Incident response : the good the bad and the ugly or how to keep your face after a security breach

•Als PPTX, PDF herunterladen•

1 gefällt mir•617 views

Security breaches occur every day and we have to get used to it. But our Customers will be not- happy if their data are published. Now the question is how do we handle such a breach, which data should we offer to the public. How do we create a incident response plan and how to work with our forensic partner. Which data should you give to the Police and what should we be quiet about. All these and more will be discussed on real life examples.

Technologie

Agenda Preface Who am I What is a Incidet How do we prepare The Policy The Incident response plan Creating a Computer Security Incident Response Team External Forensic Partner

Agenda Incident Response and Forensic techniques Ressponsible disclosure Now how does this look like in real life? The Good

Agenda The Bad The Ugly So ...WTF, may i rant a bit please? So x.509 is death, huh? The desasters from 20/11 Sony and no end The comming out of the RSA Breach Commodo Diginotar , StarSSL…

Agenda Preface Why bother? The fisrst Virus was progammed1986 and we did not learn anything! You are a CIO/CSO? YOU FAILED! over 80% of all incidents are techniques older than 20 YEARS ! APT, yeah right. Are you any better?

Agenda Who am I CIO Computer nerd since the mid 70‘s A Hacker Spearhead and founder of BerlinSides A nobody

Agenda What is a Incidet in the InfoSec @indi303‘s maintenance window. A attack against your Network (or Bogk in your Network) A SE attempt A lost USB Stick A Mcafee update

Agenda How do we prepare The Policy What is a incident Who to report to What to report Wich mesurements to take The Incident response plan Helpdesk Intrusion detection monitoring personnel A system administrator A firewall administrator A business partner A manager The security department or a security person. An outside source.

Agenda Creating a Computer Security Incident Response Team Step 1: Obtain management support and buy-in Step 2: Determine the CSIRT strategic plan Step 3: Gather relevant information Step 4: Design the CSIRT vision Step 5: Communicate the CSIRT vision and operational plan Step 6: Begin CSIRT implementation Step 7: Announce the operational CSIRT Step 8: Evaluate CSIRT effectiveness Incident Response and Forensic techniques WTF is WFT (WINDOWS FORENSIC TOOLCHEST™) FRED (First Responder's Evidence Disk)

Agenda Ressponsible disclosure To the Police To our staff To our business Partners To the Public

Agenda Now how does this look like in real life? You‘re most likly into infosec, look for yourself How many of you know your companies Incident response plan? From those who had their hands up, are you sure all emploees know the IR Policy? Why is that so?

Agenda The Good Apache https://blogs.apache.org/infra/entry/apache_org_downtime_report https://blogs.apache.org/infra/entry/apache_org_04_09_2010 PHPFog http://blog.phpfog.com/2011/03/22/how-we-got-owned-by-a-few-teenagers-and-why-it-will-never-happen-again/ Comodo http://blogs.comodo.com/it-security/data-security/the-recent-ra-compromise/ (March 23) https://www.comodo.com/Comodo-Fraud-Incident-2011-03-23.html

Agenda The Bad Kernel.Org Can‘t find a statement on their webside on the first page in Google search Sony Very late under pressure did some kind of incident response, info from the Company was horrible Diginotar Diginotar, got into incident response, took ‘em 2 months to report

Agenda The Ugly RSA Kept the secret over a long time Apple Very late patching things, and if mostly never the Opensource parts of the OS HP OMG

Agenda So ...WTF, may i rant a bit please? So x.509 is death, huh? The desasters from 20/11 Sony and no end The comming out of the RSA Breach Comodo Diginotar , StarSSL…

Agenda How can we change this? As customer As a professional All the Anonymous, Lulzsec J3st3r and others Are we really prepared? What‘s about the daily skiddie? Predictions, who will fall next? Thanx for listening

Weitere ähnliche Inhalte

Was ist angesagt?

