Gildas Deograt - Effective Honeynet in High Grade Security Strategy

•

1 gefällt mir•951 views

This document discusses effective strategies for implementing honeynets in security. It describes different levels of potential attackers from very high to low. It explains how honeynets can be used to identify unauthorized and potentially malicious authorized users by separating production systems from external honeynet systems. The document also lists requirements for a high grade security strategy using integrated tools like honeynets, honeypots, honeytokens, network intrusion detection systems, and security information and event management.

Technologie Bildung

XECUREIT.COM
“Your Security,
Our Passion”
Consultancy
Assurance
Research
Education
Effective Honeynet in
High Grade Security Strategy
"Feeling secure is dangerous. It makes us complacent."
"Rasa aman berbahaya. Rasa aman membuat kita lengah."
Gildas Deograt Lumy, CISA, CISSP, ISO27001 LA
Chief Technology Officer
gildas@xecureit.com

Effective HoneynetPage 2 XECUREIT.COM
Example

Effective HoneynetPage 3 XECUREIT.COM
Enemy Level
 Very High
● Government grade attacker
● “Unlimited” resources, “lawful”
 High
● High level of expertise, using advance in-house developed tools,
budget <USD 1 Million
● Authorized users both consciously and as victims of social engineering
 Medium
● Have expertise, using public or customized tools, budget <USD100,000
● Known Attacker, such as employees, contractors, partners or customers
both consciously and as victims of social engineering
 Low / Very Low
● Script kiddies, new born attacker, using public tools, budget <USD10,000
● Unknown Attacker (Public)

Effective HoneynetPage 4 XECUREIT.COM
Easy to know your enemy ;)
(Production)
group_server1.organisasi.id
group_server2.organisasi.id
(External Honeynet)

Effective HoneynetPage 5 XECUREIT.COM
How to know the malicious authorized user?
(Production)
group_server1.organisasi.id
group_server2.organisasi.id
(External Honeynet)

Effective HoneynetPage 6 XECUREIT.COM
Easy to know the “potential” malicious authorized users
(Production)
group_server1.organisasi.id
group_server2.organisasi.id
(External Honeynet)

Effective HoneynetPage 7 XECUREIT.COM
Easy to know the malicious authorized users
(Production)
group_server1.organisasi.id
group_server2.organisasi.id
(External Honeynet)

Effective HoneynetPage 8 XECUREIT.COM
Requirements
 High Grade Security Strategy
● Appropriate information security classification.
● Balance prevention and detection mechanism.
● Effective systems “separation of duties”.
● Clear understanding of information security policies and
procedures (Do’s and Dont’s).
 Integrated Tools
● Honeynet, Honeypot & Honeytoken
● Network-based IDS
● SIEM

XECUREIT.COM
“Your Security,
Our Passion”
Consultancy
Assurance
Research
Education
TERIMAKASIH
THANK YOU
"Feeling secure is dangerous. It makes us complacent."
"Rasa aman berbahaya. Rasa aman membuat kita lengah."
Gildas Deograt Lumy, CISA, CISSP, ISO27001 LA
Chief Technology Officer
gildas@xecureit.com

Weitere ähnliche Inhalte

Ähnlich wie Gildas Deograt - Effective Honeynet in High Grade Security Strategy

CyberSecurity Study Jam

SahilSingh368445

Cyber_Security_Issues_and_Challenges.pptx

GracePeter10

Insider threats come in a variety of forms and may be malicious or simply the result of negligence. Insider attacks can cause more damage than outsider threats, so it is important that organizations understand how to protect against and remedy insider threats. Learn more about insider threats and GTRI's Insider Threat Security Solution in this presentation. (Source: GTRI) This presentation includes information about Cisco Stealthwatch, which goes beyond conventional threat detection and harnesses the power of NetFlow. With it, you get advanced network visibility, analytics, and protection. You see everything happening across your network and data center. And you can uncover attacks that bypass the perimeter and infiltrate your internal environment. (Source: Cisco)

Insider Threat Solution from GTRI

Zivaro Inc

Security experts from Mediacurrent, Townsend Security and Lockr uncover how you can protect your site from the growing cybercrime business by starting off on the right foot. This interactive webinar will get you the foundation you need to protect your site and your organization when using Drupal. YOU'LL LEARN: Security by design in Drupal Site audit and security best practices Encrypting sensitive data Key management (encryption & API) Resources to improve security

