SlideShare a Scribd company logo

20160713 2016 the honeynet projct annual workshop focus and global trends

Yi-Lang Tsai
Yi-Lang Tsai

Introduce honeynet annual workshop 2016.

Presentations & Public Speaking
1 of 26
Download to read offline
2016 Honeynet Project Annual Workshop Focus and Global Trends The Honeynet Project Taiwan Chapter Yi-Lang Tsai
Google Me. Yi-Lang Tsai The Honeynet Project Taiwan Chapter Leader 1st 5th 6th 3rd 4th 1st 1st Cloud Security Alliance Taiwan Chapter Founder and Director of Research http://blog.yilang.org Facebook: Yi-Lang Tsai 34 Information Security( ) Linux Guide NetAdmin 80 RHCE CCNA CCAI CEH CHFI ACIA ITIL Foundation ISO 27001 LAC ISO 20000 LAC BS10012 LAC CSA STAR Auditing
Outline The Honeynet Project Honeynet Project Tools Honeynet in Taiwan 2016 Annual Workshop update
The Honeynet Project introduction Non-profit (501c3) organization with Board of Directors. Funded by sponsors Global set of diverse skills and experiences. Open Source, share all of our research and findings at no cost to the public. Deploy networks around the world to be hacked. Everything we capture is happening in the wild. We have nothing to sell.
Honeynet Project Mission A community of organizations actively researching, developing and deploying Honeynets and sharing the lessons learned. Awareness: 增進企業與組織對存在於現⾏網路上的威脅與弱點之了解,進⼀步思考 如何去減輕威脅的⽅法 Information: 除了提供基本的攻擊活動外,進⼀步提供更關鍵性的資料,如: 攻擊動 機,駭客間如何聯絡,駭客攻破主機後下⼀步的攻擊動作 Tools: Honeynet Project 致⼒於發展 Open Source Tools,藉由這些Tools,我們可以 更有效率的佈建誘捕系統了解網路環境攻擊威脅現況
The Honeynet Project Website http://www.honeynet.org/ 45 (Chapters)
Honeypot/Honeynet Technology What is a Honeynet ? Low-Interaction / High-interaction Honeypot It is an architecture, not a product or software Populate with live systems Once compromised, data is collected to learn the tools, tactics, and motives of the Blackhat community Value of Honeynet Research : Identify new tools and new tactics, Profiling Blackhats Early warning and prediction Incident Response / Forensics Self-defense
Honeypots A honeypot is an information system resource whose value lies in unauthorized or illicit use of that resource. Has no production value, anything going to or from a honeypot is likely a probe, attack or compromise. Primary value to most organizations is information.
Advantage and Risk Advantage Collect small data sets of high value. Reduce false positives Catch new attacks, false negatives Work in encrypted or IPv6 environments Simple concept requiring minimal resources Risk Limited field of view (microscope) Risk (mainly high-interaction honeypots)
Honeynets High-interaction honeypot designed to capture in-depth informa(on. Information has different value to different organizations. Its an architecture you populate with live systems, not a product or software. Any traffic entering or leaving is suspect.
2016 Annual Workshop Update San Antonio, TX, USA. May 9-11th, 2016 1 Day Briefing, 2 Days Hands-on Workshop and 2 Days Private Meeting About 120+ Attendee Join this year
Briefing Topic 17 Years of Community Leadership Lessons Learned (Lance Spitzner) Keynote: Control Systems Cyberattacks (Kevin Owens) ICS/SCADA Threats: What Matters and Where Honeypots Can Help (Robert Lee) Deep-Packet Inspection in Industrial Control Networks (Alvaro Cardenas) Behavioral Analysis of large amounts of Unknown Files (Lukas Rist) Shadowserver: Updates and highlights from recent activities (David Watson) Advancements in Computational Digital Forensics (Nicole Beebe) Creating Your Own Threat Intel Through Hunting and Visualization (Raffael Marty) Targeted attacks by Dubnium (Christian Seifert) Integrating Human Behavior into the Development of Future Cyber terrorism Scenarios(Max Kilger) Security and Deception in Industrial Control Systems (Lukas Rist)
Summary 17 Years of Community Leadership Lessons Learned Lance Spitzner / The Honeynet Project Founder Why join community projects meet people smarter then you a network of friends turns into a network of opportunities gain new, international perspectives make a difference and build your reputation Motivation we underestimate the power of recognition create a positive culture ensure people have a voice help build their reputation / exposure enable people to learn and grow from others
Summary Keynote: Control Systems Cyberattacks (Kevin Owens) Iranians Hacked From Wall Street to New York Dam, U.S. Says http://www.bloomberg.com/news/articles/2016-03-24/u-s- charges-iranian-hackers-in-wall-street-cyberattacks-im6b43tt New wave of cyberattacks against Ukrainian power industry http://www.welivesecurity.com/2016/01/20/new-wave- attacks-ukrainian-power-industry/ Updated BlackEnergy Trojan Grows More Powerful https://blogs.mcafee.com/mcafee-labs/updated- blackenergy-trojan-grows-more-powerful/
Summary ICS/SCADA Threats: What Matters and Where Honeypots Can Help (Robert Lee) ThreatStream https://www.anomali.com/ Mysterious ’08 Turkey Pipeline Blast Opened New Cyberwar http://www.bloomberg.com/news/articles/2014-12-10/mysterious-08-turkey- pipeline-blast-opened-new-cyberwar The growing cyberthreat from Iran: The initial report of Project Pistachio Harvest https://www.aei.org/publication/growing-cyberthreat-from-iran/ No, Israel's power grid wasn't hacked, but ransomware hit Israel's Electric Authority http://www.computerworld.com/article/3026609/security/no-israels-power-grid- wasnt-hacked-but-ransomware-hit-israels-electric-authority.html ICS-CERT https://ics-cert.us-cert.gov/
Summary Deep-Packet Inspection in Industrial Control Networks (Alvaro Cardenas) Key Questions where to deploy network monitors how deep to look DFA network protocol,communication patterns, command codes, enough? protocol specification correct but false info exact value of sensor and control commands(Can’t model with DFA)
Summary Behavioral Analysis of large amounts of Unknown Files (Lukas Rist) database cloud bridge sandbox cluster sample workflow multiple sample sources flow together chain of workers with increasing processing cost or time known/unknown, static analysis FRS, multi AV, emulated sandbox, iVM plug&analysis system, write your own worker result based routing rules cloud watch, TSD, probabilistic data structures
Summary Shadowserver: Updates and highlights from recent activities (David Watson) https://www.shadowserver.org/ The Shadowserver Foundation is continually seeking to provide timely and relevant information to the security community at large. We also seek to increase our level of research and investigation into the activity we discover.
Summary Creating Your Own Threat Intel Through Hunting and Visualization (Raffael Marty) a new architecture -the security data lake context, IOCs, any data —> Rules —> big data lake  —>Hunting  —> data sci Hunting creates internal threat intelligence Data science in security  simple approaches work dc(dest), dc(d_port) what is normal? use data science / data mining to prepare data. then visualize the output for the human analyst.
Honeypot Update Monitoring DDoS attacks with DDoSPot (Luka Milković) criterial: no dummy services rate limiting db storage, state restore and passable logs simple and note resource-intiensive statistics hp feeds
Smart XXX Risk in Future
Google Self-Driving Car on City Streets
ICT/SCADA High Risk
Conpot
Malware Knowledge Base in Taiwan owl.nchc.org.tw Malware Knowledge Base, hosted by the National Center for High-performance Computing, is a malware analysis platform that observes and records system behaviors conducted by analysis objects in a controlled environment with various types of dynamic analysis tools. The mission of Malware Knowledge Base is to strengthen malware research and promote security innovations in both academia and industry. By providing malware-related resources, Malware Knowledge Base can contribute to security research and make the Internet a safer place.
Next session… Honeypot Flash Live Show. Kean Song Tan (Malaysia Chapter) Ching Hsiung Hsu (Taiwan Chapter)