So You Think You Can Hack | sitNL 2016

Twan van den Broek

cher nsa

SalahKhaldi

How to scale mobile application security testing

NowSecure

Participate in SIPit

Olle E Johansson

Shifting left: Continuous testing for better app quality and security

NowSecure

Mobile Penetration Testing: Episode 1 - The Forensic Menace

NowSecure

The Next Generation Security

Cybera Inc.

Introduction to Personal Privacy and Security

Robert Hurlbut

Via forensics thotcon-2013-mobile-security-with-santoku-linux

viaForensics

Cybersecurity Fundamentals for Bar Associations

NowSecure

The Security Kung Fu Series was created as both a thought leadership and awareness campaign which ran from Q1 – Q2 2017. It was meant to educate attendees on the internal and external threats businesses face, and the compliance challenges many must endure. It also served to highlight the need for an array of software solutions from the SolarWinds Core IT Security Portfolio which can assist with these concerns. A primary focus of the event was SolarWinds® Log & Event Manager which can contribute to greater IT security and assist businesses in meeting and maintaining compliance with a variety of compliance regimes. Part 2: Firewall Logs Part 2 of the series shifted our attention to the periphery of a network to focus on how firewalls serve as a first line of defense against security threats. In addition to discussing the patterns of attack which have been demonstrated countless times by hackers, we showed how firewall log data can give notice of attempts at infiltrating a network, exfiltrating data, and more. Beyond that, we discussed how Network Change and Configuration Management solutions can too contribute to deeper IT security by helping to alert to config. changes on firewalls - and other network devices - in addition to a host of other capabilities which can help with this cause. Other Security Kung Fu Events: Part 1: SIEM Solutions | http://bit.ly/2qkwVWh Part 3: Active Directory Changes | http://bit.ly/2s5kFFc Part 4: Security vs. Compliance | http://bit.ly/2qXuc3I If you are interested in learning about the impact of this campaign, please visit my LinkedIn Profile for more details or feel free to reach out to me directly over LinkedIn. Acknowledgements I’d like to thank the following individuals for assisting me in the execution of this campaign: Justina Lister, Angeline Kelly, Jamie Hynds, Ian Trump, Destiny Bertucci, Curtis Ingram, Chris Wiley, Ren Penaflor, Allie Eby, Ann Guidry, Rainy Schermerhorn, Kirsten Tanges, Damon Garcia

Security Kung Fu: Firewall Logs

Joshua Berman

Win the Cyber War! with Precognitive Heuristics technology

Ange Albertini

Threat Hunting with Cyber Kill Chain

Suwitcha Musijaral CISSP,CISA,GWAPT,SNORTCP

Mobile analysis-kung-fu-santoku-style-viaforensics-rsa-conference-2014

viaForensics

Shall we fear privacy/security on Internet ?

DarkZydor

In this, the second, episode of our mobile penetration testing trilogy, NowSecure Solutions Engineer Michael Krueger takes you beyond the device. Michael will explain how to perform network and web services/API testing to capture data exposed in transit between apps and backend services -- some of the highest risk security flaws around. This high intensity 30-minute crash course covers: + Man-in-the-middle (MITM) attacks + Taking advantage of improper certificate validation + Demonstration of a privilege escalation exploit of a web back-end vulnerability Watch it here: https://youtu.be/bT1-7ZkSdNY

Mobile Penetration Testing: Episode II - Attack of the Code

NowSecure

Mobile App Crashworthiness - Securing Vehicle-to-Device (V2D) Interfaces and ...

NowSecure

Presented on January 17, 2019 at Raleigh/Durham/RTP - Cloud Security Alliance Chapter (https://www.meetup.com/Raleigh-Durham-RTP-Cloud-Security-Alliance-Chapter/). Over the last several years there has been a steady and increasing march towards shifting applications to the cloud. To keep pace with this cloud adoption, in some cases multi-cloud adoption, security teams need consistent real-time threat visibility over their web applications production. In this talk, we'll discuss some of the foundational concepts that comprise a practical approach to threat visibility and securing applications in the cloud. In addition, extending visibility to breaches in progress, deception can be a valuable layer in your defense in depth strategy. We'll discuss the concept of deception and how it can be deployed in the cloud. Overall, the audience will gain a greater insight into application security and deception for the cloud. As we head into 2019, we need to prepare for a year that will prove these concepts are critical for defending deployments in the cloud.

