SlideShare ist ein Scribd-Unternehmen logo

Threat Intelligence Field of Dreams

Greg Foss
Greg Foss

Threat Intelligence is by far one of the most over-used buzz words in the security industry. Many professionals have very mixed feelings about Threat Intelligence feeds as well. This discussion is around how LogRhythm’s internal security team utilizes Threat Intelligence to operationalize efficiently and streamline Security Operations processes and help improve an organization’s defenses. We will show how you can generate your own Threat Intelligence and create information sharing loops within like industries to fully realize the team's defensive capabilities. On top of the technical aspects around building out a good Threat Intel program, we will discuss how to manage this from a leadership perspective and get buy-in from the top. Most importantly, once these systems are in place, how we can show value to leadership using key performance indicators and leverage this to improve the overall security program.

Technologie
1 von 70
Downloaden Sie, um offline zu lesen
Company Confidential Powered by Building a Threat Intelligence Field of Dreams 05.12.2016
Company Confidential James Carder CISO | VP LogRhythm Labs Greg Foss Global Security Operations Team Lead
Operationalizing Threat Intelligence Making Threat Intelligence Useful
Company Confidential Defining Threat Intelligence “Evidence-based knowledge, including context, mechanisms, indicators, implications and ACTIONABLE advice about an existing or emerging menace or hazard to assets that can be used to inform decisions regarding the subject’s response to that menace or hazard” - Gartner
Company Confidential • Documents (e.g., FBI flash reports) • Blogs, emails • RSS feeds • CSV and text files • STIX • Open IOC • Malware samples • Packet capture • Forensic artifacts (files, email) Actionable data types Intel Reports Indicators of Compromise Raw Data Types • User Behaviors • Endpoint Behaviors • Network Behaviors Your Own Data
Company Confidential Operationalizing Threat Intelligence Indicators of Compromise (IOC) are automatically searched Changes to external threat environment immediate detected Provides analyst context around incident, event, threat, campaign • Historical knowledge as well to chain related attacks Reconnaissance & Planning Initial Compromise Command & Control Lateral Movement Target Attainment Exfiltration Corruption Disruption
OSINT Open Source Intelligence Gathering
Company Confidential Open Source Intelligence Gathering Open Source Intelligence (OSINT) in the simplest of terms is locating, and analyzing publically (open) available sources of information. The key component here is that this intelligence gathering process has a goal of producing current and relevant information that is valuable to either an attacker or competitor. For the most part, OSINT is more than simply performing web searches using various sources. - http://www.pentest-standard.org/index.php/PTES_Technical_Guidelines#OSINT
Company Confidential OSINT • Offensive and Defensive • Manual – In Depth Analysis of the target entity or individual(s) • Automated – High level analysis of metadata • Operationalize, Integrate, and Automate OSINT analysis FTW • Define goals – what to analyze, why, how, outputs, etc. • Indicators of Compromise • Data to feedback loops into defensive tools • Research • Attribution • Actors, victims, servers, locations, samples, etc.
Company Confidential OSINT OPSEC (Manual) • OPSEC : Operational Security • The target cannot know your organization is actively investigating them… • Use a USB-bootable Linux image such as Tails – non-persistent • Run both TOR and a VPN (commercial or use cloud systems) • Virtual Private Servers (VPS) located in other countries • Pay for services using bitcoin and/or pre-paid gift cards • Regardless of solution – understand the service’s logging policy, check for warrant canaries, and know your rights…
Company Confidential Why TOR and VPN? TOR != VPN TOR = Randomizer VPN = Tunnel Honestly… Not a big deal unless you’re planning to do illegal things – Which you should not be doing anyways...
Company Confidential OSINT OPSEC (Automated – Corporate) • Register a Linux Amazon EC2 box (free tier) with no elastic IP • Purchase a Dyn DNS account – for dynamic DNS registration • Establish a PPTP VPN tunnel to the EC2 system(s) • Perform investigative analysis from these cloud-hosted systems and / or local boxes with proper precautions in place • Proxy traffic through and use SSH port forwarding to access services • Following the completion of the analysis, reboot the system. • By default, AWS will assign a new IP unless you use an elastic IP • Reconfigure the tunnels and DNS as necessary (automate this)
Company Confidential Automating OSINT and Response Domain Tools Passive Total VirusTotal Cisco AMP ThreatGRID Netflow / IDS Firewalls Proxy Endpoint SIEM API SecOps Infrastructure
Company Confidential Manual OSINT Analysis • Goal-Oriented • Define specific target and understand the data you wish to obtain • Technical – Accounts, Servers, Services, Software, Integrations • Social – Social Media, Photography, Wish Lists, Email • Physical – Address, Home IP Address, Business, Footprint • Logical – Network, Operational Intelligence, Where, When
Company Confidential A Few OSINT Tools • Maltego • Transforms! • Passive Total • Threat Intel and Maltego API! • Domain Tools IRIS • Whois History, Pivot off of data points (email, address, phone, etc.) • Shodan • The network search engine – everything from open VNC services to C2’s • Facebook / Linkedin / Spokeo / Pipl / etc. • Create fake accounts and use API integrations to automate searches
Company Confidential OSINT Tips and Tricks : Shortened URL’s All you need is +
Company Confidential OSINT Tips and Tricks : Shortened URL’s
Company Confidential OSINT Tips and Tricks : Resolve Skype Username to IP
Company Confidential OSINT Tips and Tricks : Resolve Skype Username to IP
Company Confidential OSINT Tips and Tricks : Source Code Search Nerdydata.com
Company Confidential OSINT Tips and Tricks : Source Code Search ;-)
Company Confidential Just scratching the surface…
Case Studies Operationalization of Threat Intel
Company Confidential Case Study: Operationalizing POS Intel from a Threat Report Threat Report SIEM/Analytics Engine Hits, Alarm, Smart Response No Hits, No Alarm, Smart Response Automated Search using Host and Network IOCs and/or BrutPOS behavior in SIEM and on endpoint POS Network • Containment • Acquisition • Analysis • Confirmation • Remediation • Metrics/Reporting
Company Confidential SIEM/Analytics Engine Domain was opened in the last 7 days or registered by known bad…Smart Response Domain is reputable or categorized as good DNS name isn’t recognized or part of known malicious domain lists…Smart Response…check Domain Tools • Containment • Acquisition • Analysis • Confirmation • Remediation • Metrics/Reporting Internet Browsing Internet Case Study: Operationalizing Intel using Third Party Integrations
