Detection-as-Code: Test Driven Detection Development.pdf

•

0 likes•27 views

Mauricio Velazco

Detection-as-Code: Test Driven Detection Development

Detection-as-Code:
Test Driven Detection
Development
Mauricio Velazco
@mvelazco

#whoami
✘ Threat Research @ Splunk
✘ @mvelazco
✘ Bsides, Derbycon, Defcon, BlackHat
✘ github.com/mvelazc0

1.
Introduction

Threat Detection

Challenges in Detection
https://www.cardinalops.com/siem-industry-research-report

Detection Engineering
Continuous process of building,
deploying, tuning and operating
detection analytics while applying
engineering concepts.

2.
Detection Engineering

Learning From DevOps

Learning From DevOps

Test Detections
Jose Hernandez and Patrick Bareiss, RSA 2020

Detection
Language
Version Control
System
Automated
Workflows
Test-Driven-
Development
Detection as Code Principles
Jose Hernandez and Patrick Bareiss, RSA 2020

Test Driven Development
… software development process
relying on software requirements
being converted to test cases
before software is fully developed…
https://www.kaizenko.com/what-is-test-driven-development-tdd/

Testing Detections
Jose Hernandez and Patrick Bareiss, RSA 2020

Takeaways
Applying engineering practices to
detection programs can improve
your security posture.
To shift to test driven development,
teams need the capability to
replicate attacks.

Detection-as-Code:
Test Driven Detection
Development
Mauricio Velazco
@mvelazco

More Related Content

Similar to Detection-as-Code: Test Driven Detection Development.pdf

4 approaches to integrate dev secops in development cycle

4 approaches to integrate dev secops in development cycle

4 approaches to integrate dev secops in development cycle

What skills are necessary to become a DevOps Engineer.pdf

What skills are necessary to become a DevOps Engineer.pdf

What skills are necessary to become a DevOps Engineer.pdf

All organizations want to go faster and decrease friction in their cloud software delivery pipeline. Infosec has an opportunity to change their classic approach from blocker to enabler. This talk will discuss hallmarks of CI/CD and some practical examples for adding security testing across different organizations. The talk will cover emergent patterns, practices and toolchains that bring security to the table. Presented at LASCON 2018, in Austin, TX.

The DevSecOps Builder’s Guide to the CI/CD Pipeline

The DevSecOps Builder’s Guide to the CI/CD Pipeline

The DevSecOps Builder’s Guide to the CI/CD Pipeline

Democratizing security

Democratizing security

Democratizing security

The key benefit of DevOps is speed and continuous delivery but with secure DevOps teams often suffer from the notion that there’s a tradeoff between security and speed. However, that is not the scenario always. Prudent use of Security automation allows the teams to maintain both security and speed. The automated security testing makes the security consistent and less vulnerable to human errors. Shifting of the security practices left towards the design phase is a major advantage. It is a big achievement to catch the security loophole at the design or the development phase of a new feature. This is what DevSecOps tooling strategies aim at. Check out this presentation and learn more about integrating security into DevOps with DevSecOps!

DevSecOps: Integrating Security Into DevOps! {Business Security}

DevSecOps: Integrating Security Into DevOps! {Business Security}

DevSecOps: Integrating Security Into DevOps! {Business Security}

DevOps Roadmap 2022.pdf

DevOps Roadmap 2022.pdf

DevOps Roadmap 2022.pdf

The Emergent Cloud Security Toolchain for CI/CD

The Emergent Cloud Security Toolchain for CI/CD

The Emergent Cloud Security Toolchain for CI/CD

Duration : 3 days DevSecOps stands for development, security and operations. DevSecOps is a technique for advancing toward IT security. DevSecOps is essential in light of the fact that while IT framework has developed significantly in the most recent decade, there hasn't been a proportionate headway in most of security and consistence observing devices. Thusly, most apparatuses can't test code as quick as an average DevOps condition requires. DevSecOps Training Bootcamp Course by Tonex: DevSecOps Training Bootcamp is a 3-day down to earth DevSecOps course where members gain inside and out information and abilities to apply, actualize and improve IT security in present day DevOps. DevSecOps is recommended for : Security Staff IT Leadership & IT Infrastructure CIOs, CTOs and CSO Configuration Managers Developers and Application Team Members IT Operations Staff IT Project & Program Managers Product Owners and Managers Release Engineers Agile Staff and ScrumMasters Software Developers and Team Leads System Admin Course Agenda DevOps vs. DevSecOps DevOps Security Requirements DevOps Typical Security Activities Tools for Securing DevOps Principles Behind DevSecOps DevSecOps and Application Security How to DevSecOps DevSecOps Maturity Risk Management Framework (RMF), DevOps and DevSecOps Workshops and Group Activities : Workshop 1: Plan for DevSecOps Workshop 2: Secure Code Overview Workshop 3: Create a DevSecOps plan Request more information regarding DevSecOps IT Modernization Training Bootcamp. Visit tonex.com for course and workshop detail. DevSecOps IT Modernization Training Bootcamp for Security Staff, IT Leadership https://www.tonex.com/training-courses/devsecops-training-bootcamp/

