful with
in the wild.”

The Great Defensive Gap

“Low Hanging Fruit”
“if a vulnerability is
going to be
exploited, 30 days
is a good bet for
how much time you
have to remediate.“

The Tortoise
On Average it takes
companies 100 to
120 days to
remediate
vulnerabilities.

Versus The Hare
The probability that
a CVE that is
exploited in the
first year will be hit
X days after
publication. At
40-60 days, that
probability is over
90 percent.

Casual attacker
power grows
at the rate of
Metasploit.

But HD Moore’s Law is just the Tip of the Iceberg

Are These Attributes In Your Threat Model?

What About These?

Secure Because Math
Existing Exploit + Patch Available + RCE
> Advanced Persistent Threat
P for Probability!
…or put another way… “Why Burn a Zero Day?”

Key Takeaways
1.Focus on the Basics
2.Automate your Defenses
A. Configuration Management
B. Patch Management
C. Compensating Controls
D. Continuous Deployment
Make it necessary to be both Advanced and Persistent.

Q&A

Contenu connexe

Tendances

DevSecCon Singapore 2018 - Measuring and maximizing vuln discovery efforts by...

DevSecCon Singapore 2018 - Measuring and maximizing vuln discovery efforts by...

DevSecCon Singapore 2018 - Measuring and maximizing vuln discovery efforts by...

Why is Security Management So Hard?

Why is Security Management So Hard?

Why is Security Management So Hard?

Many threat intelligence teams are small and must make limited resources work in the most efficient way possible. The data these teams rely on may be quite high volume and potentially low signal to noise ratio. The tools used to collect and exploit this data have finite resources and must be leveraged at the highest utilization possible. Additionally, these tools must be applied to the most valuable data first. This talk presents a process that your team can implement to make your threat and malware hunting more efficient. The core of this process uses YARA rules to process files from an arbitrary source in volume. From that core, it covers methods of prioritizing the output of the rules based on the team’s priority and the confidence in the quality of the rules. Using this process, files are submitted to sandboxes for automated analysis. The output of each of these systems is then parsed for certain qualities that would increase or decrease the value of the information to the team. Attendees will take away not only a solid process that they can implement in their own organizations, but also a list of gotchas and problems that they should avoid. Robert Simmons is Director of Research Innovation at ThreatConnect, Inc. With an expertise in building automated malware analysis systems based on open source tools, he has been tracking malware and phishing attacks and picking them apart for years. Robert has spoken on malware analysis at many of the top security conferences including DEFCON, HOPE, and DerbyCon among others. Robert, also known as Utkonos, has a background in biology, linguistics, and Russian area studies. He has lived extensively in Russia and Ukraine and has been known to swear profusely and constantly in Russian.

Advanced Threat Hunting - Botconf 2017

Advanced Threat Hunting - Botconf 2017

Advanced Threat Hunting - Botconf 2017

Ops Happen: Improve Security Without Getting in the Way

Ops Happen: Improve Security Without Getting in the Way

Ops Happen: Improve Security Without Getting in the Way

SeniorStoryteller

Enterprise security teams are facing numerous challenges because of evolving threat vectors bypassing existing technology, deluge of alerts, and lack of skilled resources to stop advanced threats. Even if enterprises have a budget to bring in outside incident response and forensics teams to stop the bleeding, by then, damages and loss have already occurred. Security teams must change the shape of their security program to stop threats at the earliest and all stages of the attacker lifecycle. Join 451 Research Senior Analyst, Adrian Sanabria, and Director of Products at Endgame, Mike Nichols, talk about how earliest prevention and instant detection can change the shape and outcome of enterprise security program. This talk will outline strategies for: • Prioritizing the alerts and events that really matter • Identifying parts of the investigation workflow that can be automated • Building a detection methodology that creates confidence and continuously improves defenses

451 and Endgame - Zero breach Tolerance: Earliest protection across the attac...

451 and Endgame - Zero breach Tolerance: Earliest protection across the attac...

451 and Endgame - Zero breach Tolerance: Earliest protection across the attac...

Adrian Sanabria

Threat Hunting 102: Beyond the Basics

Threat Hunting 102: Beyond the Basics

Threat Hunting 102: Beyond the Basics

Building a Threat Hunting Practice in the Cloud

Building a Threat Hunting Practice in the Cloud

Building a Threat Hunting Practice in the Cloud

ProtectWise and Demisto enable security analysts to move quickly from detection to response and resolution. ProtectWise leverages advanced analysis techniques and unlimited retention of full-fidelity network traffic to provide highly reliable detection of known and unknown threats in real-time and retrospectively. Demisto provides automation playbooks that convert these detections into action for the point products in your security infrastructure.

See Clearly and Respond Quickly from the Network to the Endpoint

See Clearly and Respond Quickly from the Network to the Endpoint

See Clearly and Respond Quickly from the Network to the Endpoint

Shifting Security Left - The Innovation of DevSecOps - ValleyTechCon

Shifting Security Left - The Innovation of DevSecOps - ValleyTechCon

Shifting Security Left - The Innovation of DevSecOps - ValleyTechCon

DevSecOps Days Istanbul 2020 Security Chaos Engineering

DevSecOps Days Istanbul 2020 Security Chaos Engineering

DevSecOps Days Istanbul 2020 Security Chaos Engineering

Outpost24 webinar - The economics of penetration testing in the new threat la...

Outpost24 webinar - The economics of penetration testing in the new threat la...

Outpost24 webinar - The economics of penetration testing in the new threat la...

There are over 100 endpoint security products that claim to stop malware and other attacks against Windows. Nearly every major security incident or breach that has made media headlines had two things in common: Windows running one of these 100 products. This workshop won't spend any time bashing vendors, however. In fact, many of these products can be valuable assets when part of a more comprehensive endpoint protection strategy. Part one of this workshop will address the anatomy of malware and why it succeeds so often. The second part will dive down into practical defensive strategies, including passive prevention, detection, response, and remediation. - Passive prevention is effectively free and ideal - Prevention will always fail a percentage of the time, so detection is essential - Response, if practiced and efficient, has a chance of stopping attacks before they reach their goal - Remediation, because someone has to clean up this mess... Every successful security strategy includes planning to handle failure quickly and effectively. The remainder of the workshop will be hands-on. Part three will review the native defensive capabilities in Windows and the pros/cons associated with using them. For the finale, brave and trusting attendees will be invited to run neutered malware on the virtual Windows systems provided for this workshop to test out our newfound defensive skills. If not, there's no shame in watching your neighbor infect themselves with ransomware as you take notes.