Recommended

Cisco 2016 Annual Security Report
Cisco 2016 Annual Security ReportCisco 2016 Annual Security Report
Cisco 2016 Annual Security ReportJames Gachie
 
Cisco Annual Security Report
Cisco Annual Security ReportCisco Annual Security Report
Cisco Annual Security ReportThe Internet of Things
 
Cisco Annual Security Report 2016
Cisco Annual Security Report 2016Cisco Annual Security Report 2016
Cisco Annual Security Report 2016The Internet of Things
 
Microsoft Cyber Defense Operation Center Strategy
Microsoft Cyber Defense Operation Center Strategy Microsoft Cyber Defense Operation Center Strategy
Microsoft Cyber Defense Operation Center Strategy Ioannis Aligizakis, M.Sc.
 
Websense security prediction 2014
Websense security prediction 2014Websense security prediction 2014
Websense security prediction 2014Bee_Ware
 
NTXISSACSC4 - The Art of Evading Anti-Virus
NTXISSACSC4 - The Art of Evading Anti-VirusNTXISSACSC4 - The Art of Evading Anti-Virus
NTXISSACSC4 - The Art of Evading Anti-VirusNorth Texas Chapter of the ISSA
 
NTXISSACSC4 - Ransomware: History Analysis & Mitigation
NTXISSACSC4 - Ransomware: History Analysis & MitigationNTXISSACSC4 - Ransomware: History Analysis & Mitigation
NTXISSACSC4 - Ransomware: History Analysis & MitigationNorth Texas Chapter of the ISSA
 
Open Source Insight: GDPR Best Practices, Struts RCE Vulns, SAST, DAST & Equ...
Open Source Insight: GDPR Best Practices, Struts RCE Vulns, SAST, DAST & Equ...Open Source Insight: GDPR Best Practices, Struts RCE Vulns, SAST, DAST & Equ...
Open Source Insight: GDPR Best Practices, Struts RCE Vulns, SAST, DAST & Equ...Black Duck by Synopsys
 

Recommended

Cisco 2016 Annual Security Report
Cisco 2016 Annual Security ReportCisco 2016 Annual Security Report
Cisco 2016 Annual Security ReportJames Gachie
 
Cisco Annual Security Report
Cisco Annual Security ReportCisco Annual Security Report
Cisco Annual Security ReportThe Internet of Things
 
Cisco Annual Security Report 2016
Cisco Annual Security Report 2016Cisco Annual Security Report 2016
Cisco Annual Security Report 2016The Internet of Things
 
Microsoft Cyber Defense Operation Center Strategy
Microsoft Cyber Defense Operation Center Strategy Microsoft Cyber Defense Operation Center Strategy
Microsoft Cyber Defense Operation Center Strategy Ioannis Aligizakis, M.Sc.
 
Websense security prediction 2014
Websense security prediction 2014Websense security prediction 2014
Websense security prediction 2014Bee_Ware
 
NTXISSACSC4 - The Art of Evading Anti-Virus
NTXISSACSC4 - The Art of Evading Anti-VirusNTXISSACSC4 - The Art of Evading Anti-Virus
NTXISSACSC4 - The Art of Evading Anti-VirusNorth Texas Chapter of the ISSA
 
NTXISSACSC4 - Ransomware: History Analysis & Mitigation
NTXISSACSC4 - Ransomware: History Analysis & MitigationNTXISSACSC4 - Ransomware: History Analysis & Mitigation
NTXISSACSC4 - Ransomware: History Analysis & MitigationNorth Texas Chapter of the ISSA
 
Open Source Insight: GDPR Best Practices, Struts RCE Vulns, SAST, DAST & Equ...
Open Source Insight: GDPR Best Practices, Struts RCE Vulns, SAST, DAST & Equ...Open Source Insight: GDPR Best Practices, Struts RCE Vulns, SAST, DAST & Equ...
Open Source Insight: GDPR Best Practices, Struts RCE Vulns, SAST, DAST & Equ...Black Duck by Synopsys
 
State of Internet 2H 2008
State of Internet 2H 2008State of Internet 2H 2008
State of Internet 2H 2008Kim Jensen
 
Open Source Insight: NotPetya Strikes, Patching Is Vital for Risk Management
Open Source Insight: NotPetya Strikes, Patching Is Vital for Risk ManagementOpen Source Insight: NotPetya Strikes, Patching Is Vital for Risk Management
Open Source Insight: NotPetya Strikes, Patching Is Vital for Risk ManagementBlack Duck by Synopsys
 
Risq mark bullen - juniper (11-16-16)
Risq mark bullen - juniper (11-16-16)Risq mark bullen - juniper (11-16-16)
Risq mark bullen - juniper (11-16-16)ColloqueRISQ
 
NTXISSACSC4 - Red, Amber, Green Status: The Human Dashboard
NTXISSACSC4 - Red, Amber, Green Status: The Human DashboardNTXISSACSC4 - Red, Amber, Green Status: The Human Dashboard
NTXISSACSC4 - Red, Amber, Green Status: The Human DashboardNorth Texas Chapter of the ISSA
 
[CB19] Cyber Threat Landscape in Japan – Revealing Threat in the Shadow by C...
[CB19] Cyber Threat Landscape in Japan – Revealing Threat in the Shadow by C...[CB19] Cyber Threat Landscape in Japan – Revealing Threat in the Shadow by C...
[CB19] Cyber Threat Landscape in Japan – Revealing Threat in the Shadow by C...CODE BLUE
 
BSides IR in Heterogeneous Environment
BSides IR in Heterogeneous EnvironmentBSides IR in Heterogeneous Environment
BSides IR in Heterogeneous EnvironmentStefano Maccaglia
 
2018 Year in Review- ICS Threat Activity Groups
2018 Year in Review- ICS Threat Activity Groups2018 Year in Review- ICS Threat Activity Groups
2018 Year in Review- ICS Threat Activity GroupsDragos, Inc.
 
NTXISSACSC4 - Layered Security / Defense in Depth
NTXISSACSC4 - Layered Security / Defense in DepthNTXISSACSC4 - Layered Security / Defense in Depth
NTXISSACSC4 - Layered Security / Defense in DepthNorth Texas Chapter of the ISSA
 
NTXISSACSC4 - Array Networks - A Layered Approach to Web and Application Secu...
NTXISSACSC4 - Array Networks - A Layered Approach to Web and Application Secu...NTXISSACSC4 - Array Networks - A Layered Approach to Web and Application Secu...
NTXISSACSC4 - Array Networks - A Layered Approach to Web and Application Secu...North Texas Chapter of the ISSA
 
Stop Watering Holes, Spear-Phishing and Drive-by Downloads
Stop Watering Holes, Spear-Phishing and Drive-by DownloadsStop Watering Holes, Spear-Phishing and Drive-by Downloads
Stop Watering Holes, Spear-Phishing and Drive-by DownloadsInvincea, Inc.
 