DevSecOps IT Modernization Training Bootcamp for Security Staff, IT Leadership

DevSecOps IT Modernization Training Bootcamp for Security Staff, IT Leadership

DevSecOps IT Modernization Training Bootcamp for Security Staff, IT Leadership

Today’s security professionals and software developers not only have to do more in less time; they have to do it securely. This means mitigating risk and addressing compliance requirements in an environment where: • The threat landscape continues to evolve. • Application portfolios and their risk profiles continue to shift. • Security tools are difficult to deploy, configure, and integrate into workflows. • Consumption models continue to change. How can your internal resources keep pace in this dynamic environment? Managed application security testing can be just the relief valve your organization needs. In this webinar, we’ll discuss the need for managed application security testing, the sweet spots where it offers maximum value, what you should look for in a managed application security testing provider, and highlights from Synopsys’ Managed Services offering. Today’s security professionals and software developers not only have to do more in less time; they have to do it securely. This means mitigating risk and addressing compliance requirements in an environment where: • The threat landscape continues to evolve. • Application portfolios and their risk profiles continue to shift. • Security tools are difficult to deploy, configure, and integrate into workflows. • Consumption models continue to change. How can your internal resources keep pace in this dynamic environment? Managed application security testing can be just the relief valve your organization needs. In this webinar, we’ll discuss the need for managed application security testing, the sweet spots where it offers maximum value, what you should look for in a managed application security testing provider, and highlights from Synopsys’ Managed Services offering. For more information, please visit our website at https://www.synopsys.com/software-integrity/managed-services.html

Webinar–Best Practices for DevSecOps at Scale

Webinar–Best Practices for DevSecOps at Scale

Webinar–Best Practices for DevSecOps at Scale

Synopsys Software Integrity Group

Securing Your Enterprise Continuous Delivery Pipelines with CA Automation Sol...

Securing Your Enterprise Continuous Delivery Pipelines with CA Automation Sol...

Securing Your Enterprise Continuous Delivery Pipelines with CA Automation Sol...

CA Technologies

10 things to get right for successful dev secops

10 things to get right for successful dev secops

10 things to get right for successful dev secops

DevSecOps reference architectures 2018

DevSecOps reference architectures 2018

DevSecOps reference architectures 2018

Continuous Security / DevSecOps- Why How and What

Continuous Security / DevSecOps- Why How and What

Continuous Security / DevSecOps- Why How and What

Designing a secure DevOps workflow is tough: Developers, testers, IT security teams, and managers all have different control points within the software development lifecycle. Additionally, each application in development and production has a unique profile and features. Then you have the different types of organizations which have different maturity levels and needs: Retail has different day-to-day priorities than Finance or Healthcare, although all industries are united by a need to defend against the current threat landscape of data breaches and ransomware. How do you find the right touch points? How do you build application security into your DevOps workflow successfully, turning the workflow from a process into a program?

Take Control: Design a Complete DevSecOps Program

Take Control: Design a Complete DevSecOps Program

Take Control: Design a Complete DevSecOps Program

Designing a secure DevOps workflow is tough: Developers, testers, IT security teams, and managers all have different control points within the software development lifecycle. Additionally, each application in development and production has a unique profile and features. Then you have the different types of organizations which have different maturity levels and needs: Retail has different day-to-day priorities than Finance or Healthcare, although all industries are united by a need to defend against the current threat landscape of data breaches and ransomware. How do you find the right touch points? How do you build application security into your DevOps workflow successfully, turning the workflow from a process into a program?

Take Control: Design a Complete DevSecOps Program

Take Control: Design a Complete DevSecOps Program

Take Control: Design a Complete DevSecOps Program

This talk will argue that DevOps methodologies can be applied to traditional application security practices. Only when developers and operations team members are enabled to make security a part of their everyday work will an organization's security culture change. We must meet security at the sweet spot between running a marathon and sprinting towards a software deployment. So put on your running shoes; it’s time for Dev{Sec}Ops!

Product Security

Product Security

Product Security

Your organization has already embraced the DevOps methodology? That’s a great start. But what about security? It’s a fact - many organizations fear that adding security to their DevOps practices will severely slow down their development processes. But this doesn’t need to be the case. Tune in to hear Jeff Martin, Senior Director of Product at WhiteSource and Anders Wallgren, VP of Technology Strategy at Cloudbees, as they discuss: - Why traditional DevOps has shifted, and what this will mean - Who should own security in the age of DevOps - Which tools and strategies are needed to implement continuous security throughout the DevOps pipeline

From Zero to DevSecOps: How to Implement Security at the Speed of DevOps

From Zero to DevSecOps: How to Implement Security at the Speed of DevOps

From Zero to DevSecOps: How to Implement Security at the Speed of DevOps

DevOps and Devsecops- Everything you need to know.

DevOps and Devsecops- Everything you need to know.

DevOps and Devsecops- Everything you need to know.