Company Confidential Case Study: Operationalizing Intel from Internal Behaviors / Baselines Assume credentials are stolen SIEM/Analytics Engine Detect: Network traffic to vl.ff.avast.com & su.ff.avast.com Detect: 128 Bit GUID cba871fa-80c9-48bc-9836- 8df3a7f67145 Identify: Avast AV Single Factor • Containment • Acquisition • Analysis • Confirmation • Remediation • Metrics/Reporting Smart Response: Does IT inventory have anything other than McAfee or ESET? If not, Smart Response into IR
Company Confidential Malware Sandbox e.g. Cuckoo Historical Case Data Analyst e.g. Malware, Forensics External Services e.g. Domain Tools, Virus Total Threat Intelligence e.g. ISACs, Threat Feeds, Flash Reports Offer Services to your friends Collect Intel & Collaborate Vulnerability Intelligence If you build it…they will come…
Company Confidential Is attribution important? • “If you know the enemy and know yourself you need not fear the results of a hundred battles” – Sun Tzu • “All warfare is based on deception. Hence, when we are able to attack we must seem unable, when using our force we must appear inactive, when we are near we must make the enemy believe we are far away, when we are far away we must make him believe we are near” – Sun Tzu
Company Confidential • Who did it? • Why did they do it? • What were they after? • Could we have prevented it? • APT, China • China 5yr plan, don’t know • Research data, intellectual property, I don’t know • No, not without more budget “China stole it, specifically an APT group out of A province. The data was then transferred to person B, located in province C. Then person B sent it to person D in Russia. Once in Russia, the stolen data ended up on person E’s table.” What if attribution was real’ized?
Document Bugging and Web Tracing Tracking people of interest and mapping out their digital footprints
Company Confidential Honey Tokens and Document Bugging Tracking file access, modification, exfiltration, etc… • Use File Integrity Monitoring to track file interactions • Any predefined item, instrumented to generate a unique log • Strings, Drives, Directories, Hashes, ‘employees’
Company Confidential File Integrity Monitoring – Built in to Windows Logging
Company Confidential Document Bugging – How To • WebBug Background Information: http://ha.ckers.org/webbug.html • WebBug Server: https://bitbucket.org/ethanr/webbugserver • Bugged Files – Is Your Document Telling on You? Daniel Crowley and Damon Smith (Chaos Communication Camp 2015) https://www.youtube.com/watch?v=j5cjFul4ZIc
Company Confidential Document Tracking Same tricks used by Marketing / Sales for years. Normally for tracking emails, clicks, downloads, etc. Why loading external images within email is risky…
Company Confidential https://github.com/gfoss/misc/tree/master/Bash/webbug Documents can be tracked in the same way as email / web
Company Confidential Issues with Document Tracking When a document is opened up offline, it is possible that information will be divulged about the tracking service itself. Be cognizant of this when bugging documents.
Company Confidential Issues with Document Tracking Visiting the site directly Dead giveaway that something phishy is up…
Company Confidential Issues with Document Tracking You may even get your domain flagged This can hinder your tracking ability Ensure that you check regularly…
Company Confidential Taking it a step further… • Honeybadger, Flash, Java, Client Side Code If you are able to execute code on the endpoint, you can uncover the true location, regardless of proxy
Company Confidential No help in court… • Evidence obtained via webbugs, tracing, or similar forms of tracking may not be admissible in court, as this could be considered entrapment. • FBI Case – Operation Torpedo • https://www.wired.com/2014/08/operation_torpedo/
Company Confidential Legalities of Document Bugging • Is it spying? • Can you really get in trouble for tracking your own things? • All boils down to intent…very grey area.
Company Confidential Bugged Documents In Practice Reverse Phishing
Company Confidential He was even kind enough to complete the form and send it back!
Company Confidential Bugged Documents – In Practice Capture The Flag – LogRhythmChallenge.com
Company Confidential In Practice Bugging the CTF instructions…
Company Confidential Bugged Documents – In Practice “We need your slides 9-months ahead of time for this industry-leading cyber security event” – Random Conference
Company Confidential USB Drop – Security Awareness Case Study
Company Confidential Building a Believable Campaign USB Human Interface Device (HID) attacks are too obvious. A dead giveaway that the target just compromised their system. + Expensive. http://hakshop.myshopify.com/products/usb-rubber-ducky-deluxe?variant=353378649
Company Confidential Building a Believable Campaign Use realistic files with somewhat realistic data Staged approach to track file access and exploitation
Company Confidential README.doc
Company Confidential Tracking File Access Bugged document opened within the corporate network? Correlate access logs with network flow analysis to find the victim
Company Confidential Who Opened The File?
Company Confidential Competitive-Business-Analysis.xlsm
Company Confidential PowerShell Macro
Company Confidential PowerShell Prompt PowerShell Empire – Invoke-Prompt
Company Confidential Step 1 – Compress PowerShell Script
Company Confidential Step 2 – Build the Macro and Inject PowerShell Script
Company Confidential Step 3 - Customize the Macro
Company Confidential Step 4 - Profit Send an email when the Macro is run… Use a bogus email (unlike I did here) – I know, I know. Bad OpSec.
Company Confidential
Company Confidential Toolscalculator.exe
Company Confidential Yep… They ran it “Nobody’s going to run an executable from some random USB” -- Greg
Company Confidential Now we have our foothold… Fortunately they didn’t run this as an admin
Company Confidential
Company Confidential
Company Confidential Macro Attack Detection
Company Confidential Malware Beaconing
Company Confidential Conclusion • Developing and leveraging actionable OSINT data can help operationalize Threat Intelligence • Develop a cyclical Threat Intelligence ecosystem and implement automated responses to known threats • Take proactive measures by laying traps and various flags that will notify the SOC to anomalous activity • Use active defense techniques to learn more about the adversary and attempt to gain attribution • Understand the shortcomings of attribution and document bugging to avoid common pitfalls • Communicate across various departments and coordinate defensive efforts
Company Confidential James Carder James.Carder@LogRhythm.com CISO | VP LogRhythm Labs Greg Foss Greg.Foss@LogRhythm.com Global Security Operations Team Lead Thank You!