CSA Raleigh application security and deception in the cloud

Phillip Maddux

IoT_Policy

Brandon Walston

This presentation was created for the SWIFT Tech Symposium at Calpoly Pomona. Learn the basics of OSINT, but for hunting Internet infrastructure. -OSINT Basics: Let’ s talk about what it is, why it’s important, how it’s used in the world of Internet infrastructure. -Understanding Different Use Cases: We’ll take a quick look at examples of how this is valuable for threat hunters, security practitioners, as well as researchers. -Practice, practice, practice: I’ll end this talk by sharing out some good resources and ideas for how you can sharpen your OSINT skills for security research or for better organization defense.

OSINT Basics for Threat Hunters and Practitioners

Megan DeBlois

Was ist angesagt? (20)

So You Think You Can Hack | sitNL 2016

cher nsa

How to scale mobile application security testing

Participate in SIPit

Shifting left: Continuous testing for better app quality and security

Mobile Penetration Testing: Episode 1 - The Forensic Menace

The Next Generation Security

Introduction to Personal Privacy and Security

Via forensics thotcon-2013-mobile-security-with-santoku-linux

Cybersecurity Fundamentals for Bar Associations

Security Kung Fu: Firewall Logs

Win the Cyber War! with Precognitive Heuristics technology

Threat Hunting with Cyber Kill Chain

Mobile analysis-kung-fu-santoku-style-viaforensics-rsa-conference-2014

Shall we fear privacy/security on Internet ?

Mobile Penetration Testing: Episode II - Attack of the Code

Mobile App Crashworthiness - Securing Vehicle-to-Device (V2D) Interfaces and ...

CSA Raleigh application security and deception in the cloud

IoT_Policy

OSINT Basics for Threat Hunters and Practitioners

Ähnlich wie Incident response : the good the bad and the ugly or how to keep your face after a security breach

This is going to be series of Events around Cybersecurity, If you are lucky enough try to witness it live on our GDSC chapter. Link of todays Event : https://gdsc.community.dev/events/details/developer-student-clubs-indian-institute-of-technology-varanasi-presents-introduction-to-cybersecurity-learn-to-hack-series/ Socials : Website: https://copsiitbhu.co.in LinkedIn : https://linkedin.com/company/cops-iitbhu Instagram : https://instagram/cops.iitbhu/ Facebook : https://facebook.com/cops.iitbhu/ GitHub : https://github.com/COPS-IITBHU

Introduction to Cybersecurity | IIT(BHU)CyberSec

YashSomalkar

Edith Turuka: Cyber-Security, An Eye Opener to the Society

Hamisi Kibonde

New challenges to secure the IoT (with notes)

Caston Thomas

Intro to INFOSEC

Sean Whalen

The #CyberAvengers' Paul Ferrillo (a/k/a Director Fury) and Shawn Tuma (a/k/a Hulk) presented at the Practical Cybersecurity Risk Management Strategies program of the New Jersey State Bar Association (NJSBA) Cybersecurity Institute on November 17, 2017. In this presentation, Fury and Hulk focused the core #CyberAvengers message of the real-life cybersecurity issues facing most companies -- the basics of good cyber hygiene -- and explained how artificial intelligence and machine learning will help companies do a better job at getting these right, along with how and why AI/ML play a critical role in the future of cybersecurity.