DevOps and Devsecops What are the Differences.pdf

DevOps and Devsecops What are the Differences.pdf

DevOps and Devsecops What are the Differences.pdf

5 principles-securing-devops-veracode-whitepaper

5 principles-securing-devops-veracode-whitepaper

5 principles-securing-devops-veracode-whitepaper

Similar to Detection-as-Code: Test Driven Detection Development.pdf (20)

4 approaches to integrate dev secops in development cycle

4 approaches to integrate dev secops in development cycle

4 approaches to integrate dev secops in development cycle

What skills are necessary to become a DevOps Engineer.pdf

What skills are necessary to become a DevOps Engineer.pdf

What skills are necessary to become a DevOps Engineer.pdf

The DevSecOps Builder’s Guide to the CI/CD Pipeline

The DevSecOps Builder’s Guide to the CI/CD Pipeline

The DevSecOps Builder’s Guide to the CI/CD Pipeline

Democratizing security

Democratizing security

Democratizing security

DevSecOps: Integrating Security Into DevOps! {Business Security}

DevSecOps: Integrating Security Into DevOps! {Business Security}

DevSecOps: Integrating Security Into DevOps! {Business Security}

DevOps Roadmap 2022.pdf

DevOps Roadmap 2022.pdf

DevOps Roadmap 2022.pdf

The Emergent Cloud Security Toolchain for CI/CD

The Emergent Cloud Security Toolchain for CI/CD

The Emergent Cloud Security Toolchain for CI/CD

DevSecOps IT Modernization Training Bootcamp for Security Staff, IT Leadership

DevSecOps IT Modernization Training Bootcamp for Security Staff, IT Leadership

DevSecOps IT Modernization Training Bootcamp for Security Staff, IT Leadership

Webinar–Best Practices for DevSecOps at Scale

Webinar–Best Practices for DevSecOps at Scale

Webinar–Best Practices for DevSecOps at Scale

Securing Your Enterprise Continuous Delivery Pipelines with CA Automation Sol...

Securing Your Enterprise Continuous Delivery Pipelines with CA Automation Sol...

Securing Your Enterprise Continuous Delivery Pipelines with CA Automation Sol...

10 things to get right for successful dev secops

10 things to get right for successful dev secops

10 things to get right for successful dev secops

DevSecOps reference architectures 2018

DevSecOps reference architectures 2018

DevSecOps reference architectures 2018

Continuous Security / DevSecOps- Why How and What

Continuous Security / DevSecOps- Why How and What

Continuous Security / DevSecOps- Why How and What

Take Control: Design a Complete DevSecOps Program

Take Control: Design a Complete DevSecOps Program

Take Control: Design a Complete DevSecOps Program

Take Control: Design a Complete DevSecOps Program

Take Control: Design a Complete DevSecOps Program

Take Control: Design a Complete DevSecOps Program

Product Security

Product Security

Product Security

From Zero to DevSecOps: How to Implement Security at the Speed of DevOps

From Zero to DevSecOps: How to Implement Security at the Speed of DevOps

From Zero to DevSecOps: How to Implement Security at the Speed of DevOps

DevOps and Devsecops- Everything you need to know.

DevOps and Devsecops- Everything you need to know.

DevOps and Devsecops- Everything you need to know.

DevOps and Devsecops What are the Differences.pdf

DevOps and Devsecops What are the Differences.pdf

DevOps and Devsecops What are the Differences.pdf

5 principles-securing-devops-veracode-whitepaper

5 principles-securing-devops-veracode-whitepaper

5 principles-securing-devops-veracode-whitepaper

More from Mauricio Velazco

Defending enterprise networks against attackers continues to present a difficult challenge for blue teams. Prevention has fallen short; improving detection & response capabilities has proven to be a step in the right direction. However, without the telemetry produced by adversary behavior, building and testing detection capabilities will be a challenging task. PurpleSharp is an open-source adversary simulation tool written in C# that executes adversary techniques against Windows environments. The resulting telemetry can be leveraged to measure and improve the efficacy of a detection program. PurpleSharp executes different behavior across the attack lifecycle following the MITRE ATT&CK Framework’s tactics: execution, persistence, privilege escalation, credential access, lateral movement, etc.

PurpleSharp BlackHat Arsenal Asia

PurpleSharp BlackHat Arsenal Asia

PurpleSharp BlackHat Arsenal Asia

Mauricio Velazco

BSides Panama 2022

BSides Panama 2022

BSides Panama 2022

Mauricio Velazco

After obtaining an initial foothold in a corporate environment, adversaries will most likely have to interact with Active Directory across the attack lifecycle before achieving operational success. Prevention has fallen short and defender's best shot at uncovering threats in their environments is to design and deploy effective monitoring/detection strategies for AD-based attacks. PurpleSharp is an open source adversary simulation tool written in C# that executes adversary techniques against Windows environments. The resulting telemetry can be leveraged to measure and improve the efficacy of a detection program. PurpleSharp executes different behavior across the attack lifecycle following the MITRE ATT&CK Framework's tactics: execution, persistence, privilege escalation, credential access, lateral movement, etc. PurpleSharp 2.0 introduces the ability to execute automated adversary simulation playbooks that are flexible and customizable against Active Directory environments. This allows defenders to measure detection coverage across various scenarios and variations of the same techniques.