Mitigating Web 2.0 Threats
Mitigating Web 2.0 ThreatsMitigating Web 2.0 Threats
Mitigating Web 2.0 ThreatsKim Jensen
 
[CONFidence 2016] Gaweł Mikołajczyk - Making sense out of the Security Operat...
[CONFidence 2016] Gaweł Mikołajczyk - Making sense out of the Security Operat...[CONFidence 2016] Gaweł Mikołajczyk - Making sense out of the Security Operat...
[CONFidence 2016] Gaweł Mikołajczyk - Making sense out of the Security Operat...PROIDEA
 
NTXISSACSC4 - Introducing the Vulnerability Management Maturity Model - VM3
NTXISSACSC4 - Introducing the Vulnerability Management Maturity Model - VM3NTXISSACSC4 - Introducing the Vulnerability Management Maturity Model - VM3
NTXISSACSC4 - Introducing the Vulnerability Management Maturity Model - VM3North Texas Chapter of the ISSA
 
Web Attack Survival Guide
Web Attack Survival GuideWeb Attack Survival Guide
Web Attack Survival Guide- Mark - Fullbright
 
Craig wilson
Craig wilsonCraig wilson
Craig wilsonIPPAI
 
2016 Trends in Security
2016 Trends in Security 2016 Trends in Security
2016 Trends in Security Ioannis Aligizakis, M.Sc.
 
The Threat Landscape in the Era of Directed Attacks - Webinar
The Threat Landscape in the Era of Directed Attacks - Webinar The Threat Landscape in the Era of Directed Attacks - Webinar
The Threat Landscape in the Era of Directed Attacks - Webinar Kaspersky
 
Intelligence-Driven Industrial Security with Case Studies in ICS Attacks
Intelligence-Driven Industrial Security with Case Studies in ICS Attacks Intelligence-Driven Industrial Security with Case Studies in ICS Attacks
Intelligence-Driven Industrial Security with Case Studies in ICS Attacks Dragos, Inc.
 
Microsoft Security Intelligence Report vol. 21
Microsoft Security Intelligence Report vol. 21Microsoft Security Intelligence Report vol. 21
Microsoft Security Intelligence Report vol. 21Ioannis Aligizakis, M.Sc.
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITYVaishak Chandran
 
Derbycon Bromium Labs: Sandboxes
Derbycon Bromium Labs: SandboxesDerbycon Bromium Labs: Sandboxes
Derbycon Bromium Labs: SandboxesBromium Labs
 
Container con toronto
Container con torontoContainer con toronto
Container con torontoDan Lambright
 

More Related Content

What's hot

State of Internet 2H 2008
State of Internet 2H 2008State of Internet 2H 2008
State of Internet 2H 2008Kim Jensen
 
Open Source Insight: NotPetya Strikes, Patching Is Vital for Risk Management
Open Source Insight: NotPetya Strikes, Patching Is Vital for Risk ManagementOpen Source Insight: NotPetya Strikes, Patching Is Vital for Risk Management
Open Source Insight: NotPetya Strikes, Patching Is Vital for Risk ManagementBlack Duck by Synopsys
 
Risq mark bullen - juniper (11-16-16)
Risq mark bullen - juniper (11-16-16)Risq mark bullen - juniper (11-16-16)
Risq mark bullen - juniper (11-16-16)ColloqueRISQ
 
NTXISSACSC4 - Red, Amber, Green Status: The Human Dashboard
NTXISSACSC4 - Red, Amber, Green Status: The Human DashboardNTXISSACSC4 - Red, Amber, Green Status: The Human Dashboard
NTXISSACSC4 - Red, Amber, Green Status: The Human DashboardNorth Texas Chapter of the ISSA
 
[CB19] Cyber Threat Landscape in Japan – Revealing Threat in the Shadow by C...
[CB19] Cyber Threat Landscape in Japan – Revealing Threat in the Shadow by C...[CB19] Cyber Threat Landscape in Japan – Revealing Threat in the Shadow by C...
[CB19] Cyber Threat Landscape in Japan – Revealing Threat in the Shadow by C...CODE BLUE
 
BSides IR in Heterogeneous Environment
BSides IR in Heterogeneous EnvironmentBSides IR in Heterogeneous Environment
BSides IR in Heterogeneous EnvironmentStefano Maccaglia
 
2018 Year in Review- ICS Threat Activity Groups
2018 Year in Review- ICS Threat Activity Groups2018 Year in Review- ICS Threat Activity Groups
2018 Year in Review- ICS Threat Activity GroupsDragos, Inc.
 
NTXISSACSC4 - Array Networks - A Layered Approach to Web and Application Secu...
NTXISSACSC4 - Array Networks - A Layered Approach to Web and Application Secu...NTXISSACSC4 - Array Networks - A Layered Approach to Web and Application Secu...
NTXISSACSC4 - Array Networks - A Layered Approach to Web and Application Secu...North Texas Chapter of the ISSA
 
Stop Watering Holes, Spear-Phishing and Drive-by Downloads
Stop Watering Holes, Spear-Phishing and Drive-by DownloadsStop Watering Holes, Spear-Phishing and Drive-by Downloads
Stop Watering Holes, Spear-Phishing and Drive-by DownloadsInvincea, Inc.
 
Mitigating Web 2.0 Threats
Mitigating Web 2.0 ThreatsMitigating Web 2.0 Threats
Mitigating Web 2.0 ThreatsKim Jensen
 
[CONFidence 2016] Gaweł Mikołajczyk - Making sense out of the Security Operat...
[CONFidence 2016] Gaweł Mikołajczyk - Making sense out of the Security Operat...[CONFidence 2016] Gaweł Mikołajczyk - Making sense out of the Security Operat...
[CONFidence 2016] Gaweł Mikołajczyk - Making sense out of the Security Operat...PROIDEA
 
NTXISSACSC4 - Introducing the Vulnerability Management Maturity Model - VM3
NTXISSACSC4 - Introducing the Vulnerability Management Maturity Model - VM3NTXISSACSC4 - Introducing the Vulnerability Management Maturity Model - VM3
NTXISSACSC4 - Introducing the Vulnerability Management Maturity Model - VM3North Texas Chapter of the ISSA
 
Craig wilson
Craig wilsonCraig wilson
Craig wilsonIPPAI
 
The Threat Landscape in the Era of Directed Attacks - Webinar
The Threat Landscape in the Era of Directed Attacks - Webinar The Threat Landscape in the Era of Directed Attacks - Webinar
The Threat Landscape in the Era of Directed Attacks - Webinar Kaspersky
 
Intelligence-Driven Industrial Security with Case Studies in ICS Attacks
Intelligence-Driven Industrial Security with Case Studies in ICS Attacks Intelligence-Driven Industrial Security with Case Studies in ICS Attacks
Intelligence-Driven Industrial Security with Case Studies in ICS Attacks Dragos, Inc.
 
Microsoft Security Intelligence Report vol. 21
Microsoft Security Intelligence Report vol. 21Microsoft Security Intelligence Report vol. 21
Microsoft Security Intelligence Report vol. 21Ioannis Aligizakis, M.Sc.
 

What's hot (19)

State of Internet 2H 2008
State of Internet 2H 2008State of Internet 2H 2008
State of Internet 2H 2008
 
Open Source Insight: NotPetya Strikes, Patching Is Vital for Risk Management
Open Source Insight: NotPetya Strikes, Patching Is Vital for Risk ManagementOpen Source Insight: NotPetya Strikes, Patching Is Vital for Risk Management
Open Source Insight: NotPetya Strikes, Patching Is Vital for Risk Management
 
Risq mark bullen - juniper (11-16-16)
Risq mark bullen - juniper (11-16-16)Risq mark bullen - juniper (11-16-16)
Risq mark bullen - juniper (11-16-16)
 
NTXISSACSC4 - Red, Amber, Green Status: The Human Dashboard
NTXISSACSC4 - Red, Amber, Green Status: The Human DashboardNTXISSACSC4 - Red, Amber, Green Status: The Human Dashboard
NTXISSACSC4 - Red, Amber, Green Status: The Human Dashboard
 
[CB19] Cyber Threat Landscape in Japan – Revealing Threat in the Shadow by C...
[CB19] Cyber Threat Landscape in Japan – Revealing Threat in the Shadow by C...[CB19] Cyber Threat Landscape in Japan – Revealing Threat in the Shadow by C...
[CB19] Cyber Threat Landscape in Japan – Revealing Threat in the Shadow by C...
 