Empfohlen

Advanced Threats and Lateral Movement Detection
Advanced Threats and Lateral Movement DetectionAdvanced Threats and Lateral Movement Detection
Advanced Threats and Lateral Movement DetectionGreg Foss
 
Activated Charcoal - Making Sense of Endpoint Data
Activated Charcoal - Making Sense of Endpoint DataActivated Charcoal - Making Sense of Endpoint Data
Activated Charcoal - Making Sense of Endpoint DataGreg Foss
 
SANS CTI Summit 2016 Borderless Threat Intelligence
SANS CTI Summit 2016 Borderless Threat IntelligenceSANS CTI Summit 2016 Borderless Threat Intelligence
SANS CTI Summit 2016 Borderless Threat IntelligenceJason Trost
 
R-CISC Summit 2016 Borderless Threat Intelligence
R-CISC Summit 2016 Borderless Threat IntelligenceR-CISC Summit 2016 Borderless Threat Intelligence
R-CISC Summit 2016 Borderless Threat IntelligenceJason Trost
 
Anomali Detect 2016 - Borderless Threat Intelligence
Anomali Detect 2016 - Borderless Threat IntelligenceAnomali Detect 2016 - Borderless Threat Intelligence
Anomali Detect 2016 - Borderless Threat IntelligenceJason Trost
 
Lateral Movement by Default
Lateral Movement by DefaultLateral Movement by Default
Lateral Movement by DefaultInnoTech
 
CMS Hacking Tricks - DerbyCon 4 - 2014
CMS Hacking Tricks - DerbyCon 4 - 2014CMS Hacking Tricks - DerbyCon 4 - 2014
CMS Hacking Tricks - DerbyCon 4 - 2014Greg Foss
 
Phishing Intelligence Engine - BlueHat v17
Phishing Intelligence Engine - BlueHat v17Phishing Intelligence Engine - BlueHat v17
Phishing Intelligence Engine - BlueHat v17Greg Foss
 

Empfohlen

Advanced Threats and Lateral Movement Detection
Advanced Threats and Lateral Movement DetectionAdvanced Threats and Lateral Movement Detection
Advanced Threats and Lateral Movement DetectionGreg Foss
 
Activated Charcoal - Making Sense of Endpoint Data
Activated Charcoal - Making Sense of Endpoint DataActivated Charcoal - Making Sense of Endpoint Data
Activated Charcoal - Making Sense of Endpoint DataGreg Foss
 
SANS CTI Summit 2016 Borderless Threat Intelligence
SANS CTI Summit 2016 Borderless Threat IntelligenceSANS CTI Summit 2016 Borderless Threat Intelligence
SANS CTI Summit 2016 Borderless Threat IntelligenceJason Trost
 
R-CISC Summit 2016 Borderless Threat Intelligence
R-CISC Summit 2016 Borderless Threat IntelligenceR-CISC Summit 2016 Borderless Threat Intelligence
R-CISC Summit 2016 Borderless Threat IntelligenceJason Trost
 
Anomali Detect 2016 - Borderless Threat Intelligence
Anomali Detect 2016 - Borderless Threat IntelligenceAnomali Detect 2016 - Borderless Threat Intelligence
Anomali Detect 2016 - Borderless Threat IntelligenceJason Trost
 
Lateral Movement by Default
Lateral Movement by DefaultLateral Movement by Default
Lateral Movement by DefaultInnoTech
 
CMS Hacking Tricks - DerbyCon 4 - 2014
CMS Hacking Tricks - DerbyCon 4 - 2014CMS Hacking Tricks - DerbyCon 4 - 2014
CMS Hacking Tricks - DerbyCon 4 - 2014Greg Foss
 
Phishing Intelligence Engine - BlueHat v17
Phishing Intelligence Engine - BlueHat v17Phishing Intelligence Engine - BlueHat v17
Phishing Intelligence Engine - BlueHat v17Greg Foss
 
Avoiding the Pitfalls of Hunting - BSides Charm 2016
Avoiding the Pitfalls of Hunting - BSides Charm 2016Avoiding the Pitfalls of Hunting - BSides Charm 2016
Avoiding the Pitfalls of Hunting - BSides Charm 2016Tony Cook
 
Practical White Hat Hacker Training - Passive Information Gathering(OSINT)
Practical White Hat Hacker Training - Passive Information Gathering(OSINT)Practical White Hat Hacker Training - Passive Information Gathering(OSINT)
Practical White Hat Hacker Training - Passive Information Gathering(OSINT)PRISMA CSI
 
Deploying, Managing, and Leveraging Honeypots in the Enterprise using Open So...
Deploying, Managing, and Leveraging Honeypots in the Enterprise using Open So...Deploying, Managing, and Leveraging Honeypots in the Enterprise using Open So...
Deploying, Managing, and Leveraging Honeypots in the Enterprise using Open So...Jason Trost
 
Utilizing OSINT in Threat Analytics and Incident Response
Utilizing OSINT in Threat Analytics and Incident ResponseUtilizing OSINT in Threat Analytics and Incident Response
Utilizing OSINT in Threat Analytics and Incident ResponseChristopher Beiring
 
Threat hunting - Every day is hunting season
Threat hunting - Every day is hunting seasonThreat hunting - Every day is hunting season
Threat hunting - Every day is hunting seasonBen Boyd
 
Deception Driven Defense - Infragard 2016
Deception Driven Defense - Infragard 2016Deception Driven Defense - Infragard 2016
Deception Driven Defense - Infragard 2016Greg Foss
 
No Easy Breach DerbyCon 2016
No Easy Breach DerbyCon 2016No Easy Breach DerbyCon 2016
No Easy Breach DerbyCon 2016Matthew Dunwoody
 
Hunting: Defense Against The Dark Arts
Hunting: Defense Against The Dark ArtsHunting: Defense Against The Dark Arts
Hunting: Defense Against The Dark ArtsSpyglass Security
 
BSidesCharleston2014 - Ballin on a Budget: Tracking Chinese Malware Campaigns...
BSidesCharleston2014 - Ballin on a Budget: Tracking Chinese Malware Campaigns...BSidesCharleston2014 - Ballin on a Budget: Tracking Chinese Malware Campaigns...
BSidesCharleston2014 - Ballin on a Budget: Tracking Chinese Malware Campaigns...Andrew Morris
 
BSidesNYC 2016 - An Adversarial View of SaaS Malware Sandboxes
BSidesNYC 2016 - An Adversarial View of SaaS Malware SandboxesBSidesNYC 2016 - An Adversarial View of SaaS Malware Sandboxes
BSidesNYC 2016 - An Adversarial View of SaaS Malware SandboxesJason Trost
 
Hunting: Defense Against The Dark Arts - BSides Philadelphia - 2016
Hunting: Defense Against The Dark Arts - BSides Philadelphia - 2016Hunting: Defense Against The Dark Arts - BSides Philadelphia - 2016
Hunting: Defense Against The Dark Arts - BSides Philadelphia - 2016Danny Akacki
 