BlackHat Arsenal 2021 : PurpleSharp - Active Directory Attack Simulations

BlackHat Arsenal 2021 : PurpleSharp - Active Directory Attack Simulations

BlackHat Arsenal 2021 : PurpleSharp - Active Directory Attack Simulations

Mauricio Velazco

Defending enterprise networks against attackers continues to present a difficult challenge for blue teams. Prevention has fallen short; improving detection & response capabilities has proven to be a step in the right direction. However, without the telemetry produced by adversary behavior, building new and testing existing detection capabilities will be constrained. PurpleSharp is an open source adversary simulation tool written in C# that executes adversary techniques within Windows Active Directory environments. The resulting telemetry can be leveraged to measure and improve the efficacy of a detection engineering program. PurpleSharp leverages the MITRE ATT&CK Framework and executes different techniques across the attack life cycle: execution, persistence, privilege escalation, credential access, lateral movement, etc

Defcon 29 Adversary Village: PurpleSharp - Automated Adversary Simulation

Defcon 29 Adversary Village: PurpleSharp - Automated Adversary Simulation

Defcon 29 Adversary Village: PurpleSharp - Automated Adversary Simulation

Mauricio Velazco

After obtaining an initial foothold, adversaries will most likely target or abuse Active Directory across the attack lifecycle to achieve operational success. It is essential for Blue Teams to design and deploy proper visibility & detection strategies for AD-based attacks and executing Adversary Simulation/Purple Team exercises can help. This talk will introduce the Active Directory Purple Team Playbook, a library of documented playbooks that describe how to simulate different adversary techniques targeting Active Directory. The playbooks can help blue teams measure detection coverage and identify enhancement opportunities. After this talk, attendees will be able to run purple team exercises against development or production Active Directory environments using open source tools.

SANS Purple Team Summit 2021: Active Directory Purple Team Playbooks

SANS Purple Team Summit 2021: Active Directory Purple Team Playbooks

SANS Purple Team Summit 2021: Active Directory Purple Team Playbooks

Mauricio Velazco

Demo 1: https://www.youtube.com/watch?v=cpnrCkj1308 Demo 2: https://www.youtube.com/watch?v=JmtjtiI3-fc Demo 2 1/2: https://www.youtube.com/watch?v=KRdNbYbJSiI Demo 3: https://www.youtube.com/watch?v=6gB-upKXTZ4 Automated adversary simulation is often perceived as a hard, dangerous and complicated program to implement and run. Fear no longer, our methodology and tooling will let you test and measure your defenses throughout your production environment to test not only your detection rule’s resilience but the whole event pipeline as well as your team’s response procedures. In this talk, we’ll share with the audience the open source tools we built and the methodology we use that will allow them to hit the ground running at nearly no cost.

Defcon Blue Team Village 2020: Purple On My Mind: Cost Effective Automated Ad...

Defcon Blue Team Village 2020: Purple On My Mind: Cost Effective Automated Ad...

Defcon Blue Team Village 2020: Purple On My Mind: Cost Effective Automated Ad...

Mauricio Velazco

BlackHat 2020 Arsenal - PurpleSharp: Adversary Simulation for the Blue Team

BlackHat 2020 Arsenal - PurpleSharp: Adversary Simulation for the Blue Team

BlackHat 2020 Arsenal - PurpleSharp: Adversary Simulation for the Blue Team

Mauricio Velazco

Bsides NYC 2018 - Hunting for Lateral Movement

Bsides NYC 2018 - Hunting for Lateral Movement

Bsides NYC 2018 - Hunting for Lateral Movement

Mauricio Velazco

LimaHack 2011 - Stuxnet : El arma del futuro

LimaHack 2011 - Stuxnet : El arma del futuro

LimaHack 2011 - Stuxnet : El arma del futuro

Mauricio Velazco

Peruhack 2015 - Cyberespionaje de Naciones

Peruhack 2015 - Cyberespionaje de Naciones

Peruhack 2015 - Cyberespionaje de Naciones

Mauricio Velazco

PeruHack 2014 - Post Explotacion en Entornos Windows

PeruHack 2014 - Post Explotacion en Entornos Windows

PeruHack 2014 - Post Explotacion en Entornos Windows

Mauricio Velazco

Limahack 2010 - Creando exploits para GNU/Linux

Limahack 2010 - Creando exploits para GNU/Linux

Limahack 2010 - Creando exploits para GNU/Linux

Mauricio Velazco

Limahack 2009 - SSL no esta roto ... o si ?

Limahack 2009 - SSL no esta roto ... o si ?

Limahack 2009 - SSL no esta roto ... o si ?

Mauricio Velazco

Bsides Latam 2019

Bsides Latam 2019

Bsides Latam 2019

Mauricio Velazco

ATT&CKcon 2.0 2019 - Tracking and measuring your ATT&CK coverage with ATT&CK2...

ATT&CKcon 2.0 2019 - Tracking and measuring your ATT&CK coverage with ATT&CK2...