#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm

Shawn Tuma

Network security monitoring with open source tools

terriert

Opsec for security researchers

vicenteDiaz_KL

Monitoring can mean very different things to different people, and this often leads to confusion and misunderstandings. There are many offerings both free software and commercials, and it's not always clear where each fits in the bigger picture. This talk will look a bit at the history of monitoring, and then into the general categories of Metrics, Logs, Profiling and Distributed tracing and how each of these is important in Cloud-based environment. Video: https://www.youtube.com/watch?v=hCBGyLRJ1qo

What does "monitoring" mean? (FOSDEM 2017)

Brian Brazil

Netwatcher Credit Union Tech Talk

NetWatcher

So... you want to be a security consultant

abnmi

Are you ready for the next attack? Reviewing the SP Security Checklist

APNIC

Rethinking Security and how you can Act on Meaningful Change What the industry recommends to protect your network is NOT working! The industry is stuck in a dysfunctional ecosystem that encourages the cyber-criminal innovation at the cost to business and individual loss throughout the world. We do not need a “Manhattan Project” for the security of the Internet. What we need are tools to help operators throughout the world ask the right question that would lead them to meaningful action. Security empowerment must empower the grassroots and provide the tools to push back on the root cause. This talk will explore these issues, highlight the dysfunction in our “security” economy, and present “take home” tools that would facilitate immediate action.

Are you ready for the next attack? reviewing the sp security checklist (apnic...

Barry Greene

Co Speaker: Cheryl Biswas Talk Description: How about this: a blue team talk given by red teamers. But here’s our rationale - your best defence right now is a strategic offence. The rules of the game have changed and we need to get defence up to speed. We’ll show you what the key elements are in a good defence strategy; what you can and need to be using to full advantage. We’ll talk about the new “buzzwords” and how they apply: visibility; patterns; big data. There’s a whole lotta data to wrangle, and you aren’t seeing the whole picture if you aren’t doing things right. Threat intel is about getting the big picture as it applies to you. You’ll learn the importance of context and prioritization so that you can manipulate intel feeds to do your bidding. And then we’ll take things further and talk about hunting the adversary, using an update on proven methodologies. We’ll show you how to understand your data, correlate threats and pin point attacks. Attendees will leave with a new understanding of the resources they have on hand, and how to leverage those into an Adaptive Proactive Defense Strategy.

Blue team reboot - HackFest

Haydn Johnson

Cybersecurity is a Necessity, Not an Option, in the Face of Global Security T...

Dana Gardner

Ethical Hacking, Its relevance and Its Prospects

Rwik Kumar Dutta

Peerlyst Delhi NCR Chapter Meet

Abhinav Mishra

Learn How-To Build Your IoT Project

Dr. Mazlan Abbas

Merge PPT G3 and G4.pptx

Vrindapareek5

Agile Chennai 2022 - Shyam Sundar | Everything there is to know about Cyber s...

AgileNetwork

Splunk for ITOps

Splunk

Ähnlich wie Incident response : the good the bad and the ugly or how to keep your face after a security breach (20)

Introduction to Cybersecurity | IIT(BHU)CyberSec

Edith Turuka: Cyber-Security, An Eye Opener to the Society

New challenges to secure the IoT (with notes)

Intro to INFOSEC

#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm

Network security monitoring with open source tools

Opsec for security researchers

What does "monitoring" mean? (FOSDEM 2017)

Netwatcher Credit Union Tech Talk

So... you want to be a security consultant

Are you ready for the next attack? Reviewing the SP Security Checklist

Are you ready for the next attack? reviewing the sp security checklist (apnic...

Blue team reboot - HackFest

Cybersecurity is a Necessity, Not an Option, in the Face of Global Security T...

Ethical Hacking, Its relevance and Its Prospects

Peerlyst Delhi NCR Chapter Meet

Learn How-To Build Your IoT Project

Merge PPT G3 and G4.pptx

Agile Chennai 2022 - Shyam Sundar | Everything there is to know about Cyber s...