Finding the Sweet Spot: Counter Honeypot Operations (CHOps) by Jonathan Creek...
Finding the Sweet Spot: Counter Honeypot Operations (CHOps) by Jonathan Creek...Finding the Sweet Spot: Counter Honeypot Operations (CHOps) by Jonathan Creek...
Finding the Sweet Spot: Counter Honeypot Operations (CHOps) by Jonathan Creek...EC-Council
 
A journey into Application Security
A journey into Application SecurityA journey into Application Security
A journey into Application SecurityChristian Martorella
 
MITRE ATT&CKcon 2.0: Using Threat Intelligence to Focus ATT&CK Activities; Da...
MITRE ATT&CKcon 2.0: Using Threat Intelligence to Focus ATT&CK Activities; Da...MITRE ATT&CKcon 2.0: Using Threat Intelligence to Focus ATT&CK Activities; Da...
MITRE ATT&CKcon 2.0: Using Threat Intelligence to Focus ATT&CK Activities; Da...MITRE - ATT&CKcon
 
Defcon Crypto Village - OPSEC Concerns in Using Crypto
Defcon Crypto Village - OPSEC Concerns in Using CryptoDefcon Crypto Village - OPSEC Concerns in Using Crypto
Defcon Crypto Village - OPSEC Concerns in Using CryptoJohn Bambenek
 
Client-Side Penetration Testing Presentation
Client-Side Penetration Testing PresentationClient-Side Penetration Testing Presentation
Client-Side Penetration Testing PresentationChris Gates
 
Defending Against 1,000,000 Cyber Attacks by Michael Banks
Defending Against 1,000,000 Cyber Attacks by Michael BanksDefending Against 1,000,000 Cyber Attacks by Michael Banks
Defending Against 1,000,000 Cyber Attacks by Michael BanksEC-Council
 
Threat Hunting with Splunk Hands-on
Threat Hunting with Splunk Hands-onThreat Hunting with Splunk Hands-on
Threat Hunting with Splunk Hands-onSplunk
 
CSW2017 Kyle ehmke lots of squats- ap-ts never miss leg day
CSW2017 Kyle ehmke lots of squats- ap-ts never miss leg dayCSW2017 Kyle ehmke lots of squats- ap-ts never miss leg day
CSW2017 Kyle ehmke lots of squats- ap-ts never miss leg dayCanSecWest
 
ANALYZE'15 - Bulk Malware Analysis at Scale
ANALYZE'15 - Bulk Malware Analysis at ScaleANALYZE'15 - Bulk Malware Analysis at Scale
ANALYZE'15 - Bulk Malware Analysis at ScaleJohn Bambenek
 
Physically Unclonable Random Permutations
Physically Unclonable Random PermutationsPhysically Unclonable Random Permutations
Physically Unclonable Random PermutationsRiccardo Bernardini
 
Rtos ameba
Rtos amebaRtos ameba
Rtos amebaJou Neo
 

Weitere ähnliche Inhalte

Was ist angesagt?

Avoiding the Pitfalls of Hunting - BSides Charm 2016
Avoiding the Pitfalls of Hunting - BSides Charm 2016Avoiding the Pitfalls of Hunting - BSides Charm 2016
Avoiding the Pitfalls of Hunting - BSides Charm 2016Tony Cook
 
Practical White Hat Hacker Training - Passive Information Gathering(OSINT)
Practical White Hat Hacker Training - Passive Information Gathering(OSINT)Practical White Hat Hacker Training - Passive Information Gathering(OSINT)
Practical White Hat Hacker Training - Passive Information Gathering(OSINT)PRISMA CSI
 
Deploying, Managing, and Leveraging Honeypots in the Enterprise using Open So...
Deploying, Managing, and Leveraging Honeypots in the Enterprise using Open So...Deploying, Managing, and Leveraging Honeypots in the Enterprise using Open So...
Deploying, Managing, and Leveraging Honeypots in the Enterprise using Open So...Jason Trost
 
Utilizing OSINT in Threat Analytics and Incident Response
Utilizing OSINT in Threat Analytics and Incident ResponseUtilizing OSINT in Threat Analytics and Incident Response
Utilizing OSINT in Threat Analytics and Incident ResponseChristopher Beiring
 
Threat hunting - Every day is hunting season
Threat hunting - Every day is hunting seasonThreat hunting - Every day is hunting season
Threat hunting - Every day is hunting seasonBen Boyd
 
Deception Driven Defense - Infragard 2016
Deception Driven Defense - Infragard 2016Deception Driven Defense - Infragard 2016
Deception Driven Defense - Infragard 2016Greg Foss
 
No Easy Breach DerbyCon 2016
No Easy Breach DerbyCon 2016No Easy Breach DerbyCon 2016
No Easy Breach DerbyCon 2016Matthew Dunwoody
 
Hunting: Defense Against The Dark Arts
Hunting: Defense Against The Dark ArtsHunting: Defense Against The Dark Arts
Hunting: Defense Against The Dark ArtsSpyglass Security
 
BSidesCharleston2014 - Ballin on a Budget: Tracking Chinese Malware Campaigns...
BSidesCharleston2014 - Ballin on a Budget: Tracking Chinese Malware Campaigns...BSidesCharleston2014 - Ballin on a Budget: Tracking Chinese Malware Campaigns...
BSidesCharleston2014 - Ballin on a Budget: Tracking Chinese Malware Campaigns...Andrew Morris
 
BSidesNYC 2016 - An Adversarial View of SaaS Malware Sandboxes
BSidesNYC 2016 - An Adversarial View of SaaS Malware SandboxesBSidesNYC 2016 - An Adversarial View of SaaS Malware Sandboxes
BSidesNYC 2016 - An Adversarial View of SaaS Malware SandboxesJason Trost
 
Hunting: Defense Against The Dark Arts - BSides Philadelphia - 2016
Hunting: Defense Against The Dark Arts - BSides Philadelphia - 2016Hunting: Defense Against The Dark Arts - BSides Philadelphia - 2016
Hunting: Defense Against The Dark Arts - BSides Philadelphia - 2016Danny Akacki
 
Finding the Sweet Spot: Counter Honeypot Operations (CHOps) by Jonathan Creek...
Finding the Sweet Spot: Counter Honeypot Operations (CHOps) by Jonathan Creek...Finding the Sweet Spot: Counter Honeypot Operations (CHOps) by Jonathan Creek...
Finding the Sweet Spot: Counter Honeypot Operations (CHOps) by Jonathan Creek...EC-Council
 
A journey into Application Security
A journey into Application SecurityA journey into Application Security
A journey into Application SecurityChristian Martorella
 