BSides IR in Heterogeneous Environment
BSides IR in Heterogeneous EnvironmentBSides IR in Heterogeneous Environment
BSides IR in Heterogeneous Environment
 
2018 Year in Review- ICS Threat Activity Groups
2018 Year in Review- ICS Threat Activity Groups2018 Year in Review- ICS Threat Activity Groups
2018 Year in Review- ICS Threat Activity Groups
 
NTXISSACSC4 - Layered Security / Defense in Depth
NTXISSACSC4 - Layered Security / Defense in DepthNTXISSACSC4 - Layered Security / Defense in Depth
NTXISSACSC4 - Layered Security / Defense in Depth
 
NTXISSACSC4 - Array Networks - A Layered Approach to Web and Application Secu...
NTXISSACSC4 - Array Networks - A Layered Approach to Web and Application Secu...NTXISSACSC4 - Array Networks - A Layered Approach to Web and Application Secu...
NTXISSACSC4 - Array Networks - A Layered Approach to Web and Application Secu...
 
Stop Watering Holes, Spear-Phishing and Drive-by Downloads
Stop Watering Holes, Spear-Phishing and Drive-by DownloadsStop Watering Holes, Spear-Phishing and Drive-by Downloads
Stop Watering Holes, Spear-Phishing and Drive-by Downloads
 
Mitigating Web 2.0 Threats
Mitigating Web 2.0 ThreatsMitigating Web 2.0 Threats
Mitigating Web 2.0 Threats
 
[CONFidence 2016] Gaweł Mikołajczyk - Making sense out of the Security Operat...
[CONFidence 2016] Gaweł Mikołajczyk - Making sense out of the Security Operat...[CONFidence 2016] Gaweł Mikołajczyk - Making sense out of the Security Operat...
[CONFidence 2016] Gaweł Mikołajczyk - Making sense out of the Security Operat...
 
NTXISSACSC4 - Introducing the Vulnerability Management Maturity Model - VM3
NTXISSACSC4 - Introducing the Vulnerability Management Maturity Model - VM3NTXISSACSC4 - Introducing the Vulnerability Management Maturity Model - VM3
NTXISSACSC4 - Introducing the Vulnerability Management Maturity Model - VM3
 
Web Attack Survival Guide
Web Attack Survival GuideWeb Attack Survival Guide
Web Attack Survival Guide
 
Craig wilson
Craig wilsonCraig wilson
Craig wilson
 
2016 Trends in Security
2016 Trends in Security 2016 Trends in Security
2016 Trends in Security
 
The Threat Landscape in the Era of Directed Attacks - Webinar
The Threat Landscape in the Era of Directed Attacks - Webinar The Threat Landscape in the Era of Directed Attacks - Webinar
The Threat Landscape in the Era of Directed Attacks - Webinar
 
Intelligence-Driven Industrial Security with Case Studies in ICS Attacks
Intelligence-Driven Industrial Security with Case Studies in ICS Attacks Intelligence-Driven Industrial Security with Case Studies in ICS Attacks
Intelligence-Driven Industrial Security with Case Studies in ICS Attacks
 
Microsoft Security Intelligence Report vol. 21
Microsoft Security Intelligence Report vol. 21Microsoft Security Intelligence Report vol. 21
Microsoft Security Intelligence Report vol. 21
 

Viewers also liked

Derbycon Bromium Labs: Sandboxes
Derbycon Bromium Labs: SandboxesDerbycon Bromium Labs: Sandboxes
Derbycon Bromium Labs: SandboxesBromium Labs
 
Container con toronto
Container con torontoContainer con toronto
Container con torontoDan Lambright
 
In Plain Sight: The Perfect Exfiltration
In Plain Sight: The Perfect ExfiltrationIn Plain Sight: The Perfect Exfiltration
In Plain Sight: The Perfect ExfiltrationItzik Kotler
 
Webinar: are casbs ready for primetime?
Webinar: are casbs ready for primetime?Webinar: are casbs ready for primetime?
Webinar: are casbs ready for primetime?Bitglass
 
CASBs: Real World Use Cases
CASBs: Real World Use CasesCASBs: Real World Use Cases
CASBs: Real World Use CasesBitglass
 
CASBs - A New Hope
CASBs - A New HopeCASBs - A New Hope
CASBs - A New HopeBitglass
 
8 questions to ask when evaluating a Cloud Access Security Broker
8 questions to ask when evaluating a Cloud Access Security Broker8 questions to ask when evaluating a Cloud Access Security Broker
8 questions to ask when evaluating a Cloud Access Security BrokerBitglass
 
If We Only Had the Time: How Security Teams Can Focus On What’s Important
If We Only Had the Time: How Security Teams Can Focus On What’s ImportantIf We Only Had the Time: How Security Teams Can Focus On What’s Important
If We Only Had the Time: How Security Teams Can Focus On What’s ImportantNathan Burke
 
The Deploy Master: From Basic to Zero Downtime, Blue/Green, A/B and Canary
The Deploy Master: From Basic to Zero Downtime, Blue/Green, A/B and CanaryThe Deploy Master: From Basic to Zero Downtime, Blue/Green, A/B and Canary
The Deploy Master: From Basic to Zero Downtime, Blue/Green, A/B and CanaryRed Hat Developers
 
How to Select a Security Visibility Solution
How to Select a Security Visibility SolutionHow to Select a Security Visibility Solution
How to Select a Security Visibility SolutionNETSCOUT
 
Enterprise Networks: No Tool Left Behind
Enterprise Networks: No Tool Left BehindEnterprise Networks: No Tool Left Behind
Enterprise Networks: No Tool Left BehindNETSCOUT
 
Honeycon2016-honeypot updates for public
Honeycon2016-honeypot updates for publicHoneycon2016-honeypot updates for public
Honeycon2016-honeypot updates for publicJulia Yu-Chin Cheng
 
Cloud-Enabled: The Future of Endpoint Security
Cloud-Enabled: The Future of Endpoint SecurityCloud-Enabled: The Future of Endpoint Security
Cloud-Enabled: The Future of Endpoint SecurityCrowdStrike
 
5 Best Powerpoint Templates Amazing Creative Presentation Themes
5 Best Powerpoint Templates Amazing Creative Presentation Themes5 Best Powerpoint Templates Amazing Creative Presentation Themes
5 Best Powerpoint Templates Amazing Creative Presentation ThemesYeasir Arafat
 
How to Replace Your Legacy Antivirus Solution with CrowdStrike
How to Replace Your Legacy Antivirus Solution with CrowdStrikeHow to Replace Your Legacy Antivirus Solution with CrowdStrike
How to Replace Your Legacy Antivirus Solution with CrowdStrikeCrowdStrike
 

Viewers also liked (20)

CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITY
 
Derbycon Bromium Labs: Sandboxes
Derbycon Bromium Labs: SandboxesDerbycon Bromium Labs: Sandboxes
Derbycon Bromium Labs: Sandboxes
 
Container con toronto
Container con torontoContainer con toronto
Container con toronto
 
revisedhoneypot429
revisedhoneypot429revisedhoneypot429
revisedhoneypot429
 
WXRCTVYV
WXRCTVYVWXRCTVYV
WXRCTVYV
 
In Plain Sight: The Perfect Exfiltration
In Plain Sight: The Perfect ExfiltrationIn Plain Sight: The Perfect Exfiltration
In Plain Sight: The Perfect Exfiltration
 
Webinar: are casbs ready for primetime?
Webinar: are casbs ready for primetime?Webinar: are casbs ready for primetime?
Webinar: are casbs ready for primetime?
 