Security by Design: An Introduction to Drupal Security

Tara Arnold

Security by design: An Introduction to Drupal Security

Mediacurrent

2013 12 18 webcast - building the privileged identity management business case

pmcbrideva1

Cyber intelligence-services

Cyber 51 LLC

Insomnihack 2018 - Securing Internal Resources Through Tiered Access

Joel M. Leo

Have you ever been infected by a computer virus or experienced online fraud? Our electronic world poses diverse threats to our online security that have very real financial and personal consequences. Viruses and other malware, identity theft, credit card fraud, social media threats, cyber stalking – are all among the supernumerary risks that we face in our electronic world. Come learn what you can do in very practical terms to protect and secure your digital life. By the end of this course you will have a tool to arm yourself and shield your digital world. Join us for a down to earth, jargon free and fun exploration and learn the practical ways you can safeguard your identity, reputation and financial health.

Staying Safe and Secure Online

evolutionaryit

Insight live om It-sikkerhed- Peter Schjøtt

Mediehuset Ingeniøren Live

Advanced Persistent Threat - Evaluating Effective Responses

NetIQ

Despite huge investments in anti-virus software, next-gen firewalls, and IPS platforms, companies are still getting hacked. The new generation of advanced targeted attacks bypasses traditional defenses and put sensitive data at risk. It takes just minutes from the time an organization is compromised to the exfiltration of sensitive data. What's needed is a security solution that can detect and block data center threats while allowing easy, appropriate access to the assets essential to running your business. This presentation from Imperva and FireEye addresses data center security requirements and solutions.

Detect & Remediate Malware & Advanced Targeted Attacks

Imperva

Data Security for Small and Medium Entreprises, Impact and what they can do to improve the security posture in their organization: 1. Impact of a data breach 2. Misconception about cybersecurity a. Small Businesses are too small to be a target b. An antivirus software & firewall is enough c. Using the cloud is less secure d. The cost of Cybersecurity solutions is too high 3. Key steps to do to improve overall cyber security

Data Security for MSME

Deepak Gupta

apidays LIVE Paris 2021 - How password managers are built for Privacy and Sec...

apidays

Defcamp 2013 - Does it pay to be a blackhat hacker

DefCamp

Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker

Dan Vasile

Retail security-services--client-presentation

Joseph Schorr

Entersoft is an award winning application security provider trusted by over 300 global brands. Our approach is a combination of offensive assessment, proactive monitoring and pragmatic managed security which provides highly cost effective and reliable solutions to some of the most pressing problems in Cyber Security. Through our unique model, we found bugs in Yahoo!, Blackberry, Dropbox and other 150+ organizations.

Application Security by Ethical Hackers

Entersoft

Single-line of defence security is no longer enough. Organisations need to build security across everything they do - business processes, data handling, platforms, products and services, and understand security as an evolving, responsive, agile setup. In this talk, Dave explains how technology foundations for secure product development and an agile security setup across the board can promote sustainable innovation and enhance cyber-resilience overall.

Security by default - Building continuous cyber-resilience.

Thoughtworks

The Future of Cyber Security - Matthew Rosenquist

Matthew Rosenquist

Ähnlich wie Gildas Deograt - Effective Honeynet in High Grade Security Strategy (20)

CyberSecurity Study Jam

Cyber_Security_Issues_and_Challenges.pptx

Insider Threat Solution from GTRI

Security by Design: An Introduction to Drupal Security

Security by design: An Introduction to Drupal Security

2013 12 18 webcast - building the privileged identity management business case

Cyber intelligence-services

Insomnihack 2018 - Securing Internal Resources Through Tiered Access

Staying Safe and Secure Online

Insight live om It-sikkerhed- Peter Schjøtt

Advanced Persistent Threat - Evaluating Effective Responses

Detect & Remediate Malware & Advanced Targeted Attacks

Data Security for MSME

apidays LIVE Paris 2021 - How password managers are built for Privacy and Sec...

Defcamp 2013 - Does it pay to be a blackhat hacker

Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker

Retail security-services--client-presentation

Application Security by Ethical Hackers

Security by default - Building continuous cyber-resilience.