Stranded on Infosec Island: Defending the Enterprise with Nothing but Windows...

Stranded on Infosec Island: Defending the Enterprise with Nothing but Windows...

Stranded on Infosec Island: Defending the Enterprise with Nothing but Windows...

Adrian Sanabria

First presented at Cloud Security World in Boston on June 15th, 2016. Once upon a time, walls were erected between the Linux/UNIX crowd, Windows admins and the mainframers. Each architecture had its place and its experts, and they rarely mixed. This time around, we didn’t just get a new domain, we got a new way of doing IT and running businesses. Cloud has created new opportunities and DevOps has capitalized on them. The result of this combination is so unrecognizable that it isn’t uncommon to see IT organizations split down the middle by the new and old approaches. As DevOps continues to gain in popularity, the same split is occurring in the security workforce. Will the traditional security practitioner be in danger of becoming obsolete?

Cloud, DevOps and the New Security Practitioner

Cloud, DevOps and the New Security Practitioner

Cloud, DevOps and the New Security Practitioner

Adrian Sanabria

Even though large breaches have hit headline news in years past, some companies are still on the fence about investing in cybersecurity. As a security practitioner (or jack of all trades) how can you be expected to cover your assets with zero budget? Thankfully, there are plenty of open-source tools out there that will allow you to secure your organization. Come join me as I discuss how you can track your network assets, perform vulnerability assessments, prevent attacks with intrusion prevention systems, and even deploy HIDS. We will also jump into finding sensitive data and PII in your network, as well as incident response tools and automation. All it costs is your time (and maybe a VM or two). You really can drastically improve the security posture of your network with little to no budget, and you’ll have fun doing it! OK, maybe it won’t be fun, but at least you’ll learn something, right?

Open Source Defense for Edge 2017

Open Source Defense for Edge 2017

Open Source Defense for Edge 2017

Adrian Sanabria

One login enemy at the gates

One login enemy at the gates

One login enemy at the gates

DevSecOps & Security Chaos Engineering - "Knowing the Unknown" - "Resilience is the story of the outage that didn’t happen". - John Allspaw Our systems are becoming more and more distributed, ephemeral, and immutable in how they function in today’s ever-evolving landscape of contemporary engineering practices. Not only are we becoming more complex but the rate of velocity in which our systems are now interacting, and evolving is making the work more challenging for us humans. In this shifted paradigm, it is becoming problematic to comprehend the operational state, health and safety of our systems. In this session Aaron will uncover what Chaos Engineering is, why we need it, and how it can be used as a tool for building more performant, safe and secure systems. We will uncover the importance of using Chaos Engineering in developing a learning culture through system experimentation. Lastly, we will walk through how to get started using Chaos Engineering as well as dive into how it can be applied to cyber security and other important engineering domains.

GDS-Austin - DevSecOps & Security Chaos Engineering

GDS-Austin - DevSecOps & Security Chaos Engineering

GDS-Austin - DevSecOps & Security Chaos Engineering

New Barriers of Transformation

New Barriers of Transformation

New Barriers of Transformation

DevOps Indonesia

Falcon OverWatch Experts Hunt 24/7 To Stop Incidents Before They Become Breaches Is your IT security team suffering from alert fatigue? For many organizations, chasing down every security alert can tax an already overburdened IT department, often resulting in a breach that might have been avoided. Adding to this challenge is an increase in sophisticated threats that strike so fast and frequently, traditional methods of investigation and response can’t offer adequate protection. A new webcast from CrowdStrike, “Proactive Threat Hunting: Game-Changing Endpoint Protection Above and Beyond Alerting,” discusses why so many organizations are vulnerable to unseen threats and alert fatigue, and why having an approach that is both reactive and proactive is key. You’ll also learn about Falcon OverWatch™, CrowdStrike’s proactive threat hunting service that investigates and responds to threats immediately, dramatically increasing your ability to react before a damaging breach occurs. Download the webcast slides to learn: --How constantly reacting to alerts prevents you from getting ahead of the potentially damaging threats designed to bypass standard endpoint security --Why an approach that includes proactive threat hunting, sometimes called Managed Detection and Response, is key to increasing protection against new and advanced threats --How CrowdStrike Falcon OverWatch can provide 24/7 managed threat hunting, augmenting your security efforts with a team of cyber intrusion detection analysts and investigators who proactively identify and prioritize incidents before they become damaging breaches

Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting

Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting

Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting

Mobile Application Security Threats through the Eyes of the Attacker

Mobile Application Security Threats through the Eyes of the Attacker

Mobile Application Security Threats through the Eyes of the Attacker

[Webinar] Building a Product Security Incident Response Team: Learnings from ...

[Webinar] Building a Product Security Incident Response Team: Learnings from ...

[Webinar] Building a Product Security Incident Response Team: Learnings from ...

Tendances (20)

DevSecCon Singapore 2018 - Measuring and maximizing vuln discovery efforts by...

DevSecCon Singapore 2018 - Measuring and maximizing vuln discovery efforts by...

DevSecCon Singapore 2018 - Measuring and maximizing vuln discovery efforts by...

Why is Security Management So Hard?

Why is Security Management So Hard?

Why is Security Management So Hard?

Advanced Threat Hunting - Botconf 2017

Advanced Threat Hunting - Botconf 2017

Advanced Threat Hunting - Botconf 2017

Ops Happen: Improve Security Without Getting in the Way

Ops Happen: Improve Security Without Getting in the Way

Ops Happen: Improve Security Without Getting in the Way

451 and Endgame - Zero breach Tolerance: Earliest protection across the attac...

451 and Endgame - Zero breach Tolerance: Earliest protection across the attac...

451 and Endgame - Zero breach Tolerance: Earliest protection across the attac...