ATT&CKcon 2.0 2019 - Tracking and measuring your ATT&CK coverage with ATT&CK2...

Mauricio Velazco

SANS Threat Hunting Summit 2018 - Hunting Lateral Movement with Windows Event...

SANS Threat Hunting Summit 2018 - Hunting Lateral Movement with Windows Event...

SANS Threat Hunting Summit 2018 - Hunting Lateral Movement with Windows Event...

Mauricio Velazco

This workshop aims to provide attendees hands-on experience on writing custom backdoor payloads using C# for the most common command and control frameworks including Metasploit, Powershell Empire and Cobalt Strike. The workshop consists in 7 lab exercises; each of the exercises goes over a different technique that leverages C# and .NET capabilities to obtain a reverse shell on a victim Windows host. The covered techniques include raw shellcode injection, process injection, process hollowing, runtime compilation, parent pid spoofing, antivirus bypassing, etc. At the end of this workshop attendees will have a clear understanding of these techniques both from an attack and defense perspective. https://www.defcon.org/html/defcon-27/dc-27-workshops.html

Defcon 27 - Writing custom backdoor payloads with C#

Defcon 27 - Writing custom backdoor payloads with C#

Defcon 27 - Writing custom backdoor payloads with C#

Mauricio Velazco

After obtaining an initial foothold on an environment, attackers are forced to embark in lateral movement techniques in order to be successful in identifying and exfiltrating sensitive information. To stay ahead of the bad guys, the Blue team needs to have a clear understanding of these techniques as well as the forensic artifacts these techniques leave behind on the victim hosts. Armed with this knowledge, we can proactively hunt for lateral movement in the environment before exfiltration can occur. This presentation will analyze Lateral Movement from both a Red and Blue team perspective and introduce Oriana, a lateral movement hunting tool that can assist the Blue team in catching the adversary.

Derbycon 2017: Hunting Lateral Movement For Fun & Profit

Derbycon 2017: Hunting Lateral Movement For Fun & Profit

Derbycon 2017: Hunting Lateral Movement For Fun & Profit

Mauricio Velazco

Bsides Long Island 2019

Bsides Long Island 2019

Bsides Long Island 2019

Mauricio Velazco

Bsides Baltimore 2019: Embrace the Red Enhancing detection capabilities with ...

Bsides Baltimore 2019: Embrace the Red Enhancing detection capabilities with ...

Bsides Baltimore 2019: Embrace the Red Enhancing detection capabilities with ...

Mauricio Velazco

More from Mauricio Velazco (20)

PurpleSharp BlackHat Arsenal Asia

PurpleSharp BlackHat Arsenal Asia

PurpleSharp BlackHat Arsenal Asia

BSides Panama 2022

BSides Panama 2022

BSides Panama 2022

BlackHat Arsenal 2021 : PurpleSharp - Active Directory Attack Simulations

BlackHat Arsenal 2021 : PurpleSharp - Active Directory Attack Simulations

BlackHat Arsenal 2021 : PurpleSharp - Active Directory Attack Simulations

Defcon 29 Adversary Village: PurpleSharp - Automated Adversary Simulation

Defcon 29 Adversary Village: PurpleSharp - Automated Adversary Simulation

Defcon 29 Adversary Village: PurpleSharp - Automated Adversary Simulation

SANS Purple Team Summit 2021: Active Directory Purple Team Playbooks

SANS Purple Team Summit 2021: Active Directory Purple Team Playbooks

SANS Purple Team Summit 2021: Active Directory Purple Team Playbooks

Defcon Blue Team Village 2020: Purple On My Mind: Cost Effective Automated Ad...

Defcon Blue Team Village 2020: Purple On My Mind: Cost Effective Automated Ad...

Defcon Blue Team Village 2020: Purple On My Mind: Cost Effective Automated Ad...

BlackHat 2020 Arsenal - PurpleSharp: Adversary Simulation for the Blue Team

BlackHat 2020 Arsenal - PurpleSharp: Adversary Simulation for the Blue Team

BlackHat 2020 Arsenal - PurpleSharp: Adversary Simulation for the Blue Team

Bsides NYC 2018 - Hunting for Lateral Movement

Bsides NYC 2018 - Hunting for Lateral Movement

Bsides NYC 2018 - Hunting for Lateral Movement

LimaHack 2011 - Stuxnet : El arma del futuro

LimaHack 2011 - Stuxnet : El arma del futuro

LimaHack 2011 - Stuxnet : El arma del futuro

Peruhack 2015 - Cyberespionaje de Naciones

Peruhack 2015 - Cyberespionaje de Naciones

Peruhack 2015 - Cyberespionaje de Naciones

PeruHack 2014 - Post Explotacion en Entornos Windows

PeruHack 2014 - Post Explotacion en Entornos Windows

PeruHack 2014 - Post Explotacion en Entornos Windows

Limahack 2010 - Creando exploits para GNU/Linux

Limahack 2010 - Creando exploits para GNU/Linux

Limahack 2010 - Creando exploits para GNU/Linux

Limahack 2009 - SSL no esta roto ... o si ?