The Future of Cyber Security - Matthew Rosenquist

Mehr von Indonesia Honeynet Chapter

Charles Lim - Honeynet Indonesia Chapter

Indonesia Honeynet Chapter

Lukas - Ancaman E-Health Security

Indonesia Honeynet Chapter

Karunia Wijaya - Proactive Incident Handling

Indonesia Honeynet Chapter

Iwan Sumantri - Cyber Threat Indonesia 2013

Indonesia Honeynet Chapter

I.G.N. Mantra - Mobile Security, Mobile Malware,and Countermeasure

Indonesia Honeynet Chapter

Hogan Kusnadi - Cloud Computing Secutity

Indonesia Honeynet Chapter

Amien Harisen - APT1 Attack

Indonesia Honeynet Chapter

Ahmad Alkazimy - Indonesia Malware Incident Updates

Indonesia Honeynet Chapter

Mehr von Indonesia Honeynet Chapter (8)

Charles Lim - Honeynet Indonesia Chapter

Lukas - Ancaman E-Health Security

Karunia Wijaya - Proactive Incident Handling

Iwan Sumantri - Cyber Threat Indonesia 2013

I.G.N. Mantra - Mobile Security, Mobile Malware,and Countermeasure

Hogan Kusnadi - Cloud Computing Secutity

Amien Harisen - APT1 Attack

Ahmad Alkazimy - Indonesia Malware Incident Updates

Kürzlich hochgeladen

💥 You’re lucky! We’ve found two different (lead) developers that are willing to share their valuable lessons learned about using UiPath Document Understanding! Based on recent implementations in appealing use cases at Partou and SPIE. Don’t expect fancy videos or slide decks, but real and practical experiences that will help you with your own implementations. 📕 Topics that will be addressed: • Training the ML-model by humans: do or don't? • Rule-based versus AI extractors • Tips for finding use cases • How to start 👨‍🏫👨‍💻 Speakers: o Dion Morskieft, RPA Product Owner @Partou o Jack Klein-Schiphorst, Automation Developer @Tacstone Technology

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam

UiPathCommunity

The value of a flexible API Management solution for Open Banking Steve Melan, Manager for IT Innovation and Architecture - State's and Saving's Bank of Luxembourg Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - The value of a flexible API Management solution for O...

apidays

Accelerating FinTech Innovation: Unleashing API Economy and GenAI Vasa Krishnan, Chief Technology Officer - FinResults Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...

apidays

AWS Community Day CPH - Three problems of Terraform

Andrey Devyatkin

Join our latest Connector Corner webinar to discover how UiPath Integration Service revolutionizes API-centric automation in a 'Quote to Cash' process—and how that automation empowers businesses to accelerate revenue generation. A comprehensive demo will explore connecting systems, GenAI, and people, through powerful pre-built connectors designed to speed process cycle times. Speakers: James Dickson, Senior Software Engineer Charlie Greenberg, Host, Product Marketing Manager

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...

DianaGray10

Boost Fertility New Invention Ups Success Rates.pdf

sudhanshuwaghmare1

The action of the next cyber saga takes place in the mystical lands of the Asia-Pacific region, where the main characters began their digital activities in the middle of 2021 and qualitatively strengthened it in 2022. Corporate espionage, document theft, audio recordings, and data leaks from messaging platforms were all a matter of one day for Dark Pink. Their geographical focus may have started in the Asia-Pacific region, but their ambitions knew no bounds, targeting a European government ministry in a bold move to expand their portfolio. Their victim profile was as diverse as a UN meeting, targeting military organizations, government agencies, and even a religious organization. Because discrimination is not a fashionable agenda. In the world of cybercrime, they serve as a reminder that sometimes the most serious threats come in the most unassuming packages with a pink bow.

Cyberprint. Dark Pink Apt Group [EN].pdf

Overkill Security

Abhishek Deb(1), Mr Abdul Kalam(2) M. Des (UX) , School of Design, DIT University , Dehradun. This paper explores the future potential of AI-enabled smartphone processors, aiming to investigate the advancements, capabilities, and implications of integrating artificial intelligence (AI) into smartphone technology. The research study goals consist of evaluating the development of AI in mobile phone processors, analyzing the existing state as well as abilities of AI-enabled cpus determining future patterns as well as chances together with reviewing obstacles as well as factors to consider for more growth.