CASBs: Real World Use Cases
CASBs: Real World Use CasesCASBs: Real World Use Cases
CASBs: Real World Use Cases
 
zero day exploits
zero day exploitszero day exploits
zero day exploits
 
CASBs - A New Hope
CASBs - A New HopeCASBs - A New Hope
CASBs - A New Hope
 
8 questions to ask when evaluating a Cloud Access Security Broker
8 questions to ask when evaluating a Cloud Access Security Broker8 questions to ask when evaluating a Cloud Access Security Broker
8 questions to ask when evaluating a Cloud Access Security Broker
 
If We Only Had the Time: How Security Teams Can Focus On What’s Important
If We Only Had the Time: How Security Teams Can Focus On What’s ImportantIf We Only Had the Time: How Security Teams Can Focus On What’s Important
If We Only Had the Time: How Security Teams Can Focus On What’s Important
 
Overview
OverviewOverview
Overview
 
The Deploy Master: From Basic to Zero Downtime, Blue/Green, A/B and Canary
The Deploy Master: From Basic to Zero Downtime, Blue/Green, A/B and CanaryThe Deploy Master: From Basic to Zero Downtime, Blue/Green, A/B and Canary
The Deploy Master: From Basic to Zero Downtime, Blue/Green, A/B and Canary
 
How to Select a Security Visibility Solution
How to Select a Security Visibility SolutionHow to Select a Security Visibility Solution
How to Select a Security Visibility Solution
 
Enterprise Networks: No Tool Left Behind
Enterprise Networks: No Tool Left BehindEnterprise Networks: No Tool Left Behind
Enterprise Networks: No Tool Left Behind
 
Honeycon2016-honeypot updates for public
Honeycon2016-honeypot updates for publicHoneycon2016-honeypot updates for public
Honeycon2016-honeypot updates for public
 
Cloud-Enabled: The Future of Endpoint Security
Cloud-Enabled: The Future of Endpoint SecurityCloud-Enabled: The Future of Endpoint Security
Cloud-Enabled: The Future of Endpoint Security
 
5 Best Powerpoint Templates Amazing Creative Presentation Themes
5 Best Powerpoint Templates Amazing Creative Presentation Themes5 Best Powerpoint Templates Amazing Creative Presentation Themes
5 Best Powerpoint Templates Amazing Creative Presentation Themes
 
How to Replace Your Legacy Antivirus Solution with CrowdStrike
How to Replace Your Legacy Antivirus Solution with CrowdStrikeHow to Replace Your Legacy Antivirus Solution with CrowdStrike
How to Replace Your Legacy Antivirus Solution with CrowdStrike
 

Similar to 20160713 2016 the honeynet projct annual workshop focus and global trends

Cisco 2014 Midyear Security Report
Cisco 2014 Midyear Security ReportCisco 2014 Midyear Security Report
Cisco 2014 Midyear Security ReportCisco Security
 
The Lazy Attacker: Defending Against Broad-based Cyber Attacks
The Lazy Attacker: Defending Against Broad-based Cyber AttacksThe Lazy Attacker: Defending Against Broad-based Cyber Attacks
The Lazy Attacker: Defending Against Broad-based Cyber AttacksAlienVault
 
The Top Ten Cybersecurity Threats of 2008
The Top Ten Cybersecurity Threats of 2008The Top Ten Cybersecurity Threats of 2008
The Top Ten Cybersecurity Threats of 2008Tim Bass
 
Trends in network security feinstein - informatica64
Trends in network security feinstein - informatica64Trends in network security feinstein - informatica64
Trends in network security feinstein - informatica64Chema Alonso
 
Cisco 2016 Security Report
Cisco 2016 Security Report Cisco 2016 Security Report
Cisco 2016 Security Report Steve Fantauzzo
 
IDS+Honeypots Making Security Simple
IDS+Honeypots Making Security SimpleIDS+Honeypots Making Security Simple
IDS+Honeypots Making Security SimpleGregory Hanis
 
Kaspersky North American Virus Analyst Summit
Kaspersky North American Virus Analyst SummitKaspersky North American Virus Analyst Summit
Kaspersky North American Virus Analyst SummitPR Americas
 
Why do women love chasing down bad guys?
Why do women love chasing down bad guys? Why do women love chasing down bad guys?
Why do women love chasing down bad guys? SITA
 
MSc Dissertation 11058374 Final
MSc Dissertation 11058374 FinalMSc Dissertation 11058374 Final
MSc Dissertation 11058374 FinalJohn Dunne
 
Threat Check for Struts Released, Equifax Breach Dominates News
Threat Check for Struts Released, Equifax Breach Dominates NewsThreat Check for Struts Released, Equifax Breach Dominates News
Threat Check for Struts Released, Equifax Breach Dominates NewsBlack Duck by Synopsys
 
Protect Yourself Against Today's Cybercriminals and Hackers
Protect Yourself Against Today's Cybercriminals and HackersProtect Yourself Against Today's Cybercriminals and Hackers
Protect Yourself Against Today's Cybercriminals and HackersKaseya
 
Web security – application security roads to software security nirvana iisf...
Web security – application security roads to software security nirvana iisf...Web security – application security roads to software security nirvana iisf...
Web security – application security roads to software security nirvana iisf...Eoin Keary
 
Looking Forward… and Beyond - Distinctiveness Through Security Excellence
Looking Forward… and Beyond - Distinctiveness Through Security ExcellenceLooking Forward… and Beyond - Distinctiveness Through Security Excellence
Looking Forward… and Beyond - Distinctiveness Through Security ExcellenceLudovic Petit
 
Secureview 2q 2011
Secureview 2q 2011Secureview 2q 2011
Secureview 2q 2011Felipe Prado
 
ASFWS 2013 - Critical Infrastructures in the Age of Cyber Insecurity par Andr...
ASFWS 2013 - Critical Infrastructures in the Age of Cyber Insecurity par Andr...ASFWS 2013 - Critical Infrastructures in the Age of Cyber Insecurity par Andr...
ASFWS 2013 - Critical Infrastructures in the Age of Cyber Insecurity par Andr...Cyber Security Alliance
 
Solnet dev secops meetup
Solnet dev secops meetupSolnet dev secops meetup
Solnet dev secops meetuppbink
 
Extending Network Visibility: Down to the Endpoint
Extending Network Visibility: Down to the EndpointExtending Network Visibility: Down to the Endpoint
Extending Network Visibility: Down to the EndpointLancope, Inc.
 