MITRE ATT&CKcon 2.0: Using Threat Intelligence to Focus ATT&CK Activities; Da...
MITRE ATT&CKcon 2.0: Using Threat Intelligence to Focus ATT&CK Activities; Da...MITRE ATT&CKcon 2.0: Using Threat Intelligence to Focus ATT&CK Activities; Da...
MITRE ATT&CKcon 2.0: Using Threat Intelligence to Focus ATT&CK Activities; Da...MITRE - ATT&CKcon
 
Defcon Crypto Village - OPSEC Concerns in Using Crypto
Defcon Crypto Village - OPSEC Concerns in Using CryptoDefcon Crypto Village - OPSEC Concerns in Using Crypto
Defcon Crypto Village - OPSEC Concerns in Using CryptoJohn Bambenek
 
Client-Side Penetration Testing Presentation
Client-Side Penetration Testing PresentationClient-Side Penetration Testing Presentation
Client-Side Penetration Testing PresentationChris Gates
 
Defending Against 1,000,000 Cyber Attacks by Michael Banks
Defending Against 1,000,000 Cyber Attacks by Michael BanksDefending Against 1,000,000 Cyber Attacks by Michael Banks
Defending Against 1,000,000 Cyber Attacks by Michael BanksEC-Council
 
Threat Hunting with Splunk Hands-on
Threat Hunting with Splunk Hands-onThreat Hunting with Splunk Hands-on
Threat Hunting with Splunk Hands-onSplunk
 
CSW2017 Kyle ehmke lots of squats- ap-ts never miss leg day
CSW2017 Kyle ehmke lots of squats- ap-ts never miss leg dayCSW2017 Kyle ehmke lots of squats- ap-ts never miss leg day
CSW2017 Kyle ehmke lots of squats- ap-ts never miss leg dayCanSecWest
 
ANALYZE'15 - Bulk Malware Analysis at Scale
ANALYZE'15 - Bulk Malware Analysis at ScaleANALYZE'15 - Bulk Malware Analysis at Scale
ANALYZE'15 - Bulk Malware Analysis at ScaleJohn Bambenek
 

Was ist angesagt? (20)

Avoiding the Pitfalls of Hunting - BSides Charm 2016
Avoiding the Pitfalls of Hunting - BSides Charm 2016Avoiding the Pitfalls of Hunting - BSides Charm 2016
Avoiding the Pitfalls of Hunting - BSides Charm 2016
 
Practical White Hat Hacker Training - Passive Information Gathering(OSINT)
Practical White Hat Hacker Training - Passive Information Gathering(OSINT)Practical White Hat Hacker Training - Passive Information Gathering(OSINT)
Practical White Hat Hacker Training - Passive Information Gathering(OSINT)
 
Deploying, Managing, and Leveraging Honeypots in the Enterprise using Open So...
Deploying, Managing, and Leveraging Honeypots in the Enterprise using Open So...Deploying, Managing, and Leveraging Honeypots in the Enterprise using Open So...
Deploying, Managing, and Leveraging Honeypots in the Enterprise using Open So...
 
Utilizing OSINT in Threat Analytics and Incident Response
Utilizing OSINT in Threat Analytics and Incident ResponseUtilizing OSINT in Threat Analytics and Incident Response
Utilizing OSINT in Threat Analytics and Incident Response
 
Threat hunting - Every day is hunting season
Threat hunting - Every day is hunting seasonThreat hunting - Every day is hunting season
Threat hunting - Every day is hunting season
 
Deception Driven Defense - Infragard 2016
Deception Driven Defense - Infragard 2016Deception Driven Defense - Infragard 2016
Deception Driven Defense - Infragard 2016
 
No Easy Breach DerbyCon 2016
No Easy Breach DerbyCon 2016No Easy Breach DerbyCon 2016
No Easy Breach DerbyCon 2016
 
Hunting: Defense Against The Dark Arts
Hunting: Defense Against The Dark ArtsHunting: Defense Against The Dark Arts
Hunting: Defense Against The Dark Arts
 
BSidesCharleston2014 - Ballin on a Budget: Tracking Chinese Malware Campaigns...
BSidesCharleston2014 - Ballin on a Budget: Tracking Chinese Malware Campaigns...BSidesCharleston2014 - Ballin on a Budget: Tracking Chinese Malware Campaigns...
BSidesCharleston2014 - Ballin on a Budget: Tracking Chinese Malware Campaigns...
 
BSidesNYC 2016 - An Adversarial View of SaaS Malware Sandboxes
BSidesNYC 2016 - An Adversarial View of SaaS Malware SandboxesBSidesNYC 2016 - An Adversarial View of SaaS Malware Sandboxes
BSidesNYC 2016 - An Adversarial View of SaaS Malware Sandboxes
 
Hunting: Defense Against The Dark Arts - BSides Philadelphia - 2016
Hunting: Defense Against The Dark Arts - BSides Philadelphia - 2016Hunting: Defense Against The Dark Arts - BSides Philadelphia - 2016
Hunting: Defense Against The Dark Arts - BSides Philadelphia - 2016
 
Finding the Sweet Spot: Counter Honeypot Operations (CHOps) by Jonathan Creek...
Finding the Sweet Spot: Counter Honeypot Operations (CHOps) by Jonathan Creek...Finding the Sweet Spot: Counter Honeypot Operations (CHOps) by Jonathan Creek...
Finding the Sweet Spot: Counter Honeypot Operations (CHOps) by Jonathan Creek...
 
A journey into Application Security
A journey into Application SecurityA journey into Application Security
A journey into Application Security
 
MITRE ATT&CKcon 2.0: Using Threat Intelligence to Focus ATT&CK Activities; Da...
MITRE ATT&CKcon 2.0: Using Threat Intelligence to Focus ATT&CK Activities; Da...MITRE ATT&CKcon 2.0: Using Threat Intelligence to Focus ATT&CK Activities; Da...
MITRE ATT&CKcon 2.0: Using Threat Intelligence to Focus ATT&CK Activities; Da...
 