Limahack 2009 - SSL no esta roto ... o si ?

Limahack 2009 - SSL no esta roto ... o si ?

Bsides Latam 2019

Bsides Latam 2019

Bsides Latam 2019

ATT&CKcon 2.0 2019 - Tracking and measuring your ATT&CK coverage with ATT&CK2...

ATT&CKcon 2.0 2019 - Tracking and measuring your ATT&CK coverage with ATT&CK2...

ATT&CKcon 2.0 2019 - Tracking and measuring your ATT&CK coverage with ATT&CK2...

SANS Threat Hunting Summit 2018 - Hunting Lateral Movement with Windows Event...

SANS Threat Hunting Summit 2018 - Hunting Lateral Movement with Windows Event...

SANS Threat Hunting Summit 2018 - Hunting Lateral Movement with Windows Event...

Defcon 27 - Writing custom backdoor payloads with C#

Defcon 27 - Writing custom backdoor payloads with C#

Defcon 27 - Writing custom backdoor payloads with C#

Derbycon 2017: Hunting Lateral Movement For Fun & Profit

Derbycon 2017: Hunting Lateral Movement For Fun & Profit

Derbycon 2017: Hunting Lateral Movement For Fun & Profit

Bsides Long Island 2019

Bsides Long Island 2019

Bsides Long Island 2019

Bsides Baltimore 2019: Embrace the Red Enhancing detection capabilities with ...

Bsides Baltimore 2019: Embrace the Red Enhancing detection capabilities with ...

Bsides Baltimore 2019: Embrace the Red Enhancing detection capabilities with ...

Recently uploaded

Unlock the mysteries of successful Salesforce interviews in this insightful session hosted by Hugo Rosario (Salesforce Customer), a seasoned hiring manager that leads the Salesforce Department of multinational company with over 100 interviews under their belt. Step into the manager's chair and gain exclusive behind-the-scenes insights into what makes a Salesforce consultant stand out during the interview process. From deciphering the unspoken cues to mastering key strategies, we'll explore the intricacies of the interview process and provide practical tips for consultants looking to not only pass interviews but also thrive in their roles. Whether you're a seasoned professional or just starting your Salesforce journey, this session is your backstage pass to the secrets that hiring managers wish you knew.

Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...

Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...

Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...

Extensible Python: Robustness through Addition - PyCon 2024

Extensible Python: Robustness through Addition - PyCon 2024

Extensible Python: Robustness through Addition - PyCon 2024

Patrick Viafore

The standard Salesforce Approval process can be limiting in many ways, especially in complex scenarios. What if there was a way to implement very flexible approvals where one can use Apex code to make data updates in unrelated records, dynamically generate next steps details, and compute assignees on the fly? And still use UI-based configurations to implement concrete approval processes. In this session, we will share ideas behind such a solution and show a few lines of code to get you started.

Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder

Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder

Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder

The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf

The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf

The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf

How to differentiate Sales Cloud and CPQ on first glance might be tricky if you do not know where to look and what to look at. You will know :-) Managing the sales process within Salesforce is a common use case that can be managed with standart Sales Cloud. If you want to do entire quoting process you will find out Salesforce CPQ solution exists. What is then the difference if both can handle selling products? You will see comparison of 10 different features, which Sales Cloud and Salesforce CPQ handle differently. Simple question you will always remember if you should consider using Salesforce CPQ will be a cherry on top.

10 Differences between Sales Cloud and CPQ, Blanka Doktorová

10 Differences between Sales Cloud and CPQ, Blanka Doktorová

10 Differences between Sales Cloud and CPQ, Blanka Doktorová

Agentic RAG What it is its types applications and implementation.pdf

Agentic RAG What it is its types applications and implementation.pdf

Agentic RAG What it is its types applications and implementation.pdf

ChristopherTHyatt

Welcome to UiPath Test Automation using UiPath Test Suite series part 2. In this session, we will cover API test automation along with a web automation demo. Topics covered: Test Automation introduction API Example of API automation Web automation demonstration Speaker Pathrudu Chintakayala, Associate Technical Architect @Yash and UiPath MVP Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP

UiPath Test Automation using UiPath Test Suite series, part 2

UiPath Test Automation using UiPath Test Suite series, part 2

UiPath Test Automation using UiPath Test Suite series, part 2

WSO2CONMay2024OpenSourceConferenceDebrief.pptx

WSO2CONMay2024OpenSourceConferenceDebrief.pptx

WSO2CONMay2024OpenSourceConferenceDebrief.pptx

Intro in Product Management - Коротко про професію продакт менеджера

Intro in Product Management - Коротко про професію продакт менеджера

Intro in Product Management - Коротко про професію продакт менеджера

This talk offers actionable insights at an executive level for enhancing productivity and refining your portfolio management approach to propel your organization to greater heights. Key Points Covered: 1. Experience Transformation: - The core challenge remains consistent across organizations: converting budget into user-centric designs. - Strategies for deploying design resources effectively in both startups and large enterprises. 2. Strategic Frameworks: - Introduction to the "Ziggurat of Impact" model, detailing layers from basic system interactions to comprehensive customer experiences. - Practical insights on creating frameworks that scale with organizational complexity. 3. Organizational Impact: - Real-world examples of navigating design in large settings, focusing on the synthesis of consumer products and customer experiences. - Emphasis on the importance of designing systems that directly influence customer interactions. 4. Design Execution: - Detailed walkthrough of organizational layers affecting design execution, from touchpoints and customer activities to shared capabilities. - How to ensure design influences both the micro and macro aspects of customer interactions. 5. Measurement and Adaptation: - Techniques for measuring the impact of design decisions and adapting strategies based on data-driven insights. - The critical role of continuous improvement and feedback in refining customer experiences.