Threat Hunting 102: Beyond the Basics

Threat Hunting 102: Beyond the Basics

Threat Hunting 102: Beyond the Basics

Building a Threat Hunting Practice in the Cloud

Building a Threat Hunting Practice in the Cloud

Building a Threat Hunting Practice in the Cloud

See Clearly and Respond Quickly from the Network to the Endpoint

See Clearly and Respond Quickly from the Network to the Endpoint

See Clearly and Respond Quickly from the Network to the Endpoint

Shifting Security Left - The Innovation of DevSecOps - ValleyTechCon

Shifting Security Left - The Innovation of DevSecOps - ValleyTechCon

Shifting Security Left - The Innovation of DevSecOps - ValleyTechCon

DevSecOps Days Istanbul 2020 Security Chaos Engineering

DevSecOps Days Istanbul 2020 Security Chaos Engineering

DevSecOps Days Istanbul 2020 Security Chaos Engineering

Outpost24 webinar - The economics of penetration testing in the new threat la...

Outpost24 webinar - The economics of penetration testing in the new threat la...

Outpost24 webinar - The economics of penetration testing in the new threat la...

Stranded on Infosec Island: Defending the Enterprise with Nothing but Windows...

Stranded on Infosec Island: Defending the Enterprise with Nothing but Windows...

Stranded on Infosec Island: Defending the Enterprise with Nothing but Windows...

Cloud, DevOps and the New Security Practitioner

Cloud, DevOps and the New Security Practitioner

Cloud, DevOps and the New Security Practitioner

Open Source Defense for Edge 2017

Open Source Defense for Edge 2017

Open Source Defense for Edge 2017

One login enemy at the gates

One login enemy at the gates

One login enemy at the gates

GDS-Austin - DevSecOps & Security Chaos Engineering

GDS-Austin - DevSecOps & Security Chaos Engineering

GDS-Austin - DevSecOps & Security Chaos Engineering

New Barriers of Transformation

New Barriers of Transformation

New Barriers of Transformation

Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting

Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting

Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting

Mobile Application Security Threats through the Eyes of the Attacker

Mobile Application Security Threats through the Eyes of the Attacker

Mobile Application Security Threats through the Eyes of the Attacker

[Webinar] Building a Product Security Incident Response Team: Learnings from ...

[Webinar] Building a Product Security Incident Response Team: Learnings from ...

[Webinar] Building a Product Security Incident Response Team: Learnings from ...

En vedette

TransUnion CISO Jasper Ossentjuk believes that with the increased pace of automated and targeted attacks, InfoSec teams can only work smarter—not harder. Find out how Jasper and his team leverage Kenna to automate key components of vulnerability management while they moved to a risk-based view that dramatically saved time, enhanced team efficacy, and equipped Jasper with high-level reporting that enabled him to share his team's results with his executive peers.

How TransUnion Moved to a Risk-Based Approach for Vulnerability Management

How TransUnion Moved to a Risk-Based Approach for Vulnerability Management

How TransUnion Moved to a Risk-Based Approach for Vulnerability Management

Security as Code: DOES15

Security as Code: DOES15

Security as Code: DOES15

Kony Mobile Management

Kony Mobile Management

Kony Mobile Management

Kony plaform short

Kony plaform short

Kony plaform short

Ss8 The Ready Guide 2 0

Ss8 The Ready Guide 2 0

Ss8 The Ready Guide 2 0

Presentation describes what security challenges automotive industry encounter with towards autonomous driving. What security threats appear and why. Who are the threat agents and what are their objectives. It presents end-to-end data path security threats based on the recent automated driving hardware architectures and propose defense-in-depth to solve approach on ECU and intra-ECU level to mitigate those threats

Autonomous driving end-to-end security architecture

Autonomous driving end-to-end security architecture

Autonomous driving end-to-end security architecture

Andrei Kholodnyi

En vedette (6)

How TransUnion Moved to a Risk-Based Approach for Vulnerability Management

How TransUnion Moved to a Risk-Based Approach for Vulnerability Management

How TransUnion Moved to a Risk-Based Approach for Vulnerability Management

Security as Code: DOES15

Security as Code: DOES15

Security as Code: DOES15

Kony Mobile Management

Kony Mobile Management

Kony Mobile Management

Kony plaform short

Kony plaform short

Kony plaform short

Ss8 The Ready Guide 2 0

Ss8 The Ready Guide 2 0

Ss8 The Ready Guide 2 0

Autonomous driving end-to-end security architecture

Autonomous driving end-to-end security architecture

Autonomous driving end-to-end security architecture

Similaire à Amateur Hour: Why APTs Are The Least Of Your Worries

Fix What Matters

Fix What Matters

Fix What Matters

Outpost24 webinar: Security Analytics: what's in a risk score

Outpost24 webinar: Security Analytics: what's in a risk score

Outpost24 webinar: Security Analytics: what's in a risk score

It’s impossible to prevent everything (we see examples of this in the press every week), so you must be prepared to respond. The sad fact is that you will be breached. Maybe not today or tomorrow, but it will happen. So response is more important than any specific control. But it’s horrifying how unsophisticated most organizations are about response. This is compounded by the reality of an evolving attack space, which means even if you do incident response well today, it won’t be good enough for tomorrow.