Defcon Crypto Village - OPSEC Concerns in Using Crypto
Defcon Crypto Village - OPSEC Concerns in Using CryptoDefcon Crypto Village - OPSEC Concerns in Using Crypto
Defcon Crypto Village - OPSEC Concerns in Using Crypto
 
Client-Side Penetration Testing Presentation
Client-Side Penetration Testing PresentationClient-Side Penetration Testing Presentation
Client-Side Penetration Testing Presentation
 
Defending Against 1,000,000 Cyber Attacks by Michael Banks
Defending Against 1,000,000 Cyber Attacks by Michael BanksDefending Against 1,000,000 Cyber Attacks by Michael Banks
Defending Against 1,000,000 Cyber Attacks by Michael Banks
 
Threat Hunting with Splunk Hands-on
Threat Hunting with Splunk Hands-onThreat Hunting with Splunk Hands-on
Threat Hunting with Splunk Hands-on
 
CSW2017 Kyle ehmke lots of squats- ap-ts never miss leg day
CSW2017 Kyle ehmke lots of squats- ap-ts never miss leg dayCSW2017 Kyle ehmke lots of squats- ap-ts never miss leg day
CSW2017 Kyle ehmke lots of squats- ap-ts never miss leg day
 
ANALYZE'15 - Bulk Malware Analysis at Scale
ANALYZE'15 - Bulk Malware Analysis at ScaleANALYZE'15 - Bulk Malware Analysis at Scale
ANALYZE'15 - Bulk Malware Analysis at Scale
 

Andere mochten auch

Physically Unclonable Random Permutations
Physically Unclonable Random PermutationsPhysically Unclonable Random Permutations
Physically Unclonable Random PermutationsRiccardo Bernardini
 
Rtos ameba
Rtos amebaRtos ameba
Rtos amebaJou Neo
 
PHDays '14 Cracking java pseudo random sequences by egorov & soldatov
PHDays '14 Cracking java pseudo random sequences by egorov & soldatovPHDays '14 Cracking java pseudo random sequences by egorov & soldatov
PHDays '14 Cracking java pseudo random sequences by egorov & soldatovSergey Soldatov
 
Generalized Elias Schemes for Truly Random Bits
Generalized Elias Schemes for Truly Random BitsGeneralized Elias Schemes for Truly Random Bits
Generalized Elias Schemes for Truly Random BitsRiccardo Bernardini
 
Io t security-ameba-ppt
Io t security-ameba-pptIo t security-ameba-ppt
Io t security-ameba-pptJou Neo
 
Deploying Privileged Access Workstations (PAWs)
Deploying Privileged Access Workstations (PAWs)Deploying Privileged Access Workstations (PAWs)
Deploying Privileged Access Workstations (PAWs)Blue Teamer
 
Terra Bruciata: an open source initiative for software correctness
Terra Bruciata: an open source initiative for software correctnessTerra Bruciata: an open source initiative for software correctness
Terra Bruciata: an open source initiative for software correctnessRiccardo Bernardini
 
Active Directory - Real Defense For Domain Admins
Active Directory - Real Defense For Domain AdminsActive Directory - Real Defense For Domain Admins
Active Directory - Real Defense For Domain AdminsJason Lang
 
Ubuntu 16.04 LTS Security Features
Ubuntu 16.04 LTS Security FeaturesUbuntu 16.04 LTS Security Features
Ubuntu 16.04 LTS Security FeaturesDustin Kirkland
 
Kaspersky managed protection
Kaspersky managed protectionKaspersky managed protection
Kaspersky managed protectionSergey Soldatov
 
How to Hunt for Lateral Movement on Your Network
How to Hunt for Lateral Movement on Your NetworkHow to Hunt for Lateral Movement on Your Network
How to Hunt for Lateral Movement on Your NetworkSqrrl
 
Трудовые будни охотника на угрозы
Трудовые будни охотника на угрозыТрудовые будни охотника на угрозы
Трудовые будни охотника на угрозыSergey Soldatov
 
Very stable PUF based on two mosfet
Very stable PUF based on two mosfetVery stable PUF based on two mosfet
Very stable PUF based on two mosfetRiccardo Bernardini
 
Threat hunting as SOC process
Threat hunting as SOC processThreat hunting as SOC process
Threat hunting as SOC processSergey Soldatov
 
A Very Stable Diode-Based Physically Unclonable Constant
A Very Stable Diode-Based Physically Unclonable ConstantA Very Stable Diode-Based Physically Unclonable Constant
A Very Stable Diode-Based Physically Unclonable ConstantRiccardo Bernardini
 
Hunting Lateral Movement in Windows Infrastructure
Hunting Lateral Movement in Windows InfrastructureHunting Lateral Movement in Windows Infrastructure
Hunting Lateral Movement in Windows InfrastructureSergey Soldatov
 
Whitewood entropy and random numbers - owasp - austin - jan 2017
Whitewood entropy and random numbers - owasp - austin - jan 2017Whitewood entropy and random numbers - owasp - austin - jan 2017
Whitewood entropy and random numbers - owasp - austin - jan 2017WhitewoodOWASP
 

Andere mochten auch (20)

Physically Unclonable Random Permutations
Physically Unclonable Random PermutationsPhysically Unclonable Random Permutations
Physically Unclonable Random Permutations
 
Rtos ameba
Rtos amebaRtos ameba
Rtos ameba
 
A Threat Hunter Himself
A Threat Hunter HimselfA Threat Hunter Himself
A Threat Hunter Himself
 
PHDays '14 Cracking java pseudo random sequences by egorov & soldatov
PHDays '14 Cracking java pseudo random sequences by egorov & soldatovPHDays '14 Cracking java pseudo random sequences by egorov & soldatov
PHDays '14 Cracking java pseudo random sequences by egorov & soldatov
 
Generalized Elias Schemes for Truly Random Bits
Generalized Elias Schemes for Truly Random BitsGeneralized Elias Schemes for Truly Random Bits
Generalized Elias Schemes for Truly Random Bits
 
Io t security-ameba-ppt
Io t security-ameba-pptIo t security-ameba-ppt
Io t security-ameba-ppt
 
Deploying Privileged Access Workstations (PAWs)
Deploying Privileged Access Workstations (PAWs)Deploying Privileged Access Workstations (PAWs)
Deploying Privileged Access Workstations (PAWs)
 
Terra Bruciata: an open source initiative for software correctness
Terra Bruciata: an open source initiative for software correctnessTerra Bruciata: an open source initiative for software correctness
Terra Bruciata: an open source initiative for software correctness
 
Active Directory - Real Defense For Domain Admins
Active Directory - Real Defense For Domain AdminsActive Directory - Real Defense For Domain Admins
Active Directory - Real Defense For Domain Admins
 
Ubuntu 16.04 LTS Security Features
Ubuntu 16.04 LTS Security FeaturesUbuntu 16.04 LTS Security Features
Ubuntu 16.04 LTS Security Features
 
Kaspersky managed protection
Kaspersky managed protectionKaspersky managed protection
Kaspersky managed protection
 