Structuring Teams and Portfolios for Success

Structuring Teams and Portfolios for Success

Structuring Teams and Portfolios for Success

Discover the top Symfony development companies that excel in creating robust and scalable web applications. Our latest blog highlights the best firms specializing in Symfony, known for their expertise in delivering high-performance solutions. Whether you’re looking to start a new project or enhance an existing one, these companies offer the skills and experience needed to bring your vision to life. Read more to find your perfect Symfony development partner.

Top 10 Symfony Development Companies 2024

Top 10 Symfony Development Companies 2024

Top 10 Symfony Development Companies 2024

When you think of a highly secure meeting environment, do you instantly think 'Microsoft Teams'!? Or do you think about some unknown application, troublesome UI and daunting login process...? If you think the latter - let's change that! In this session Femke will show you how using Teams Premium features can create secure, but also good looking meetings! PRETTY. Make sure your company's brand is represented before, during and after the meeting with Customization policies in place. SECURE. Lets utilize Meeting templates and Sensitivity Labels to protect your meeting and data to prevent sensitive information from being leaked. After this session, you will have a clear understanding of the capabilities of Teams Premium features and how to set up the perfect meeting that suits your organizational requirements!

ECS 2024 Teams Premium - Pretty Secure

ECS 2024 Teams Premium - Pretty Secure

ECS 2024 Teams Premium - Pretty Secure

Femke de Vroome

Syngulon’s technology expands the capacity for selection of microorganisms. The ability to select individual microbes with a behavior of interest is essential, whether for simple cloning at the bench, or for industry-scale production. Synthetic biology uses the concept of “bioengineering” to improve or modify existing genetic systems to create microbes with desired behaviors, and Syngulon uses this approach to develop its selection technologies. This selection technology is based on bacteriocins, ribosomally-produced peptides naturally made by most bacteria to kill competitive microbial species. These bacteriocins can have a limited or wide target range against other microbial species. This technology offers advantageous over antibiotic selection for several reasons: it avoids the use of antibiotics in the first place, helping to reduce the spread of antibiotic resistant microbes. The technology also increases product yield; as bacteriocins are generally smaller peptides, they do not impose a heavy metabolic burden on the producing cell. They can have a wide target specificity, helping to avoid genetic drift. Finally, our system is 100% plasmid-based (e.g. without chromosomal mutations), making it applicable for use in any E. coli strains.

Syngulon - Selection technology May 2024.pdf

Syngulon - Selection technology May 2024.pdf

Syngulon - Selection technology May 2024.pdf

You’ve heard good data matters in Machine Learning, but does it matter for Generative AI applications? Corporate data often differs significantly from the general Internet data used to train most foundation models. Join me for a demo on building an open source RAG (Retrieval Augmented Generation) stack using Milvus vector database for Retrieval, LangChain, Llama 3 with Ollama, Ragas RAG Eval, and optional Zilliz cloud, OpenAI.

Introduction to Open Source RAG and RAG Evaluation

Introduction to Open Source RAG and RAG Evaluation

Introduction to Open Source RAG and RAG Evaluation

IESVE for Early Stage Design and Planning

IESVE for Early Stage Design and Planning

IESVE for Early Stage Design and Planning

AI presentation and introduction - Retrieval Augmented Generation RAG 101

AI presentation and introduction - Retrieval Augmented Generation RAG 101

AI presentation and introduction - Retrieval Augmented Generation RAG 101

The Epson EcoTank L3210 is a high-performance and cost-efficient printer designed to meet the printing needs of both home users and small businesses. Equipped with Epson’s revolutionary EcoTank ink tank system, the Epson eliminates the need for traditional ink cartridges, thereby significantly reducing printing costs and plastic waste. With its PrecisionCore technology, this printer delivers sharp, vibrant prints for both documents and photos. Its user-friendly design ensures easy setup and operation, while its compact form factor saves valuable desk space. Whether it’s everyday printing jobs or creative projects, the Epson EcoTank L3210 provides a reliable and eco-friendly printing solution.

Buy Epson EcoTank L3210 Colour Printer Online.pdf

Buy Epson EcoTank L3210 Colour Printer Online.pdf

Buy Epson EcoTank L3210 Colour Printer Online.pdf

EasyPrinterHelp

Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf

Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf

Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf

We're living the AI revolution and Salesforce is adapting and bring new value to their customers. Einstein products are evolving rapidly and navigating their limitations, language support, and use cases can be challenging. Let's make review of what Einstein product are available currently, what are the capabilities and what can be used for in CEE region and how Rossie.ai can help to learn Salesforce speak Czech. We will explore the Einstein roadmap and I will make a short live demo (based on your vote) of some Einstein feature.

