2. About me
System engineer - Mainframe,
Windows NT Server, UNIX
System V, C programmer
Security Engineer - IDS/
IPS,WAF,ADC,SSL,NAC
CISSP,CISA,GWAPT,
SnortCP, failed OSCP test.
SecurityArchitect - tenable
5. Cyber Kill Chain
Publish in 2011 by
Lockheed Martin Corp (8
years ago)
US Military Process
Find,Fix,Trace,Target,
Engage and
Assess(F2T2EA)
https://www.lockheedmartin.com/content/dam/lockheed-martin/rms/documents/cyber/LM-White-Paper-Intel-Driven-Defense.pdf
12. Detect Reconnaissance
Suspicious access to corporate web site
country/region/time
High volume on some pages
https://haveibeenpwned.com/DomainSearch
7 days before weaponised (Tenable Research)
18. Detecting Weaponised
Research + Research
Security Community
Exploit-db
Twitter
Zero day exploit?
https://en.wikipedia.org/wiki/Sun_Tzu#/media/File:Bamboo_book_-_binding_-_UCR.jpg