How to Hunt for Lateral Movement on Your Network
How to Hunt for Lateral Movement on Your NetworkHow to Hunt for Lateral Movement on Your Network
How to Hunt for Lateral Movement on Your Network
 
Трудовые будни охотника на угрозы
Трудовые будни охотника на угрозыТрудовые будни охотника на угрозы
Трудовые будни охотника на угрозы
 
Very stable PUF based on two mosfet
Very stable PUF based on two mosfetVery stable PUF based on two mosfet
Very stable PUF based on two mosfet
 
Threat hunting as SOC process
Threat hunting as SOC processThreat hunting as SOC process
Threat hunting as SOC process
 
Dakotacon 2017
Dakotacon 2017Dakotacon 2017
Dakotacon 2017
 
A Very Stable Diode-Based Physically Unclonable Constant
A Very Stable Diode-Based Physically Unclonable ConstantA Very Stable Diode-Based Physically Unclonable Constant
A Very Stable Diode-Based Physically Unclonable Constant
 
Two-fet based PUF
Two-fet based PUFTwo-fet based PUF
Two-fet based PUF
 
Hunting Lateral Movement in Windows Infrastructure
Hunting Lateral Movement in Windows InfrastructureHunting Lateral Movement in Windows Infrastructure
Hunting Lateral Movement in Windows Infrastructure
 
Whitewood entropy and random numbers - owasp - austin - jan 2017
Whitewood entropy and random numbers - owasp - austin - jan 2017Whitewood entropy and random numbers - owasp - austin - jan 2017
Whitewood entropy and random numbers - owasp - austin - jan 2017
 

Ähnlich wie Threat Intelligence Field of Dreams

All Your Security Events Are Belong to ... You!
All Your Security Events Are Belong to ... You!All Your Security Events Are Belong to ... You!
All Your Security Events Are Belong to ... You!Xavier Mertens
 
Cyber threat-hunting---part-2-25062021-095909pm
Cyber threat-hunting---part-2-25062021-095909pmCyber threat-hunting---part-2-25062021-095909pm
Cyber threat-hunting---part-2-25062021-095909pmMuhammadJalalShah1
 
Computer Forensics – What Every Lawyer Needs to Know
Computer Forensics – What Every Lawyer Needs to KnowComputer Forensics – What Every Lawyer Needs to Know
Computer Forensics – What Every Lawyer Needs to KnowWinston & Strawn LLP
 
Operational Security Intelligence
Operational Security IntelligenceOperational Security Intelligence
Operational Security IntelligenceSplunk
 
Information security - what is going on 2016
Information security - what is going on 2016Information security - what is going on 2016
Information security - what is going on 2016Tomppa Järvinen
 
Advanced Research Investigations for SIU Investigators
Advanced Research Investigations for SIU InvestigatorsAdvanced Research Investigations for SIU Investigators
Advanced Research Investigations for SIU InvestigatorsSloan Carne
 
Threat Hunting by Falgun Rathod - Cyber Octet Private Limited
Threat Hunting by Falgun Rathod - Cyber Octet Private LimitedThreat Hunting by Falgun Rathod - Cyber Octet Private Limited
Threat Hunting by Falgun Rathod - Cyber Octet Private LimitedFalgun Rathod
 
Tsc2021 cyber-issues
Tsc2021 cyber-issuesTsc2021 cyber-issues
Tsc2021 cyber-issuesErnest Staats
 
Lessons learned from the Digital Trenches: the experiences of two archivists ...
Lessons learned from the Digital Trenches: the experiences of two archivists ...Lessons learned from the Digital Trenches: the experiences of two archivists ...
Lessons learned from the Digital Trenches: the experiences of two archivists ...samalanmeister
 
Msra 2011 windows7 forensics-troyla
Msra 2011 windows7 forensics-troylaMsra 2011 windows7 forensics-troyla
Msra 2011 windows7 forensics-troylaCTIN
 
File Shares: From Chaos to Calm
File Shares: From Chaos to CalmFile Shares: From Chaos to Calm
File Shares: From Chaos to CalmRecordLion
 
Bsides 2019 - Intelligent Threat Hunting
Bsides 2019 - Intelligent Threat HuntingBsides 2019 - Intelligent Threat Hunting
Bsides 2019 - Intelligent Threat HuntingDhruv Majumdar
 
The New OWASP Top Ten: Let's Cut to the Chase
The New OWASP Top Ten: Let's Cut to the ChaseThe New OWASP Top Ten: Let's Cut to the Chase
The New OWASP Top Ten: Let's Cut to the ChaseSecurity Innovation
 
Malware Static Analysis
Malware Static AnalysisMalware Static Analysis
Malware Static AnalysisHossein Yavari
 
Deep Learning based Threat / Intrusion detection system
Deep Learning based Threat / Intrusion detection systemDeep Learning based Threat / Intrusion detection system
Deep Learning based Threat / Intrusion detection systemAffine Analytics
 
The Hacking Game - Think Like a Hacker Meetup 12072023.pptx
The Hacking Game - Think Like a Hacker Meetup 12072023.pptxThe Hacking Game - Think Like a Hacker Meetup 12072023.pptx
The Hacking Game - Think Like a Hacker Meetup 12072023.pptxlior mazor
 
Executive Summary_2016
Executive Summary_2016Executive Summary_2016
Executive Summary_2016Annie Cute
 
Pentesting Tips: Beyond Automated Testing
Pentesting Tips: Beyond Automated TestingPentesting Tips: Beyond Automated Testing
Pentesting Tips: Beyond Automated TestingAndrew McNicol
 

Ähnlich wie Threat Intelligence Field of Dreams (20)

All your logs are belong to you!
All your logs are belong to you!All your logs are belong to you!
All your logs are belong to you!
 
All Your Security Events Are Belong to ... You!
All Your Security Events Are Belong to ... You!All Your Security Events Are Belong to ... You!
All Your Security Events Are Belong to ... You!
 