Splunk for ITOps

Kürzlich hochgeladen

💥 You’re lucky! We’ve found two different (lead) developers that are willing to share their valuable lessons learned about using UiPath Document Understanding! Based on recent implementations in appealing use cases at Partou and SPIE. Don’t expect fancy videos or slide decks, but real and practical experiences that will help you with your own implementations. 📕 Topics that will be addressed: • Training the ML-model by humans: do or don't? • Rule-based versus AI extractors • Tips for finding use cases • How to start 👨‍🏫👨‍💻 Speakers: o Dion Morskieft, RPA Product Owner @Partou o Jack Klein-Schiphorst, Automation Developer @Tacstone Technology

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam

UiPathCommunity

Architecting Cloud Native Applications

WSO2

Corporate and higher education. Two industries that, in the past, have had a clear divide with very little crossover. The difference in goals, learning styles and objectives paved the way for differing learning technologies platforms to evolve. Now, those stark lines are blurring as both sides are discovering they have content that’s relevant to the other. Join Tammy Rutherford as she walks through the pros and cons of corporate and higher ed collaborating. And the challenges of these different technology platforms working together for a brighter future.

Corporate and higher education May webinar.pptx

Rustici Software

Six Myths about Ontologies: The Basics of Formal Ontology

johnbeverley2021

Keynote 2: APIs in 2030: The Risk of Technological Sleepwalk Paolo Malinverno, Growth Advisor - The Business of Technology Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...

apidays

Artificial Intelligence Chap.5 : Uncertainty

Khushali Kathiriya

CNIC Information System with Pakdata Cf In Pakistan

danishmna97

Scaling API-first – The story of a global engineering organization Ian Reasor, Senior Computer Scientist - Adobe Radu Cotescu, Senior Computer Scientist - Adobe Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

apidays

AWS Community Day CPH - Three problems of Terraform

Andrey Devyatkin

Join our latest Connector Corner webinar to discover how UiPath Integration Service revolutionizes API-centric automation in a 'Quote to Cash' process—and how that automation empowers businesses to accelerate revenue generation. A comprehensive demo will explore connecting systems, GenAI, and people, through powerful pre-built connectors designed to speed process cycle times. Speakers: James Dickson, Senior Software Engineer Charlie Greenberg, Host, Product Marketing Manager

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...

DianaGray10

The value of a flexible API Management solution for Open Banking Steve Melan, Manager for IT Innovation and Architecture - State's and Saving's Bank of Luxembourg Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - The value of a flexible API Management solution for O...

apidays

FWD Group - Insurer Innovation Award 2024

The Digital Insurer

ICT role in 21st century education and its challenges

rafiqahmad00786416

Dubai, often portrayed as a shimmering oasis in the desert, faces its own set of challenges, including the occasional threat of flooding. Despite its reputation for opulence and modernity, the emirate is not immune to the forces of nature. In recent years, Dubai has experienced sporadic but significant floods, testing the resilience of its infrastructure and communities. Among the critical lifelines in this bustling metropolis is the Dubai International Airport, a bustling hub that connects the city to the world. This article explores the intersection of Dubai flood events and the resilience demonstrated by the Dubai International Airport in the face of such challenges.

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...

Orbitshub

Passkeys: Developing APIs to enable passwordless authentication Cody Salas, Sr Developer Advocate | Solutions Architect - Yubico Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...