React Faster and Better: New Approaches for Advanced Incident Response

React Faster and Better: New Approaches for Advanced Incident Response

React Faster and Better: New Approaches for Advanced Incident Response

SilvioPappalardo

4 b. thomas whipp presentation

4 b. thomas whipp presentation

4 b. thomas whipp presentation

Clear and present danger: Cyber Threats and Trends 2017

Clear and present danger: Cyber Threats and Trends 2017

Clear and present danger: Cyber Threats and Trends 2017

Morakinyo Animasaun

Sect f41

SelectedPresentations

R af d

William L. McGill

Risk Analysis for Dummies

Risk Analysis for Dummies

Risk Analysis for Dummies

William L. McGill

Slides to the online event "Creating an effective cybersecurity strategy" by Berezha Security Group, where we debunked myths about cybersecurity and recommended some easy-to-use practical steps to build an effective cybersecurity strategy for your small business. Meeting plan: 1. Widespread misconceptions about the cybersecurity of small and medium-sized businesses. 2. 10 steps to combat cyber threats. How to protect business effectively within a limited budget? About the speakers -Vlad Styran, CISSP CISA, Co-founder & CEO, BSG Vlad is an internationally known cybersecurity expert with over 15+ years of experience in Penetration Testing, Social Engineering, and Security Awareness. He is a BSG Co-founder & CEO and responsible for business and cybersecurity strategies. He could help businesses with consulting services in software security, cybersecurity awareness, strategy, and investment. Also, he acts as a speaker, blogger, podcaster in his volunteer activities. - Andriy Varusha, CISSP, Co-founder & CSO, BSG Andriy is an experienced top manager in IT-audit, consulting, and IT project management by leading outsourcing teams in Ukraine, Poland, and the USA. He also is keen on building customer relationships within the US, UK, and Western Europe geographies. At BSG, he leads the BSG advisory practice and consults development teams in all aspects of cybersecurity. About BSG Berezha Security Group (BSG) is a Ukrainian consulting company focused on application security and penetration testing. Our job is to help companies in all aspects of cybersecurity. We complete more than 50 Penetration Testing and Application Security projects yearly to know the business security vulnerabilities across the verticals. We help our customers address their future security challenges: prevent data breaches and achieve compliance. Our contacts: hello@bsg.tech ; https://bsg.tech

Slides to the online event "Creating an effective cybersecurity strategy" by ...

Slides to the online event "Creating an effective cybersecurity strategy" by ...

Slides to the online event "Creating an effective cybersecurity strategy" by ...

Berezha Security Group

Risk management is a strategic security activity and is a cornerstone of security governance. The management of risk not only requires that we effectively measure it but also understand what effect vulnerability has on the level of risk. Both risk and vulnerability constantly change and not only in response to threats but also business initiatives. Does your organization have a mature risk and vulnerability identification, measurement and management process? The discussion will identify how risk responds to changes in vulnerability and how we might maximize our risk management activities to enhance the resilience of the organization and its assets. Presentation by: Philip Banks, P. Eng., CPP, Director, The Banks Group

Relating Risk to Vulnerability

Relating Risk to Vulnerability

Relating Risk to Vulnerability

Hackerone Chief Bounty Officer, Adam Bacchus, a fire breathing, mohawk wearing stud presented his "Bug Bounty Reports - How Do They Work?" at Nullcon 2017 in Goa, India for the Bounty Craft tracks. In this presentation you will learn: - How to know and research your audience - What are the atomic materials of a good bug report? - Good, Bad, and Ugly examples of bug reports (taxi driver anyone?) - What are some helpful resources - And more!! All these juicy details will help you level-up your reporting game and get you MORE bounties, invitation to BETTER programs, and INSANE exposure and love from fellow hackers.

Bounty Craft: Bug bounty reports how do they work, @sushihack presents at Nu...

Bounty Craft: Bug bounty reports how do they work, @sushihack presents at Nu...

Bounty Craft: Bug bounty reports how do they work, @sushihack presents at Nu...

Focusing on the Threats to the Detriment of the Vulnerabilities

Focusing on the Threats to the Detriment of the Vulnerabilities

Focusing on the Threats to the Detriment of the Vulnerabilities

Поставщики GRC-решений подают формальное соответствие как обязательный этап на пути к оценке рисков. Докладчик расскажет о недостатках таких решений, о том, что на самом деле требуется вместо них и как разумно применять существующие недорогие и перспективные решения для управления уязвимостями.

Управление рисками: как перестать верить в иллюзии

Управление рисками: как перестать верить в иллюзии

Управление рисками: как перестать верить в иллюзии

Positive Hack Days

How criminals extort businesses using RansomWare services from the DarkWeb. One of the biggest trends in technology over the last decade has been the growth of subscription-based service models or "SaaS". Instead of installing software directly in corporate environments, companies providing customers with the ability to effectively rent access to services they need without dealing with development and maintenance. Given the high demand for RansomWare in this day and age, creative cyber-criminal entrepreneurs followed this industry trend and created RansomWare As A Service (RaaS) to ease the burden of cyber attackers having to develop their own attacks. Join Nick Cavalancia from Techvangelism and Cyber Security Expert, Dr. Christine Izuakor as we discuss: How does RansomWare as a Service (RaaS) work? Examples of RansomWare As A Service (RaaS) provider If RaaS impacts you, what can you do? RansomWare detection & protection tools

The Rise of Ransomware As a Service

The Rise of Ransomware As a Service

The Rise of Ransomware As a Service

Your agents are fatigued and overwhelmed from fighting rogue attacks, and tailing covert ghost alerts. Meanwhile, the backdoor to your organization has been blown wide-open and cyber attackers are stealing the crown jewels. You need help. From this mission: • Uncover how to mitigate ghost alerts and empower your agents to focus on more important security priorities • Leverage your current security investments-- instead of replacing them • Learn how automation reduces the need for manual investigation and response

Hexis Cybersecurity Mission Possible: Taming Rogue Ghost Alerts

Hexis Cybersecurity Mission Possible: Taming Rogue Ghost Alerts

Hexis Cybersecurity Mission Possible: Taming Rogue Ghost Alerts

Hexis Cyber Solutions

The 5 Stages of Secrets Management Grief, And How to Prevail

The 5 Stages of Secrets Management Grief, And How to Prevail

The 5 Stages of Secrets Management Grief, And How to Prevail

20 years ago information security was a low corporate priority that was the realm of technical geeks. Factors such as the rapidly-evolving threat environment and increased corporate impact have elevated it to a multidisciplinary risk management discipline...which sometimes has a seat at the table. This talk explores what we're doing wrong, why it's ineffective (or worse), and better ways of thinking and doing. You will learn to question the status quo, rethink existing paradigms, and leverage better approaches from information security and other disciplines. Think different! Act different!

Bad Advice, Unintended Consequences, and Broken Paradigms: Think & Act Di...

Bad Advice, Unintended Consequences, and Broken Paradigms: Think & Act Di...

Bad Advice, Unintended Consequences, and Broken Paradigms: Think & Act Di...