Cyber threat-hunting---part-2-25062021-095909pm
Cyber threat-hunting---part-2-25062021-095909pmCyber threat-hunting---part-2-25062021-095909pm
Cyber threat-hunting---part-2-25062021-095909pm
 
Computer Forensics – What Every Lawyer Needs to Know
Computer Forensics – What Every Lawyer Needs to KnowComputer Forensics – What Every Lawyer Needs to Know
Computer Forensics – What Every Lawyer Needs to Know
 
Operational Security Intelligence
Operational Security IntelligenceOperational Security Intelligence
Operational Security Intelligence
 
Information security - what is going on 2016
Information security - what is going on 2016Information security - what is going on 2016
Information security - what is going on 2016
 
Advanced Research Investigations for SIU Investigators
Advanced Research Investigations for SIU InvestigatorsAdvanced Research Investigations for SIU Investigators
Advanced Research Investigations for SIU Investigators
 
Threat Hunting by Falgun Rathod - Cyber Octet Private Limited
Threat Hunting by Falgun Rathod - Cyber Octet Private LimitedThreat Hunting by Falgun Rathod - Cyber Octet Private Limited
Threat Hunting by Falgun Rathod - Cyber Octet Private Limited
 
Tsc2021 cyber-issues
Tsc2021 cyber-issuesTsc2021 cyber-issues
Tsc2021 cyber-issues
 
Lessons learned from the Digital Trenches: the experiences of two archivists ...
Lessons learned from the Digital Trenches: the experiences of two archivists ...Lessons learned from the Digital Trenches: the experiences of two archivists ...
Lessons learned from the Digital Trenches: the experiences of two archivists ...
 
Msra 2011 windows7 forensics-troyla
Msra 2011 windows7 forensics-troylaMsra 2011 windows7 forensics-troyla
Msra 2011 windows7 forensics-troyla
 
Malware forensics
Malware forensicsMalware forensics
Malware forensics
 
File Shares: From Chaos to Calm
File Shares: From Chaos to CalmFile Shares: From Chaos to Calm
File Shares: From Chaos to Calm
 
Bsides 2019 - Intelligent Threat Hunting
Bsides 2019 - Intelligent Threat HuntingBsides 2019 - Intelligent Threat Hunting
Bsides 2019 - Intelligent Threat Hunting
 
The New OWASP Top Ten: Let's Cut to the Chase
The New OWASP Top Ten: Let's Cut to the ChaseThe New OWASP Top Ten: Let's Cut to the Chase
The New OWASP Top Ten: Let's Cut to the Chase
 
Malware Static Analysis
Malware Static AnalysisMalware Static Analysis
Malware Static Analysis
 
Deep Learning based Threat / Intrusion detection system
Deep Learning based Threat / Intrusion detection systemDeep Learning based Threat / Intrusion detection system
Deep Learning based Threat / Intrusion detection system
 
The Hacking Game - Think Like a Hacker Meetup 12072023.pptx
The Hacking Game - Think Like a Hacker Meetup 12072023.pptxThe Hacking Game - Think Like a Hacker Meetup 12072023.pptx
The Hacking Game - Think Like a Hacker Meetup 12072023.pptx
 
Executive Summary_2016
Executive Summary_2016Executive Summary_2016
Executive Summary_2016
 
Pentesting Tips: Beyond Automated Testing
Pentesting Tips: Beyond Automated TestingPentesting Tips: Beyond Automated Testing
Pentesting Tips: Beyond Automated Testing
 

Mehr von Greg Foss

Cloud Crime Ops
Cloud Crime OpsCloud Crime Ops
Cloud Crime OpsGreg Foss
 
Future of Destructive Malware
Future of Destructive MalwareFuture of Destructive Malware
Future of Destructive MalwareGreg Foss
 
Crypto Hacks - Quit your Job and Become a Crypto Farmer
Crypto Hacks - Quit your Job and Become a Crypto FarmerCrypto Hacks - Quit your Job and Become a Crypto Farmer
Crypto Hacks - Quit your Job and Become a Crypto FarmerGreg Foss
 
PIE - BSides Vancouver 2018
PIE - BSides Vancouver 2018PIE - BSides Vancouver 2018
PIE - BSides Vancouver 2018Greg Foss
 
Security Automation and Orchestration
Security Automation and OrchestrationSecurity Automation and Orchestration
Security Automation and OrchestrationGreg Foss
 
SecureSet WarGames - Logging and Packet Capture Training
SecureSet WarGames - Logging and Packet Capture TrainingSecureSet WarGames - Logging and Packet Capture Training
SecureSet WarGames - Logging and Packet Capture TrainingGreg Foss
 
DerbyCon 5 - Tactical Diversion-Driven Defense
DerbyCon 5 - Tactical Diversion-Driven DefenseDerbyCon 5 - Tactical Diversion-Driven Defense
DerbyCon 5 - Tactical Diversion-Driven DefenseGreg Foss
 
Honeypots for Active Defense
Honeypots for Active DefenseHoneypots for Active Defense
Honeypots for Active DefenseGreg Foss
 
Wi-Fi Hotspot Attacks
Wi-Fi Hotspot AttacksWi-Fi Hotspot Attacks
Wi-Fi Hotspot AttacksGreg Foss
 
Attacking Drupal
Attacking DrupalAttacking Drupal
Attacking DrupalGreg Foss
 

Mehr von Greg Foss (10)

Cloud Crime Ops
Cloud Crime OpsCloud Crime Ops
Cloud Crime Ops
 
Future of Destructive Malware
Future of Destructive MalwareFuture of Destructive Malware
Future of Destructive Malware
 
Crypto Hacks - Quit your Job and Become a Crypto Farmer
Crypto Hacks - Quit your Job and Become a Crypto FarmerCrypto Hacks - Quit your Job and Become a Crypto Farmer
Crypto Hacks - Quit your Job and Become a Crypto Farmer
 
PIE - BSides Vancouver 2018
PIE - BSides Vancouver 2018PIE - BSides Vancouver 2018
PIE - BSides Vancouver 2018
 
Security Automation and Orchestration
Security Automation and OrchestrationSecurity Automation and Orchestration
Security Automation and Orchestration
 
SecureSet WarGames - Logging and Packet Capture Training
SecureSet WarGames - Logging and Packet Capture TrainingSecureSet WarGames - Logging and Packet Capture Training
SecureSet WarGames - Logging and Packet Capture Training
 
DerbyCon 5 - Tactical Diversion-Driven Defense
DerbyCon 5 - Tactical Diversion-Driven DefenseDerbyCon 5 - Tactical Diversion-Driven Defense
DerbyCon 5 - Tactical Diversion-Driven Defense
 
Honeypots for Active Defense
Honeypots for Active DefenseHoneypots for Active Defense
Honeypots for Active Defense
 
Wi-Fi Hotspot Attacks
Wi-Fi Hotspot AttacksWi-Fi Hotspot Attacks
Wi-Fi Hotspot Attacks
 
Attacking Drupal
Attacking DrupalAttacking Drupal
Attacking Drupal
 

Kürzlich hochgeladen

The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 

Kürzlich hochgeladen (20)

The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 

Threat Intelligence Field of Dreams