apidays

💉💊+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHABI}}+971581248768 +971581248768 Mtp-Kit (500MG) Prices » Dubai [(+971581248768**)] Abortion Pills For Sale In Dubai, UAE, Mifepristone and Misoprostol Tablets Available In Dubai, UAE CONTACT DR.Maya Whatsapp +971581248768 We Have Abortion Pills / Cytotec Tablets /Mifegest Kit Available in Dubai, Sharjah, Abudhabi, Ajman, Alain, Fujairah, Ras Al Khaimah, Umm Al Quwain, UAE, Buy cytotec in Dubai +971581248768''''Abortion Pills near me DUBAI | ABU DHABI|UAE. Price of Misoprostol, Cytotec” +971581248768' Dr.DEEM ''BUY ABORTION PILLS MIFEGEST KIT, MISOPROTONE, CYTOTEC PILLS IN DUBAI, ABU DHABI,UAE'' Contact me now via What's App…… abortion Pills Cytotec also available Oman Qatar Doha Saudi Arabia Bahrain Above all, Cytotec Abortion Pills are Available In Dubai / UAE, you will be very happy to do abortion in Dubai we are providing cytotec 200mg abortion pill in Dubai, UAE. Medication abortion offers an alternative to Surgical Abortion for women in the early weeks of pregnancy. We only offer abortion pills from 1 week-6 Months. We then advise you to use surgery if its beyond 6 months. Our Abu Dhabi, Ajman, Al Ain, Dubai, Fujairah, Ras Al Khaimah (RAK), Sharjah, Umm Al Quwain (UAQ) United Arab Emirates Abortion Clinic provides the safest and most advanced techniques for providing non-surgical, medical and surgical abortion methods for early through late second trimester, including the Abortion By Pill Procedure (RU 486, Mifeprex, Mifepristone, early options French Abortion Pill), Tamoxifen, Methotrexate and Cytotec (Misoprostol). The Abu Dhabi, United Arab Emirates Abortion Clinic performs Same Day Abortion Procedure using medications that are taken on the first day of the office visit and will cause the abortion to occur generally within 4 to 6 hours (as early as 30 minutes) for patients who are 3 to 12 weeks pregnant. When Mifepristone and Misoprostol are used, 50% of patients complete in 4 to 6 hours; 75% to 80% in 12 hours; and 90% in 24 hours. We use a regimen that allows for completion without the need for surgery 99% of the time. All advanced second trimester and late term pregnancies at our Tampa clinic (17 to 24 weeks or greater) can be completed within 24 hours or less 99% of the time without the need surgery. The procedure is completed with minimal to no complications. Our Women's Health Center located in Abu Dhabi, United Arab Emirates, uses the latest medications for medical abortions (RU-486, Mifeprex, Mifegyne, Mifepristone, early options French abortion pill), Methotrexate and Cytotec (Misoprostol). The safety standards of our Abu Dhabi, United Arab Emirates Abortion Doctors remain unparalleled. They consistently maintain the lowest complication rates throughout the nation. Our Physicians and staff are always available to answer questions and care for women in one of the most difficult times in their lives. The decision to have an abortion at the Abortion Cl

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@

[BuildWithAI] Introduction to Gemini.pdf

Sandro Moreira

MINDCTI Revenue Release Quarter One 2024

MIND CTI

Accelerating FinTech Innovation: Unleashing API Economy and GenAI Vasa Krishnan, Chief Technology Officer - FinResults Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...

apidays

Dubai, known for its towering skyscrapers, luxurious lifestyle, and relentless pursuit of innovation, often finds itself in the global spotlight. However, amidst the glitz and glamour, the emirate faces its own set of challenges, including the occasional threat of flooding. In recent years, Dubai has experienced sporadic but significant floods, disrupting normalcy and posing unique challenges to its infrastructure. Among the critical nodes in this bustling metropolis is the Dubai International Airport, a vital hub connecting the world. This article delves into the intersection of Dubai flood events and the resilience demonstrated by the Dubai International Airport in the face of such challenges.

Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf

Orbitshub

Kürzlich hochgeladen (20)

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam

Architecting Cloud Native Applications

Corporate and higher education May webinar.pptx

Six Myths about Ontologies: The Basics of Formal Ontology

Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...

Artificial Intelligence Chap.5 : Uncertainty

CNIC Information System with Pakdata Cf In Pakistan

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

AWS Community Day CPH - Three problems of Terraform

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...

Apidays New York 2024 - The value of a flexible API Management solution for O...

FWD Group - Insurer Innovation Award 2024

ICT role in 21st century education and its challenges

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...

Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

[BuildWithAI] Introduction to Gemini.pdf

MINDCTI Revenue Release Quarter One 2024

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...

Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf

Incident response : the good the bad and the ugly or how to keep your face after a security breach

1. Agenda Preface Who am I What is a Incidet How do we prepare The Policy The Incident response plan Creating a Computer Security Incident Response Team External Forensic Partner

2. Agenda Incident Response and Forensic techniques Ressponsible disclosure Now how does this look like in real life? The Good

3. Agenda The Bad The Ugly So ...WTF, may i rant a bit please? So x.509 is death, huh? The desasters from 20/11 Sony and no end The comming out of the RSA Breach Commodo Diginotar , StarSSL…

4. Agenda Preface Why bother? The fisrst Virus was progammed1986 and we did not learn anything! You are a CIO/CSO? YOU FAILED! over 80% of all incidents are techniques older than 20 YEARS ! APT, yeah right. Are you any better?

5. Agenda Who am I CIO Computer nerd since the mid 70‘s A Hacker Spearhead and founder of BerlinSides A nobody

6. Agenda What is a Incidet in the InfoSec @indi303‘s maintenance window. A attack against your Network (or Bogk in your Network) A SE attempt A lost USB Stick A Mcafee update

7. Agenda How do we prepare The Policy What is a incident Who to report to What to report Wich mesurements to take The Incident response plan Helpdesk Intrusion detection monitoring personnel A system administrator A firewall administrator A business partner A manager The security department or a security person. An outside source.

8. Agenda Creating a Computer Security Incident Response Team Step 1: Obtain management support and buy-in Step 2: Determine the CSIRT strategic plan Step 3: Gather relevant information Step 4: Design the CSIRT vision Step 5: Communicate the CSIRT vision and operational plan Step 6: Begin CSIRT implementation Step 7: Announce the operational CSIRT Step 8: Evaluate CSIRT effectiveness Incident Response and Forensic techniques WTF is WFT (WINDOWS FORENSIC TOOLCHEST™) FRED (First Responder's Evidence Disk)

9. Agenda Ressponsible disclosure To the Police To our staff To our business Partners To the Public

10. Agenda Now how does this look like in real life? You‘re most likly into infosec, look for yourself How many of you know your companies Incident response plan? From those who had their hands up, are you sure all emploees know the IR Policy? Why is that so?

11. Agenda The Good Apache https://blogs.apache.org/infra/entry/apache_org_downtime_report https://blogs.apache.org/infra/entry/apache_org_04_09_2010 PHPFog http://blog.phpfog.com/2011/03/22/how-we-got-owned-by-a-few-teenagers-and-why-it-will-never-happen-again/ Comodo http://blogs.comodo.com/it-security/data-security/the-recent-ra-compromise/ (March 23) https://www.comodo.com/Comodo-Fraud-Incident-2011-03-23.html

12. Agenda The Bad Kernel.Org Can‘t find a statement on their webside on the first page in Google search Sony Very late under pressure did some kind of incident response, info from the Company was horrible Diginotar Diginotar, got into incident response, took ‘em 2 months to report

13. Agenda The Ugly RSA Kept the secret over a long time Apple Very late patching things, and if mostly never the Opensource parts of the OS HP OMG

14. Agenda So ...WTF, may i rant a bit please? So x.509 is death, huh? The desasters from 20/11 Sony and no end The comming out of the RSA Breach Comodo Diginotar , StarSSL…

15. Agenda How can we change this? As customer As a professional All the Anonymous, Lulzsec J3st3r and others Are we really prepared? What‘s about the daily skiddie? Predictions, who will fall next? Thanx for listening

Incident response : the good the bad and the ugly or how to keep your face after a security breach

Empfohlen

Empfohlen

Weitere ähnliche Inhalte

Was ist angesagt?

Was ist angesagt? (20)

Ähnlich wie Incident response : the good the bad and the ugly or how to keep your face after a security breach

Ähnlich wie Incident response : the good the bad and the ugly or how to keep your face after a security breach (20)

Kürzlich hochgeladen

Kürzlich hochgeladen (20)

Incident response : the good the bad and the ugly or how to keep your face after a security breach