Building a Security culture at Skyscanner 2016

Building a Security culture at Skyscanner 2016

Building a Security culture at Skyscanner 2016

Vendors are lured by visions of long-term residual subscription income, while customers dream of IT services and software without significant upfront costs. Sounds like techno Shangri-La, but what of security? Pessimists warn us away from the Cloud on the grounds that we should maintain control over the security of our property. Those bullish on the Cloud argue often delusionaly that your data is safer in the Cloud than on your own hard drives. Make no mistake: the Internet is the lion's den, and the Cloud sits squarely in it. This session will discuss the security realities of traditional IT software and infrastructure, and contrast them with those of Cloud-based resources.

Cloud Security - Idealware

Cloud Security - Idealware

Cloud Security - Idealware

Black ops 2012

Similaire à Amateur Hour: Why APTs Are The Least Of Your Worries (20)

Fix What Matters

Fix What Matters

Fix What Matters

Outpost24 webinar: Security Analytics: what's in a risk score

Outpost24 webinar: Security Analytics: what's in a risk score

Outpost24 webinar: Security Analytics: what's in a risk score

React Faster and Better: New Approaches for Advanced Incident Response

React Faster and Better: New Approaches for Advanced Incident Response

React Faster and Better: New Approaches for Advanced Incident Response

4 b. thomas whipp presentation

4 b. thomas whipp presentation

4 b. thomas whipp presentation

Clear and present danger: Cyber Threats and Trends 2017

Clear and present danger: Cyber Threats and Trends 2017

Clear and present danger: Cyber Threats and Trends 2017

Sect f41

R af d

Risk Analysis for Dummies

Risk Analysis for Dummies

Risk Analysis for Dummies

Slides to the online event "Creating an effective cybersecurity strategy" by ...

Slides to the online event "Creating an effective cybersecurity strategy" by ...

Slides to the online event "Creating an effective cybersecurity strategy" by ...

Relating Risk to Vulnerability

Relating Risk to Vulnerability

Relating Risk to Vulnerability

Bounty Craft: Bug bounty reports how do they work, @sushihack presents at Nu...

Bounty Craft: Bug bounty reports how do they work, @sushihack presents at Nu...

Bounty Craft: Bug bounty reports how do they work, @sushihack presents at Nu...

Focusing on the Threats to the Detriment of the Vulnerabilities

Focusing on the Threats to the Detriment of the Vulnerabilities

Focusing on the Threats to the Detriment of the Vulnerabilities

Управление рисками: как перестать верить в иллюзии

Управление рисками: как перестать верить в иллюзии

Управление рисками: как перестать верить в иллюзии

The Rise of Ransomware As a Service

The Rise of Ransomware As a Service

The Rise of Ransomware As a Service

Hexis Cybersecurity Mission Possible: Taming Rogue Ghost Alerts

Hexis Cybersecurity Mission Possible: Taming Rogue Ghost Alerts

Hexis Cybersecurity Mission Possible: Taming Rogue Ghost Alerts

The 5 Stages of Secrets Management Grief, And How to Prevail

The 5 Stages of Secrets Management Grief, And How to Prevail

The 5 Stages of Secrets Management Grief, And How to Prevail

Bad Advice, Unintended Consequences, and Broken Paradigms: Think & Act Di...

Bad Advice, Unintended Consequences, and Broken Paradigms: Think & Act Di...

Bad Advice, Unintended Consequences, and Broken Paradigms: Think & Act Di...

Building a Security culture at Skyscanner 2016

Building a Security culture at Skyscanner 2016

Building a Security culture at Skyscanner 2016

Cloud Security - Idealware

Cloud Security - Idealware

Cloud Security - Idealware

Black ops 2012

Plus de Ed Bellis

BSidesSF 2014 Fix What Matters:Why CVSS Sucks

BSidesSF 2014 Fix What Matters:Why CVSS Sucks

BSidesSF 2014 Fix What Matters:Why CVSS Sucks

Reading the Security Tea Leaves

Reading the Security Tea Leaves

Reading the Security Tea Leaves

BSidesLV Vulnerability & Exploit Trends

BSidesLV Vulnerability & Exploit Trends

BSidesLV Vulnerability & Exploit Trends

Palmer Symposium

Palmer Symposium

Palmer Symposium

BSides SF Security Mendoza Line

BSides SF Security Mendoza Line

BSides SF Security Mendoza Line

A few years ago Alex Hutton coined the term Security Mendoza Line. It was in reference to Mario Mendoza the baseball player often used as a baseline for how well a player must hit in order to stay in the major leagues and not be demoted. Keeping up with the attacks automated within Metasploit can often serve as that baseline within information security. More recently, Josh Corman defined HD Moore's Law as "Casual Attacker power grows at the rate of Metasploit". In other words, that baseline is moving and we are not keeping up. In a hyped industry where much of the talk remains around Advanced Persistent Threats it's the baseline that we continue to miss as proven out in reports like Verizon's Data Breach Investigation Report. Looking at the most common breaches they are most likely to be targets of opportunity where the defenders have let the basics slip through the cracks. In this talk, we will cover why paying attention to HD Moore's Law is important and how to stay on top of this changing threat measurement. We'll offer real world examples on how an organization can identify where they stand against the Security Mendoza Line and how they can alert and defend against falling below the baseline. Content will cover not only identified threats through Metasploit modules but through the myriad of exploit sources available across the internet.

SecTor 2012 The Security Mendoza Line

SecTor 2012 The Security Mendoza Line

SecTor 2012 The Security Mendoza Line

An Economic Approach to Info Security

An Economic Approach to Info Security

An Economic Approach to Info Security

Bay threat2011

For years businesses have been mining and culling data warehouses to measure every layer of their business right down to the clickstream information of their web sites. These business intelligence tools have helped organizations identify points of poor product performance, highlighting areas of current and potential future demand, key performance indicators, etc. In the information security field we still tend to look at our information in silos. Dedicated engineers solely focused on web application security, network security, compliance and so on, all while bemoaning a lack of support and information. What if Information Security teams operated with the same insight as the product, marketing and business intelligence groups within their organization? Imagine if you had a data warehouse covering all of your applications, infrastructure, logs, vulnerability assessments, incidents, financial information, and meta data. What could you do with this readily available information? By gathering and using both internal and public data, information security teams can utilize decision support systems allowing them to prioritize remediation efforts and react faster to issues. When looking through disparate data sources with a security lens, a security team can mine information that may expose threats through multiple vectors or paths. In this talk, Ed will cover some of the many sources of security data publicly available and how to apply them to add context to your security data and tools to help make more intelligent decisions. Ed also points out a number of ways to repurpose information and tools your company is already using in order to glean a clearer view into your information security program and the threats that may effect it.