IT Vulnerability & Tools Watch 2011
IT Vulnerability & Tools Watch 2011IT Vulnerability & Tools Watch 2011
IT Vulnerability & Tools Watch 2011WASecurity
 

Similar to 20160713 2016 the honeynet projct annual workshop focus and global trends (20)

Cisco 2014 Midyear Security Report
Cisco 2014 Midyear Security ReportCisco 2014 Midyear Security Report
Cisco 2014 Midyear Security Report
 
The Lazy Attacker: Defending Against Broad-based Cyber Attacks
The Lazy Attacker: Defending Against Broad-based Cyber AttacksThe Lazy Attacker: Defending Against Broad-based Cyber Attacks
The Lazy Attacker: Defending Against Broad-based Cyber Attacks
 
The Top Ten Cybersecurity Threats of 2008
The Top Ten Cybersecurity Threats of 2008The Top Ten Cybersecurity Threats of 2008
The Top Ten Cybersecurity Threats of 2008
 
Trends in network security feinstein - informatica64
Trends in network security feinstein - informatica64Trends in network security feinstein - informatica64
Trends in network security feinstein - informatica64
 
Cisco 2016 Security Report
Cisco 2016 Security Report Cisco 2016 Security Report
Cisco 2016 Security Report
 
Cisco asr-2016-160121231711
Cisco asr-2016-160121231711Cisco asr-2016-160121231711
Cisco asr-2016-160121231711
 
IDS+Honeypots Making Security Simple
IDS+Honeypots Making Security SimpleIDS+Honeypots Making Security Simple
IDS+Honeypots Making Security Simple
 
Kaspersky North American Virus Analyst Summit
Kaspersky North American Virus Analyst SummitKaspersky North American Virus Analyst Summit
Kaspersky North American Virus Analyst Summit
 
Why do women love chasing down bad guys?
Why do women love chasing down bad guys? Why do women love chasing down bad guys?
Why do women love chasing down bad guys?
 
NetWitness
NetWitnessNetWitness
NetWitness
 
MSc Dissertation 11058374 Final
MSc Dissertation 11058374 FinalMSc Dissertation 11058374 Final
MSc Dissertation 11058374 Final
 
Threat Check for Struts Released, Equifax Breach Dominates News
Threat Check for Struts Released, Equifax Breach Dominates NewsThreat Check for Struts Released, Equifax Breach Dominates News
Threat Check for Struts Released, Equifax Breach Dominates News
 
Protect Yourself Against Today's Cybercriminals and Hackers
Protect Yourself Against Today's Cybercriminals and HackersProtect Yourself Against Today's Cybercriminals and Hackers
Protect Yourself Against Today's Cybercriminals and Hackers
 
Web security – application security roads to software security nirvana iisf...
Web security – application security roads to software security nirvana iisf...Web security – application security roads to software security nirvana iisf...
Web security – application security roads to software security nirvana iisf...
 
Looking Forward… and Beyond - Distinctiveness Through Security Excellence
Looking Forward… and Beyond - Distinctiveness Through Security ExcellenceLooking Forward… and Beyond - Distinctiveness Through Security Excellence
Looking Forward… and Beyond - Distinctiveness Through Security Excellence
 
Secureview 2q 2011
Secureview 2q 2011Secureview 2q 2011
Secureview 2q 2011
 
ASFWS 2013 - Critical Infrastructures in the Age of Cyber Insecurity par Andr...
ASFWS 2013 - Critical Infrastructures in the Age of Cyber Insecurity par Andr...ASFWS 2013 - Critical Infrastructures in the Age of Cyber Insecurity par Andr...
ASFWS 2013 - Critical Infrastructures in the Age of Cyber Insecurity par Andr...
 
Solnet dev secops meetup
Solnet dev secops meetupSolnet dev secops meetup
Solnet dev secops meetup
 
Extending Network Visibility: Down to the Endpoint
Extending Network Visibility: Down to the EndpointExtending Network Visibility: Down to the Endpoint
Extending Network Visibility: Down to the Endpoint
 
IT Vulnerability & Tools Watch 2011
IT Vulnerability & Tools Watch 2011IT Vulnerability & Tools Watch 2011
IT Vulnerability & Tools Watch 2011
 

Recently uploaded

Call Girls In Aerocity 🤳 Call Us +919599264170
Call Girls In Aerocity 🤳 Call Us +919599264170Call Girls In Aerocity 🤳 Call Us +919599264170
Call Girls In Aerocity 🤳 Call Us +919599264170Escort Service
 
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...Krijn Poppe
 
Gaps, Issues and Challenges in the Implementation of Mother Tongue Based-Mult...
Gaps, Issues and Challenges in the Implementation of Mother Tongue Based-Mult...Gaps, Issues and Challenges in the Implementation of Mother Tongue Based-Mult...
Gaps, Issues and Challenges in the Implementation of Mother Tongue Based-Mult...marjmae69
 
DGT @ CTAC 2024 Valencia: Most crucial invest to digitalisation_Sven Zoelle_v...
DGT @ CTAC 2024 Valencia: Most crucial invest to digitalisation_Sven Zoelle_v...DGT @ CTAC 2024 Valencia: Most crucial invest to digitalisation_Sven Zoelle_v...
DGT @ CTAC 2024 Valencia: Most crucial invest to digitalisation_Sven Zoelle_v...Henrik Hanke
 
SBFT Tool Competition 2024 -- Python Test Case Generation Track
SBFT Tool Competition 2024 -- Python Test Case Generation TrackSBFT Tool Competition 2024 -- Python Test Case Generation Track
SBFT Tool Competition 2024 -- Python Test Case Generation TrackSebastiano Panichella
 
PAG-UNLAD NG EKONOMIYA na dapat isaalang alang sa pag-aaral.
PAG-UNLAD NG EKONOMIYA na dapat isaalang alang sa pag-aaral.PAG-UNLAD NG EKONOMIYA na dapat isaalang alang sa pag-aaral.
PAG-UNLAD NG EKONOMIYA na dapat isaalang alang sa pag-aaral.KathleenAnnCordero2
 
The 3rd Intl. Workshop on NL-based Software Engineering
The 3rd Intl. Workshop on NL-based Software EngineeringThe 3rd Intl. Workshop on NL-based Software Engineering
The 3rd Intl. Workshop on NL-based Software EngineeringSebastiano Panichella
 
PHYSICS PROJECT BY MSC - NANOTECHNOLOGY
PHYSICS PROJECT BY MSC - NANOTECHNOLOGYPHYSICS PROJECT BY MSC - NANOTECHNOLOGY
PHYSICS PROJECT BY MSC - NANOTECHNOLOGYpruthirajnayak525
 
Early Modern Spain. All about this period
Early Modern Spain. All about this periodEarly Modern Spain. All about this period
Early Modern Spain. All about this periodSaraIsabelJimenez
 
RACHEL-ANN M. TENIBRO PRODUCT RESEARCH PRESENTATION
RACHEL-ANN M. TENIBRO PRODUCT RESEARCH PRESENTATIONRACHEL-ANN M. TENIBRO PRODUCT RESEARCH PRESENTATION
RACHEL-ANN M. TENIBRO PRODUCT RESEARCH PRESENTATIONRachelAnnTenibroAmaz
 
Simulation-based Testing of Unmanned Aerial Vehicles with Aerialist
Simulation-based Testing of Unmanned Aerial Vehicles with AerialistSimulation-based Testing of Unmanned Aerial Vehicles with Aerialist
Simulation-based Testing of Unmanned Aerial Vehicles with AerialistSebastiano Panichella
 
miladyskindiseases-200705210221 2.!!pptx
miladyskindiseases-200705210221 2.!!pptxmiladyskindiseases-200705210221 2.!!pptx
miladyskindiseases-200705210221 2.!!pptxCarrieButtitta
 
Anne Frank A Beacon of Hope amidst darkness ppt.pptx
Anne Frank A Beacon of Hope amidst darkness ppt.pptxAnne Frank A Beacon of Hope amidst darkness ppt.pptx
Anne Frank A Beacon of Hope amidst darkness ppt.pptxnoorehahmad
 