Exploring the Future Potential of AI-Enabled Smartphone Processors

debabhi2

💉💊+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHABI}}+971581248768 +971581248768 Mtp-Kit (500MG) Prices » Dubai [(+971581248768**)] Abortion Pills For Sale In Dubai, UAE, Mifepristone and Misoprostol Tablets Available In Dubai, UAE CONTACT DR.Maya Whatsapp +971581248768 We Have Abortion Pills / Cytotec Tablets /Mifegest Kit Available in Dubai, Sharjah, Abudhabi, Ajman, Alain, Fujairah, Ras Al Khaimah, Umm Al Quwain, UAE, Buy cytotec in Dubai +971581248768''''Abortion Pills near me DUBAI | ABU DHABI|UAE. Price of Misoprostol, Cytotec” +971581248768' Dr.DEEM ''BUY ABORTION PILLS MIFEGEST KIT, MISOPROTONE, CYTOTEC PILLS IN DUBAI, ABU DHABI,UAE'' Contact me now via What's App…… abortion Pills Cytotec also available Oman Qatar Doha Saudi Arabia Bahrain Above all, Cytotec Abortion Pills are Available In Dubai / UAE, you will be very happy to do abortion in Dubai we are providing cytotec 200mg abortion pill in Dubai, UAE. Medication abortion offers an alternative to Surgical Abortion for women in the early weeks of pregnancy. We only offer abortion pills from 1 week-6 Months. We then advise you to use surgery if its beyond 6 months. Our Abu Dhabi, Ajman, Al Ain, Dubai, Fujairah, Ras Al Khaimah (RAK), Sharjah, Umm Al Quwain (UAQ) United Arab Emirates Abortion Clinic provides the safest and most advanced techniques for providing non-surgical, medical and surgical abortion methods for early through late second trimester, including the Abortion By Pill Procedure (RU 486, Mifeprex, Mifepristone, early options French Abortion Pill), Tamoxifen, Methotrexate and Cytotec (Misoprostol). The Abu Dhabi, United Arab Emirates Abortion Clinic performs Same Day Abortion Procedure using medications that are taken on the first day of the office visit and will cause the abortion to occur generally within 4 to 6 hours (as early as 30 minutes) for patients who are 3 to 12 weeks pregnant. When Mifepristone and Misoprostol are used, 50% of patients complete in 4 to 6 hours; 75% to 80% in 12 hours; and 90% in 24 hours. We use a regimen that allows for completion without the need for surgery 99% of the time. All advanced second trimester and late term pregnancies at our Tampa clinic (17 to 24 weeks or greater) can be completed within 24 hours or less 99% of the time without the need surgery. The procedure is completed with minimal to no complications. Our Women's Health Center located in Abu Dhabi, United Arab Emirates, uses the latest medications for medical abortions (RU-486, Mifeprex, Mifegyne, Mifepristone, early options French abortion pill), Methotrexate and Cytotec (Misoprostol). The safety standards of our Abu Dhabi, United Arab Emirates Abortion Doctors remain unparalleled. They consistently maintain the lowest complication rates throughout the nation. Our Physicians and staff are always available to answer questions and care for women in one of the most difficult times in their lives. The decision to have an abortion at the Abortion Cl

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@

presentation ICT roal in 21st century education

jfdjdjcjdnsjd

In the thrilling conclusion to 2023, ransomware groups had a banner year, really outdoing themselves in the "make everyone's life miserable" department. LockBit 3.0 took gold in the hacking olympics, followed by the plucky upstarts Clop and ALPHV/BlackCat. Apparently, 48% of organizations were feeling left out and decided to get in on the cyber attack action. Business services won the "most likely to get digitally mugged" award, with education and retail nipping at their heels. Hackers expanded their repertoire beyond boring old encryption to the much more exciting world of extortion. The US, UK and Canada took top honors in the "countries most likely to pay up" category. Bitcoins were the currency of choice for discerning hackers, because who doesn't love untraceable money?

Ransomware_Q4_2023. The report. [EN].pdf

Overkill Security

Passkeys: Developing APIs to enable passwordless authentication Cody Salas, Sr Developer Advocate | Solutions Architect - Yubico Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...

apidays

Dubai, known for its towering skyscrapers, luxurious lifestyle, and relentless pursuit of innovation, often finds itself in the global spotlight. However, amidst the glitz and glamour, the emirate faces its own set of challenges, including the occasional threat of flooding. In recent years, Dubai has experienced sporadic but significant floods, disrupting normalcy and posing unique challenges to its infrastructure. Among the critical nodes in this bustling metropolis is the Dubai International Airport, a vital hub connecting the world. This article delves into the intersection of Dubai flood events and the resilience demonstrated by the Dubai International Airport in the face of such challenges.

Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf

Orbitshub

FWD Group - Insurer Innovation Award 2024

The Digital Insurer

Webinar Recording: https://www.panagenda.com/webinars/why-teams-call-analytics-is-critical-to-your-entire-business Nothing is as frustrating and noticeable as being in an important call and being unable to see or hear the other person. Not surprising then, that issues with Teams calls are among the most common problems users call their helpdesk for. Having in depth insight into everything relevant going on at the user’s device, local network, ISP and Microsoft itself during the call is crucial for good Microsoft Teams Call quality support. To ensure a quick and adequate solution and to ensure your users get the most out of their Microsoft 365. But did you know that ‘bad calls’ are also an excellent indicator of other problems arising? Precisely because it is so noticeable!? Like the canary in the mine, bad calls can be early indicators of problems. Problems that might otherwise not have been noticed for a while but can have a big impact on productivity and satisfaction. Join this session by Christoph Adler to learn how true Microsoft Teams call quality analytics helped other organizations troubleshoot bad calls and identify and fix problems that impacted Teams calls or the use of Microsoft365 in general. See what it can do to keep your users happy and productive! In this session we will cover - Why CQD data alone is not enough to troubleshoot call problems - The importance of attributing call problems to the right call participant - What call quality analytics can do to help you quickly find, fix-, and prevent problems - Why having retrospective detailed insights matters - Real life examples of how others have used Microsoft Teams call quality monitoring to problem shoot problems with their ISP, network, device health and more.

Why Teams call analytics are critical to your entire business

panagenda

Tracing the root cause of a performance issue requires a lot of patience, experience, and focus. It’s so hard that we sometimes attempt to guess by trying out tentative fixes, but that usually results in frustration, messy code, and a considerable waste of time and money. This talk explains how to correctly zoom in on a performance bottleneck using three levels of profiling: distributed tracing, metrics, and method profiling. After we learn to read the JVM profiler output as a flame graph, we explore a series of bottlenecks typical for backend systems, like connection/thread pool starvation, invisible aspects, blocking code, hot CPU methods, lock contention, and Virtual Thread pinning, and we learn to trace them even if they occur in library code you are not familiar with. Attend this talk and prepare for the performance issues that will eventually hit any successful system. About authorWith two decades of experience, Victor is a Java Champion working as a trainer for top companies in Europe. Five thousands developers in 120 companies attended his workshops, so he gets to debate every week the challenges that various projects struggle with. In return, Victor summarizes key points from these workshops in conference talks and online meetups for the European Software Crafters, the world’s largest developer community around architecture, refactoring, and testing. Discover how Victor can help you on victorrentea.ro : company training catalog, consultancy and YouTube playlists.

Finding Java's Hidden Performance Traps @ DevoxxUK 2024

Victor Rentea

CNIC Information System with Pakdata Cf In Pakistan

danishmna97

Effective data discovery is crucial for maintaining compliance and mitigating risks in today's rapidly evolving privacy landscape. However, traditional manual approaches often struggle to keep pace with the growing volume and complexity of data. Join us for an insightful webinar where industry leaders from TrustArc and Privya will share their expertise on leveraging AI-powered solutions to revolutionize data discovery. You'll learn how to: - Effortlessly maintain a comprehensive, up-to-date data inventory - Harness code scanning insights to gain complete visibility into data flows leveraging the advantages of code scanning over DB scanning - Simplify compliance by leveraging Privya's integration with TrustArc - Implement proven strategies to mitigate third-party risks Our panel of experts will discuss real-world case studies and share practical strategies for overcoming common data discovery challenges. They'll also explore the latest trends and innovations in AI-driven data management, and how these technologies can help organizations stay ahead of the curve in an ever-changing privacy landscape.