SecTor - The Search For Intelligent Life

SecTor - The Search For Intelligent Life

SecTor - The Search For Intelligent Life

That's So Meta: Gleaning Business Context In The Vulnerability Warehouse Ed Bellis, HoneyApps For years businesses have been mining and culling data warehouses to measure every layer of their business right down to the clickstream information of their web sites. These business intelligence tools have helped organizations identify points of poor product performance, highlighting areas of current and potential future demand, key performance indicators, etc. Imagine if you had a data warehouse covering all of your applications, infrastructure, logs, vulnerability assessments, incidents, financial information, and metadata. What could you do with this readily available information? In this talk, Ed will cover some of the many sources of security data publicly available and how to apply them to add context to your security data and tools to help make more intelligent decisions. Ed also points out a number of ways to repurpose information and tools your company is already using in order to glean a clearer view into your security program and the threats that may affect it.

Metricon 6 That's So Meta

Metricon 6 That's So Meta

Metricon 6 That's So Meta

Plus de Ed Bellis (10)

BSidesSF 2014 Fix What Matters:Why CVSS Sucks

BSidesSF 2014 Fix What Matters:Why CVSS Sucks

BSidesSF 2014 Fix What Matters:Why CVSS Sucks

Reading the Security Tea Leaves

Reading the Security Tea Leaves

Reading the Security Tea Leaves

BSidesLV Vulnerability & Exploit Trends

BSidesLV Vulnerability & Exploit Trends

BSidesLV Vulnerability & Exploit Trends

Palmer Symposium

Palmer Symposium

Palmer Symposium

BSides SF Security Mendoza Line

BSides SF Security Mendoza Line

BSides SF Security Mendoza Line

SecTor 2012 The Security Mendoza Line

SecTor 2012 The Security Mendoza Line

SecTor 2012 The Security Mendoza Line

An Economic Approach to Info Security

An Economic Approach to Info Security

An Economic Approach to Info Security

Bay threat2011

SecTor - The Search For Intelligent Life

SecTor - The Search For Intelligent Life

SecTor - The Search For Intelligent Life

Metricon 6 That's So Meta

Metricon 6 That's So Meta

Metricon 6 That's So Meta

Dernier

In this session, we will delve into strategic approaches for optimizing knowledge management within Microsoft 365, amidst the evolving landscape of Copilot. From leveraging automatic metadata classification and permission governance with SharePoint Premium, to unlocking Viva Engage for the cultivation of knowledge and communities, you will gain actionable insights to bolster your organization's knowledge-sharing initiatives. In this session, we will also explore how to facilitate solutions to enable your employees to find answers and expertise within Microsoft 365. You will leave equipped with practical techniques and a deeper understanding of how there is more to effective knowledge management than just enabling Copilot, but building actual solutions to prepare the knowledge that Copilot and your employees can use.

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

The value of a flexible API Management solution for Open Banking Steve Melan, Manager for IT Innovation and Architecture - State's and Saving's Bank of Luxembourg Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - The value of a flexible API Management solution for O...

Apidays New York 2024 - The value of a flexible API Management solution for O...

Apidays New York 2024 - The value of a flexible API Management solution for O...

2024: Domino Containers - The Next Step. News from the Domino Container commu...

2024: Domino Containers - The Next Step. News from the Domino Container commu...

2024: Domino Containers - The Next Step. News from the Domino Container commu...

Martijn de Jong

Accelerating FinTech Innovation: Unleashing API Economy and GenAI Vasa Krishnan, Chief Technology Officer - FinResults Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...

💉💊+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHABI}}+971581248768 +971581248768 Mtp-Kit (500MG) Prices » Dubai [(+971581248768**)] Abortion Pills For Sale In Dubai, UAE, Mifepristone and Misoprostol Tablets Available In Dubai, UAE CONTACT DR.Maya Whatsapp +971581248768 We Have Abortion Pills / Cytotec Tablets /Mifegest Kit Available in Dubai, Sharjah, Abudhabi, Ajman, Alain, Fujairah, Ras Al Khaimah, Umm Al Quwain, UAE, Buy cytotec in Dubai +971581248768''''Abortion Pills near me DUBAI | ABU DHABI|UAE. Price of Misoprostol, Cytotec” +971581248768' Dr.DEEM ''BUY ABORTION PILLS MIFEGEST KIT, MISOPROTONE, CYTOTEC PILLS IN DUBAI, ABU DHABI,UAE'' Contact me now via What's App…… abortion Pills Cytotec also available Oman Qatar Doha Saudi Arabia Bahrain Above all, Cytotec Abortion Pills are Available In Dubai / UAE, you will be very happy to do abortion in Dubai we are providing cytotec 200mg abortion pill in Dubai, UAE. Medication abortion offers an alternative to Surgical Abortion for women in the early weeks of pregnancy. We only offer abortion pills from 1 week-6 Months. We then advise you to use surgery if its beyond 6 months. Our Abu Dhabi, Ajman, Al Ain, Dubai, Fujairah, Ras Al Khaimah (RAK), Sharjah, Umm Al Quwain (UAQ) United Arab Emirates Abortion Clinic provides the safest and most advanced techniques for providing non-surgical, medical and surgical abortion methods for early through late second trimester, including the Abortion By Pill Procedure (RU 486, Mifeprex, Mifepristone, early options French Abortion Pill), Tamoxifen, Methotrexate and Cytotec (Misoprostol). The Abu Dhabi, United Arab Emirates Abortion Clinic performs Same Day Abortion Procedure using medications that are taken on the first day of the office visit and will cause the abortion to occur generally within 4 to 6 hours (as early as 30 minutes) for patients who are 3 to 12 weeks pregnant. When Mifepristone and Misoprostol are used, 50% of patients complete in 4 to 6 hours; 75% to 80% in 12 hours; and 90% in 24 hours. We use a regimen that allows for completion without the need for surgery 99% of the time. All advanced second trimester and late term pregnancies at our Tampa clinic (17 to 24 weeks or greater) can be completed within 24 hours or less 99% of the time without the need surgery. The procedure is completed with minimal to no complications. Our Women's Health Center located in Abu Dhabi, United Arab Emirates, uses the latest medications for medical abortions (RU-486, Mifeprex, Mifegyne, Mifepristone, early options French abortion pill), Methotrexate and Cytotec (Misoprostol). The safety standards of our Abu Dhabi, United Arab Emirates Abortion Doctors remain unparalleled. They consistently maintain the lowest complication rates throughout the nation. Our Physicians and staff are always available to answer questions and care for women in one of the most difficult times in their lives. The decision to have an abortion at the Abortion Cl