AI revolution and Salesforce, Jiří Karpíšek

AI revolution and Salesforce, Jiří Karpíšek

AI revolution and Salesforce, Jiří Karpíšek

Already know how to write a basic SOQL query? Great! But what about an *aggregate* SOQL query? You know, the kind that uses aggregate functions like COUNT & MAX along with GROUP BY and HAVING clauses? No? Well, get ready to learn how to slice & dice your org’s data right inside your own dev console. From finding duplicate records to prototyping summary & matrix reports, learn the ins and outs of aggregate queries during this fast-paced but admin-friendly session on advanced SOQL concepts.

SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...

SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...

SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...

Recently uploaded (20)

Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...

Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...

Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...

Extensible Python: Robustness through Addition - PyCon 2024

Extensible Python: Robustness through Addition - PyCon 2024

Extensible Python: Robustness through Addition - PyCon 2024

Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder

Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder

Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder

The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf

The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf

The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf

10 Differences between Sales Cloud and CPQ, Blanka Doktorová

10 Differences between Sales Cloud and CPQ, Blanka Doktorová

10 Differences between Sales Cloud and CPQ, Blanka Doktorová

Agentic RAG What it is its types applications and implementation.pdf

Agentic RAG What it is its types applications and implementation.pdf

Agentic RAG What it is its types applications and implementation.pdf

UiPath Test Automation using UiPath Test Suite series, part 2

UiPath Test Automation using UiPath Test Suite series, part 2

UiPath Test Automation using UiPath Test Suite series, part 2

WSO2CONMay2024OpenSourceConferenceDebrief.pptx

WSO2CONMay2024OpenSourceConferenceDebrief.pptx

WSO2CONMay2024OpenSourceConferenceDebrief.pptx

Intro in Product Management - Коротко про професію продакт менеджера

Intro in Product Management - Коротко про професію продакт менеджера

Intro in Product Management - Коротко про професію продакт менеджера

Structuring Teams and Portfolios for Success

Structuring Teams and Portfolios for Success

Structuring Teams and Portfolios for Success

Top 10 Symfony Development Companies 2024

Top 10 Symfony Development Companies 2024

Top 10 Symfony Development Companies 2024

ECS 2024 Teams Premium - Pretty Secure

ECS 2024 Teams Premium - Pretty Secure

ECS 2024 Teams Premium - Pretty Secure

Syngulon - Selection technology May 2024.pdf

Syngulon - Selection technology May 2024.pdf

Syngulon - Selection technology May 2024.pdf

Introduction to Open Source RAG and RAG Evaluation

Introduction to Open Source RAG and RAG Evaluation

Introduction to Open Source RAG and RAG Evaluation

IESVE for Early Stage Design and Planning

IESVE for Early Stage Design and Planning

IESVE for Early Stage Design and Planning

AI presentation and introduction - Retrieval Augmented Generation RAG 101

AI presentation and introduction - Retrieval Augmented Generation RAG 101

AI presentation and introduction - Retrieval Augmented Generation RAG 101

Buy Epson EcoTank L3210 Colour Printer Online.pdf

Buy Epson EcoTank L3210 Colour Printer Online.pdf

Buy Epson EcoTank L3210 Colour Printer Online.pdf

Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf

Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf

Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf

AI revolution and Salesforce, Jiří Karpíšek

AI revolution and Salesforce, Jiří Karpíšek

AI revolution and Salesforce, Jiří Karpíšek

SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...

SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...

SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...

Detection-as-Code: Test Driven Detection Development.pdf

1. Detection-as-Code: Test Driven Detection Development Mauricio Velazco @mvelazco

2. #whoami ✘ Threat Research @ Splunk ✘ @mvelazco ✘ Bsides, Derbycon, Defcon, BlackHat ✘ github.com/mvelazc0

3. 1. Introduction

4. Threat Detection

5. Challenges in Detection https://www.cardinalops.com/siem-industry-research-report

6. Detection Engineering Continuous process of building, deploying, tuning and operating detection analytics while applying engineering concepts.

7. 2. Detection Engineering

8. Learning From DevOps

9. Learning From DevOps

10. Test Detections Jose Hernandez and Patrick Bareiss, RSA 2020

11. Detection Language Version Control System Automated Workflows Test-Driven- Development Detection as Code Principles Jose Hernandez and Patrick Bareiss, RSA 2020

12. Test Driven Development … software development process relying on software requirements being converted to test cases before software is fully developed… https://www.kaizenko.com/what-is-test-driven-development-tdd/

13. Testing Detections Jose Hernandez and Patrick Bareiss, RSA 2020

14. Takeaways Applying engineering practices to detection programs can improve your security posture. To shift to test driven development, teams need the capability to replicate attacks.

15. Detection-as-Code: Test Driven Detection Development Mauricio Velazco @mvelazco