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

TrustArc

Three things you will take away from the session: • How to run an effective tenant-to-tenant migration • Best practices for before, during, and after migration • Tips for using migration as a springboard to prepare for Copilot in Microsoft 365 Main ideas: Migration Overview: The presentation covers the current reality of cross-tenant migrations, the triggers, phases, best practices, and benefits of a successful tenant migration Considerations: When considering a migration, it is important to consider the migration scope, performance, customization, flexibility, user-friendly interface, automation, monitoring, support, training, scalability, data integrity, data security, cost, and licensing structure Next Wave: The next wave of change includes the launch of Copilot, which requires businesses to be prepared for upcoming changes related to Copilot and the cloud, and to consolidate data and tighten governance ShareGate: ShareGate can help with pre-migration analysis, configurable migration tool, and automated, end-user driven collaborative governance

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

sammart93

Keynote 2: APIs in 2030: The Risk of Technological Sleepwalk Paolo Malinverno, Growth Advisor - The Business of Technology Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...

apidays

Kürzlich hochgeladen (20)

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam

Apidays New York 2024 - The value of a flexible API Management solution for O...

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...

AWS Community Day CPH - Three problems of Terraform

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...

Boost Fertility New Invention Ups Success Rates.pdf

Cyberprint. Dark Pink Apt Group [EN].pdf

Exploring the Future Potential of AI-Enabled Smartphone Processors

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

presentation ICT roal in 21st century education

Ransomware_Q4_2023. The report. [EN].pdf

Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...

Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf

FWD Group - Insurer Innovation Award 2024

Why Teams call analytics are critical to your entire business

Finding Java's Hidden Performance Traps @ DevoxxUK 2024

CNIC Information System with Pakdata Cf In Pakistan

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...

Gildas Deograt - Effective Honeynet in High Grade Security Strategy

1. XECUREIT.COM “Your Security, Our Passion” Consultancy Assurance Research Education Effective Honeynet in High Grade Security Strategy "Feeling secure is dangerous. It makes us complacent." "Rasa aman berbahaya. Rasa aman membuat kita lengah." Gildas Deograt Lumy, CISA, CISSP, ISO27001 LA Chief Technology Officer gildas@xecureit.com

2. Effective HoneynetPage 2 XECUREIT.COM Example

3. Effective HoneynetPage 3 XECUREIT.COM Enemy Level  Very High ● Government grade attacker ● “Unlimited” resources, “lawful”  High ● High level of expertise, using advance in-house developed tools, budget <USD 1 Million ● Authorized users both consciously and as victims of social engineering  Medium ● Have expertise, using public or customized tools, budget <USD100,000 ● Known Attacker, such as employees, contractors, partners or customers both consciously and as victims of social engineering  Low / Very Low ● Script kiddies, new born attacker, using public tools, budget <USD10,000 ● Unknown Attacker (Public)

4. Effective HoneynetPage 4 XECUREIT.COM Easy to know your enemy ;) (Production) group_server1.organisasi.id group_server2.organisasi.id (External Honeynet)

5. Effective HoneynetPage 5 XECUREIT.COM How to know the malicious authorized user? (Production) group_server1.organisasi.id group_server2.organisasi.id (External Honeynet)

6. Effective HoneynetPage 6 XECUREIT.COM Easy to know the “potential” malicious authorized users (Production) group_server1.organisasi.id group_server2.organisasi.id (External Honeynet)

7. Effective HoneynetPage 7 XECUREIT.COM Easy to know the malicious authorized users (Production) group_server1.organisasi.id group_server2.organisasi.id (External Honeynet)

8. Effective HoneynetPage 8 XECUREIT.COM Requirements  High Grade Security Strategy ● Appropriate information security classification. ● Balance prevention and detection mechanism. ● Effective systems “separation of duties”. ● Clear understanding of information security policies and procedures (Do’s and Dont’s).  Integrated Tools ● Honeynet, Honeypot & Honeytoken ● Network-based IDS ● SIEM

9. XECUREIT.COM “Your Security, Our Passion” Consultancy Assurance Research Education TERIMAKASIH THANK YOU "Feeling secure is dangerous. It makes us complacent." "Rasa aman berbahaya. Rasa aman membuat kita lengah." Gildas Deograt Lumy, CISA, CISSP, ISO27001 LA Chief Technology Officer gildas@xecureit.com

Gildas Deograt - Effective Honeynet in High Grade Security Strategy

Empfohlen

Empfohlen

Weitere ähnliche Inhalte

Ähnlich wie Gildas Deograt - Effective Honeynet in High Grade Security Strategy

Ähnlich wie Gildas Deograt - Effective Honeynet in High Grade Security Strategy (20)

Mehr von Indonesia Honeynet Chapter

Mehr von Indonesia Honeynet Chapter (8)

Kürzlich hochgeladen

Kürzlich hochgeladen (20)

Gildas Deograt - Effective Honeynet in High Grade Security Strategy