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@

Whatsapp Number Escorts Call girls 8617370543 Available 24x7 Navi Mumbai Call Girls Service Offer Genuine VIP Model Escorts Call Girls in Your Budget. Navi Mumbai Call Girls Service Provide Real Call Girls Number. Make Your Sexual Pleasure Memorable with Our Navi Mumbai Call Girls at Affordable Price. Top VIP Escorts Call Girls, High Profile Independent Escorts Call Girls, Housewife Women Escorts Call Girl, College Girls Escorts Call Girls, Russian Escorts Call girls Service in Your Budget.

Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model

Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model

Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Juan lago vázquez

Webinar Recording: https://www.panagenda.com/webinars/why-teams-call-analytics-is-critical-to-your-entire-business Nothing is as frustrating and noticeable as being in an important call and being unable to see or hear the other person. Not surprising then, that issues with Teams calls are among the most common problems users call their helpdesk for. Having in depth insight into everything relevant going on at the user’s device, local network, ISP and Microsoft itself during the call is crucial for good Microsoft Teams Call quality support. To ensure a quick and adequate solution and to ensure your users get the most out of their Microsoft 365. But did you know that ‘bad calls’ are also an excellent indicator of other problems arising? Precisely because it is so noticeable!? Like the canary in the mine, bad calls can be early indicators of problems. Problems that might otherwise not have been noticed for a while but can have a big impact on productivity and satisfaction. Join this session by Christoph Adler to learn how true Microsoft Teams call quality analytics helped other organizations troubleshoot bad calls and identify and fix problems that impacted Teams calls or the use of Microsoft365 in general. See what it can do to keep your users happy and productive! In this session we will cover - Why CQD data alone is not enough to troubleshoot call problems - The importance of attributing call problems to the right call participant - What call quality analytics can do to help you quickly find, fix-, and prevent problems - Why having retrospective detailed insights matters - Real life examples of how others have used Microsoft Teams call quality monitoring to problem shoot problems with their ISP, network, device health and more.

Why Teams call analytics are critical to your entire business

Why Teams call analytics are critical to your entire business

Why Teams call analytics are critical to your entire business

ICT role in 21st century education and its challenges

ICT role in 21st century education and its challenges

ICT role in 21st century education and its challenges

rafiqahmad00786416

In the thrilling conclusion to 2023, ransomware groups had a banner year, really outdoing themselves in the "make everyone's life miserable" department. LockBit 3.0 took gold in the hacking olympics, followed by the plucky upstarts Clop and ALPHV/BlackCat. Apparently, 48% of organizations were feeling left out and decided to get in on the cyber attack action. Business services won the "most likely to get digitally mugged" award, with education and retail nipping at their heels. Hackers expanded their repertoire beyond boring old encryption to the much more exciting world of extortion. The US, UK and Canada took top honors in the "countries most likely to pay up" category. Bitcoins were the currency of choice for discerning hackers, because who doesn't love untraceable money?

Ransomware_Q4_2023. The report. [EN].pdf

Ransomware_Q4_2023. The report. [EN].pdf

Ransomware_Q4_2023. The report. [EN].pdf

Overkill Security

This presentations targets students or working professionals. You may know Google for search, YouTube, Android, Chrome, and Gmail, but did you know Google has many developer tools, platforms & APIs? This comprehensive yet still high-level overview outlines the most impactful tools for where to run your code, store & analyze your data. It will also inspire you as to what's possible. This talk is 50 minutes in length.

Powerful Google developer tools for immediate impact! (2023-24 C)

Powerful Google developer tools for immediate impact! (2023-24 C)

Powerful Google developer tools for immediate impact! (2023-24 C)

MINDCTI Revenue Release Quarter One 2024

MINDCTI Revenue Release Quarter One 2024

MINDCTI Revenue Release Quarter One 2024

Axa Assurance Maroc - Insurer Innovation Award 2024

Axa Assurance Maroc - Insurer Innovation Award 2024

Axa Assurance Maroc - Insurer Innovation Award 2024

The Digital Insurer

Following the popularity of "Cloud Revolution: Exploring the New Wave of Serverless Spatial Data," we're thrilled to announce this much-anticipated encore webinar. In this sequel, we'll dive deeper into the Cloud-Native realm by uncovering practical applications and FME support for these new formats, including COGs, COPC, FlatGeoBuf, GeoParquet, STAC, and ZARR. Building on the foundation laid by industry leaders Michelle Roby of Radiant Earth and Chris Holmes of Planet in the first webinar, this second part offers an in-depth look at the real-world application and behind-the-scenes dynamics of these cutting-edge formats. We will spotlight specific use-cases and workflows, showcasing their efficiency and relevance in practical scenarios. Discover the vast possibilities each format holds, highlighted through detailed discussions and demonstrations. Our expert speakers will dissect the key aspects and provide critical takeaways for effective use, ensuring attendees leave with a thorough understanding of how to apply these formats in their own projects. Elevate your understanding of how FME supports these cutting-edge technologies, enhancing your ability to manage, share, and analyze spatial data. Whether you're building on knowledge from our initial session or are new to the serverless spatial data landscape, this webinar is your gateway to mastering cloud-native formats in your workflows.