Mathan flower ppt.pptx slide orchids ✨🌸
Mathan flower ppt.pptx slide orchids ✨🌸Mathan flower ppt.pptx slide orchids ✨🌸
Mathan flower ppt.pptx slide orchids ✨🌸mathanramanathan2005
 
The Ten Facts About People With Autism Presentation
The Ten Facts About People With Autism PresentationThe Ten Facts About People With Autism Presentation
The Ten Facts About People With Autism PresentationNathan Young
 
Work Remotely with Confluence ACE 2.pptx
Work Remotely with Confluence ACE 2.pptxWork Remotely with Confluence ACE 2.pptx
Work Remotely with Confluence ACE 2.pptxmavinoikein
 
Chizaram's Women Tech Makers Deck. .pptx
Chizaram's Women Tech Makers Deck. .pptxChizaram's Women Tech Makers Deck. .pptx
Chizaram's Women Tech Makers Deck. .pptxogubuikealex
 
Event 4 Introduction to Open Source.pptx
Event 4 Introduction to Open Source.pptxEvent 4 Introduction to Open Source.pptx
Event 4 Introduction to Open Source.pptxaryanv1753
 
INDIAN GCP GUIDELINE. for Regulatory affair 1st sem CRR
INDIAN GCP GUIDELINE. for Regulatory affair 1st sem CRRINDIAN GCP GUIDELINE. for Regulatory affair 1st sem CRR
INDIAN GCP GUIDELINE. for Regulatory affair 1st sem CRRsarwankumar4524
 
SaaStr Workshop Wednesday w/ Kyle Norton, Owner.com
SaaStr Workshop Wednesday w/ Kyle Norton, Owner.comSaaStr Workshop Wednesday w/ Kyle Norton, Owner.com
SaaStr Workshop Wednesday w/ Kyle Norton, Owner.comsaastr
 

Recently uploaded (20)

Call Girls In Aerocity 🤳 Call Us +919599264170
Call Girls In Aerocity 🤳 Call Us +919599264170Call Girls In Aerocity 🤳 Call Us +919599264170
Call Girls In Aerocity 🤳 Call Us +919599264170
 
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
 
Gaps, Issues and Challenges in the Implementation of Mother Tongue Based-Mult...
Gaps, Issues and Challenges in the Implementation of Mother Tongue Based-Mult...Gaps, Issues and Challenges in the Implementation of Mother Tongue Based-Mult...
Gaps, Issues and Challenges in the Implementation of Mother Tongue Based-Mult...
 
DGT @ CTAC 2024 Valencia: Most crucial invest to digitalisation_Sven Zoelle_v...
DGT @ CTAC 2024 Valencia: Most crucial invest to digitalisation_Sven Zoelle_v...DGT @ CTAC 2024 Valencia: Most crucial invest to digitalisation_Sven Zoelle_v...
DGT @ CTAC 2024 Valencia: Most crucial invest to digitalisation_Sven Zoelle_v...
 
SBFT Tool Competition 2024 -- Python Test Case Generation Track
SBFT Tool Competition 2024 -- Python Test Case Generation TrackSBFT Tool Competition 2024 -- Python Test Case Generation Track
SBFT Tool Competition 2024 -- Python Test Case Generation Track
 
PAG-UNLAD NG EKONOMIYA na dapat isaalang alang sa pag-aaral.
PAG-UNLAD NG EKONOMIYA na dapat isaalang alang sa pag-aaral.PAG-UNLAD NG EKONOMIYA na dapat isaalang alang sa pag-aaral.
PAG-UNLAD NG EKONOMIYA na dapat isaalang alang sa pag-aaral.
 
The 3rd Intl. Workshop on NL-based Software Engineering
The 3rd Intl. Workshop on NL-based Software EngineeringThe 3rd Intl. Workshop on NL-based Software Engineering
The 3rd Intl. Workshop on NL-based Software Engineering
 
PHYSICS PROJECT BY MSC - NANOTECHNOLOGY
PHYSICS PROJECT BY MSC - NANOTECHNOLOGYPHYSICS PROJECT BY MSC - NANOTECHNOLOGY
PHYSICS PROJECT BY MSC - NANOTECHNOLOGY
 
Early Modern Spain. All about this period
Early Modern Spain. All about this periodEarly Modern Spain. All about this period
Early Modern Spain. All about this period
 
RACHEL-ANN M. TENIBRO PRODUCT RESEARCH PRESENTATION
RACHEL-ANN M. TENIBRO PRODUCT RESEARCH PRESENTATIONRACHEL-ANN M. TENIBRO PRODUCT RESEARCH PRESENTATION
RACHEL-ANN M. TENIBRO PRODUCT RESEARCH PRESENTATION
 
Simulation-based Testing of Unmanned Aerial Vehicles with Aerialist
Simulation-based Testing of Unmanned Aerial Vehicles with AerialistSimulation-based Testing of Unmanned Aerial Vehicles with Aerialist
Simulation-based Testing of Unmanned Aerial Vehicles with Aerialist
 
miladyskindiseases-200705210221 2.!!pptx
miladyskindiseases-200705210221 2.!!pptxmiladyskindiseases-200705210221 2.!!pptx
miladyskindiseases-200705210221 2.!!pptx
 
Anne Frank A Beacon of Hope amidst darkness ppt.pptx
Anne Frank A Beacon of Hope amidst darkness ppt.pptxAnne Frank A Beacon of Hope amidst darkness ppt.pptx
Anne Frank A Beacon of Hope amidst darkness ppt.pptx
 
Mathan flower ppt.pptx slide orchids ✨🌸
Mathan flower ppt.pptx slide orchids ✨🌸Mathan flower ppt.pptx slide orchids ✨🌸
Mathan flower ppt.pptx slide orchids ✨🌸
 
The Ten Facts About People With Autism Presentation
The Ten Facts About People With Autism PresentationThe Ten Facts About People With Autism Presentation
The Ten Facts About People With Autism Presentation
 
Work Remotely with Confluence ACE 2.pptx
Work Remotely with Confluence ACE 2.pptxWork Remotely with Confluence ACE 2.pptx
Work Remotely with Confluence ACE 2.pptx
 
Chizaram's Women Tech Makers Deck. .pptx
Chizaram's Women Tech Makers Deck. .pptxChizaram's Women Tech Makers Deck. .pptx
Chizaram's Women Tech Makers Deck. .pptx
 
Event 4 Introduction to Open Source.pptx
Event 4 Introduction to Open Source.pptxEvent 4 Introduction to Open Source.pptx
Event 4 Introduction to Open Source.pptx
 
INDIAN GCP GUIDELINE. for Regulatory affair 1st sem CRR
INDIAN GCP GUIDELINE. for Regulatory affair 1st sem CRRINDIAN GCP GUIDELINE. for Regulatory affair 1st sem CRR
INDIAN GCP GUIDELINE. for Regulatory affair 1st sem CRR
 
SaaStr Workshop Wednesday w/ Kyle Norton, Owner.com
SaaStr Workshop Wednesday w/ Kyle Norton, Owner.comSaaStr Workshop Wednesday w/ Kyle Norton, Owner.com
SaaStr Workshop Wednesday w/ Kyle Norton, Owner.com
 