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

FWD Group - Insurer Innovation Award 2024

FWD Group - Insurer Innovation Award 2024

FWD Group - Insurer Innovation Award 2024

The Digital Insurer

Created by Mozilla Research in 2012 and now part of Linux Foundation Europe, the Servo project is an experimental rendering engine written in Rust. It combines memory safety and concurrency to create an independent, modular, and embeddable rendering engine that adheres to web standards. Stewardship of Servo moved from Mozilla Research to the Linux Foundation in 2020, where its mission remains unchanged. After some slow years, in 2023 there has been renewed activity on the project, with a roadmap now focused on improving the engine’s CSS 2 conformance, exploring Android support, and making Servo a practical embeddable rendering engine. In this presentation, Rakhi Sharma reviews the status of the project, our recent developments in 2023, our collaboration with Tauri to make Servo an easy-to-use embeddable rendering engine, and our plans for the future to make Servo an alternative web rendering engine for the embedded devices industry. (c) Embedded Open Source Summit 2024 April 16-18, 2024 Seattle, Washington (US) https://events.linuxfoundation.org/embedded-open-source-summit/ https://ossna2024.sched.com/event/1aBNF/a-year-of-servo-reboot-where-are-we-now-rakhi-sharma-igalia

A Year of the Servo Reboot: Where Are We Now?

A Year of the Servo Reboot: Where Are We Now?

A Year of the Servo Reboot: Where Are We Now?

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving

Real Time Object Detection Using Open CV

Real Time Object Detection Using Open CV

Real Time Object Detection Using Open CV

Automating Google Workspace (GWS) & more with Apps Script

Automating Google Workspace (GWS) & more with Apps Script

Automating Google Workspace (GWS) & more with Apps Script

Artificial Intelligence Chap.5 : Uncertainty

Artificial Intelligence Chap.5 : Uncertainty

Artificial Intelligence Chap.5 : Uncertainty

Khushali Kathiriya

Dernier (20)

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

Apidays New York 2024 - The value of a flexible API Management solution for O...

Apidays New York 2024 - The value of a flexible API Management solution for O...

Apidays New York 2024 - The value of a flexible API Management solution for O...

2024: Domino Containers - The Next Step. News from the Domino Container commu...

2024: Domino Containers - The Next Step. News from the Domino Container commu...

2024: Domino Containers - The Next Step. News from the Domino Container commu...

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model

Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model

Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Why Teams call analytics are critical to your entire business

Why Teams call analytics are critical to your entire business

Why Teams call analytics are critical to your entire business

ICT role in 21st century education and its challenges

ICT role in 21st century education and its challenges

ICT role in 21st century education and its challenges

Ransomware_Q4_2023. The report. [EN].pdf

Ransomware_Q4_2023. The report. [EN].pdf

Ransomware_Q4_2023. The report. [EN].pdf

Powerful Google developer tools for immediate impact! (2023-24 C)

Powerful Google developer tools for immediate impact! (2023-24 C)

Powerful Google developer tools for immediate impact! (2023-24 C)

MINDCTI Revenue Release Quarter One 2024

MINDCTI Revenue Release Quarter One 2024

MINDCTI Revenue Release Quarter One 2024

Axa Assurance Maroc - Insurer Innovation Award 2024

Axa Assurance Maroc - Insurer Innovation Award 2024

Axa Assurance Maroc - Insurer Innovation Award 2024

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

FWD Group - Insurer Innovation Award 2024

FWD Group - Insurer Innovation Award 2024

FWD Group - Insurer Innovation Award 2024

A Year of the Servo Reboot: Where Are We Now?

A Year of the Servo Reboot: Where Are We Now?

A Year of the Servo Reboot: Where Are We Now?

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving

Real Time Object Detection Using Open CV

Real Time Object Detection Using Open CV

Real Time Object Detection Using Open CV

Automating Google Workspace (GWS) & more with Apps Script

Automating Google Workspace (GWS) & more with Apps Script

Automating Google Workspace (GWS) & more with Apps Script

Artificial Intelligence Chap.5 : Uncertainty

Artificial Intelligence Chap.5 : Uncertainty

Artificial Intelligence Chap.5 : Uncertainty

Amateur Hour: Why APTs Are The Least Of Your Worries

1. Amateur Hour Why APTs Are the Least of Your Worries

2. Ed Bellis • Co-founder and CTO at Kenna Security, an automated risk & vulnerability intelligence platform • Orbitz CISO for 6 years • 20+ years Info Security experience including Bank of America, CSC, E&Y • Contributing Author Beautiful Security • Frequent speaker at events such as… About Me

3. Warning This presentation contains large amounts of data used for the purpose of proving an information security theory. No marketers were harmed during the making of this presentation.

4. “APT-1, Titan Rain, GhostNet, Aurora, Stuxnet, Red October, and Duqu, Oh my!!”

5. Real but Likely?? • Spreadsheets that require a black belt in Excel • COUNT ALL THE THINGS!

6. Likely or Very Likely? 74%

7. Don’t Worry, We Got This 67%

8. “What is real? How do you define real?”

9. 2016 DBIR A Sneak Preview

10. Your Threat Model Is Backwards “While 2015 was no chump when it came to successfully exploited CVEs, the tally of really old CVEs which still get exploited in 2015 suggests that the oldies are still goodies.”

11. Your Confidence Is Unwarranted “…we need to see more of targeted remediation efforts which more often than not focus on those vulnerabilities which attackers are successful with in the wild.”

12. The Great Defensive Gap

13. “Low Hanging Fruit” “if a vulnerability is going to be exploited, 30 days is a good bet for how much time you have to remediate.“

14. The Tortoise On Average it takes companies 100 to 120 days to remediate vulnerabilities.

15. Versus The Hare The probability that a CVE that is exploited in the first year will be hit X days after publication. At 40-60 days, that probability is over 90 percent.

16. Casual attacker power grows at the rate of Metasploit.

17. But HD Moore’s Law is just the Tip of the Iceberg

18. Are These Attributes In Your Threat Model?

19. What About These?

20. Secure Because Math Existing Exploit + Patch Available + RCE > Advanced Persistent Threat P for Probability! …or put another way… “Why Burn a Zero Day?”

21. Key Takeaways 1.Focus on the Basics 2.Automate your Defenses A. Configuration Management B. Patch Management C. Compensating Controls D. Continuous Deployment Make it necessary to be both Advanced and Persistent.