20160713 2016 the honeynet projct annual workshop focus and global trends

  • 1. 2016 Honeynet Project Annual Workshop Focus and Global Trends The Honeynet Project Taiwan Chapter Yi-Lang Tsai
  • 2. Google Me. Yi-Lang Tsai The Honeynet Project Taiwan Chapter Leader 1st 5th 6th 3rd 4th 1st 1st Cloud Security Alliance Taiwan Chapter Founder and Director of Research http://blog.yilang.org Facebook: Yi-Lang Tsai 34 Information Security( ) Linux Guide NetAdmin 80 RHCE CCNA CCAI CEH CHFI ACIA ITIL Foundation ISO 27001 LAC ISO 20000 LAC BS10012 LAC CSA STAR Auditing
  • 3. Outline The Honeynet Project Honeynet Project Tools Honeynet in Taiwan 2016 Annual Workshop update
  • 4. The Honeynet Project introduction Non-profit (501c3) organization with Board of Directors. Funded by sponsors Global set of diverse skills and experiences. Open Source, share all of our research and findings at no cost to the public. Deploy networks around the world to be hacked. Everything we capture is happening in the wild. We have nothing to sell.
  • 5. Honeynet Project Mission A community of organizations actively researching, developing and deploying Honeynets and sharing the lessons learned. Awareness: 增進企業與組織對存在於現⾏網路上的威脅與弱點之了解,進⼀步思考 如何去減輕威脅的⽅法 Information: 除了提供基本的攻擊活動外,進⼀步提供更關鍵性的資料,如: 攻擊動 機,駭客間如何聯絡,駭客攻破主機後下⼀步的攻擊動作 Tools: Honeynet Project 致⼒於發展 Open Source Tools,藉由這些Tools,我們可以 更有效率的佈建誘捕系統了解網路環境攻擊威脅現況
  • 6. The Honeynet Project Website http://www.honeynet.org/ 45 (Chapters)
  • 7. Honeypot/Honeynet Technology What is a Honeynet ? Low-Interaction / High-interaction Honeypot It is an architecture, not a product or software Populate with live systems Once compromised, data is collected to learn the tools, tactics, and motives of the Blackhat community Value of Honeynet Research : Identify new tools and new tactics, Profiling Blackhats Early warning and prediction Incident Response / Forensics Self-defense
  • 8. Honeypots A honeypot is an information system resource whose value lies in unauthorized or illicit use of that resource. Has no production value, anything going to or from a honeypot is likely a probe, attack or compromise. Primary value to most organizations is information.
  • 9. Advantage and Risk Advantage Collect small data sets of high value. Reduce false positives Catch new attacks, false negatives Work in encrypted or IPv6 environments Simple concept requiring minimal resources Risk Limited field of view (microscope) Risk (mainly high-interaction honeypots)
  • 10. Honeynets High-interaction honeypot designed to capture in-depth informa(on. Information has different value to different organizations. Its an architecture you populate with live systems, not a product or software. Any traffic entering or leaving is suspect.
  • 11. 2016 Annual Workshop Update San Antonio, TX, USA. May 9-11th, 2016 1 Day Briefing, 2 Days Hands-on Workshop and 2 Days Private Meeting About 120+ Attendee Join this year
  • 12. Briefing Topic 17 Years of Community Leadership Lessons Learned (Lance Spitzner) Keynote: Control Systems Cyberattacks (Kevin Owens) ICS/SCADA Threats: What Matters and Where Honeypots Can Help (Robert Lee) Deep-Packet Inspection in Industrial Control Networks (Alvaro Cardenas) Behavioral Analysis of large amounts of Unknown Files (Lukas Rist) Shadowserver: Updates and highlights from recent activities (David Watson) Advancements in Computational Digital Forensics (Nicole Beebe) Creating Your Own Threat Intel Through Hunting and Visualization (Raffael Marty) Targeted attacks by Dubnium (Christian Seifert) Integrating Human Behavior into the Development of Future Cyber terrorism Scenarios(Max Kilger) Security and Deception in Industrial Control Systems (Lukas Rist)
  • 13. Summary 17 Years of Community Leadership Lessons Learned Lance Spitzner / The Honeynet Project Founder Why join community projects meet people smarter then you a network of friends turns into a network of opportunities gain new, international perspectives make a difference and build your reputation Motivation we underestimate the power of recognition create a positive culture ensure people have a voice help build their reputation / exposure enable people to learn and grow from others
  • 14. Summary Keynote: Control Systems Cyberattacks (Kevin Owens) Iranians Hacked From Wall Street to New York Dam, U.S. Says http://www.bloomberg.com/news/articles/2016-03-24/u-s- charges-iranian-hackers-in-wall-street-cyberattacks-im6b43tt New wave of cyberattacks against Ukrainian power industry http://www.welivesecurity.com/2016/01/20/new-wave- attacks-ukrainian-power-industry/ Updated BlackEnergy Trojan Grows More Powerful https://blogs.mcafee.com/mcafee-labs/updated- blackenergy-trojan-grows-more-powerful/
  • 15. Summary ICS/SCADA Threats: What Matters and Where Honeypots Can Help (Robert Lee) ThreatStream https://www.anomali.com/ Mysterious ’08 Turkey Pipeline Blast Opened New Cyberwar http://www.bloomberg.com/news/articles/2014-12-10/mysterious-08-turkey- pipeline-blast-opened-new-cyberwar The growing cyberthreat from Iran: The initial report of Project Pistachio Harvest https://www.aei.org/publication/growing-cyberthreat-from-iran/ No, Israel's power grid wasn't hacked, but ransomware hit Israel's Electric Authority http://www.computerworld.com/article/3026609/security/no-israels-power-grid- wasnt-hacked-but-ransomware-hit-israels-electric-authority.html ICS-CERT https://ics-cert.us-cert.gov/
  • 16. Summary Deep-Packet Inspection in Industrial Control Networks (Alvaro Cardenas) Key Questions where to deploy network monitors how deep to look DFA network protocol,communication patterns, command codes, enough? protocol specification correct but false info exact value of sensor and control commands(Can’t model with DFA)
  • 17. Summary Behavioral Analysis of large amounts of Unknown Files (Lukas Rist) database cloud bridge sandbox cluster sample workflow multiple sample sources flow together chain of workers with increasing processing cost or time known/unknown, static analysis FRS, multi AV, emulated sandbox, iVM plug&analysis system, write your own worker result based routing rules cloud watch, TSD, probabilistic data structures
  • 18. Summary Shadowserver: Updates and highlights from recent activities (David Watson) https://www.shadowserver.org/ The Shadowserver Foundation is continually seeking to provide timely and relevant information to the security community at large. We also seek to increase our level of research and investigation into the activity we discover.
  • 19. Summary Creating Your Own Threat Intel Through Hunting and Visualization (Raffael Marty) a new architecture -the security data lake context, IOCs, any data —> Rules —> big data lake  —>Hunting  —> data sci Hunting creates internal threat intelligence Data science in security  simple approaches work dc(dest), dc(d_port) what is normal? use data science / data mining to prepare data. then visualize the output for the human analyst.
  • 20. Honeypot Update Monitoring DDoS attacks with DDoSPot (Luka Milković) criterial: no dummy services rate limiting db storage, state restore and passable logs simple and note resource-intiensive statistics hp feeds
  • 22. Google Self-Driving Car on City Streets
  • 25. Malware Knowledge Base in Taiwan owl.nchc.org.tw Malware Knowledge Base, hosted by the National Center for High-performance Computing, is a malware analysis platform that observes and records system behaviors conducted by analysis objects in a controlled environment with various types of dynamic analysis tools. The mission of Malware Knowledge Base is to strengthen malware research and promote security innovations in both academia and industry. By providing malware-related resources, Malware Knowledge Base can contribute to security research and make the Internet a safer place.
  • 26. Next session… Honeypot Flash Live Show. Kean Song Tan (Malaysia Chapter) Ching Hsiung Hsu (Taiwan Chapter)