Overview
Explore defensive cybersecurity strategies in this Black Hat USA 2012 conference talk. Learn how to effectively respond to penetration testing and red team assessments, focusing on maximizing existing resources rather than purchasing new solutions. Discover techniques for expanding defensive capabilities from reactive to proactive, including intelligence gathering on potential attackers and developing targeted defense models. Gain insights into methodical, decisive approaches to improve overall security posture, and understand how to leverage adversarial tools and techniques for defensive purposes. Delve into topics such as vulnerability assessment, risk management, early warning systems, and the importance of aligning security efforts with broader organizational goals.
Syllabus
Intro
Sexy Defense Maximizing the Home-Field Advantage
Iftach lan Amit
Background
Reading bad reports
Vulnerability
Risk
Methodology
What does it mean? Attack
Remember!
Map (exposures & Issues)
Map (Threats)
Logs
Early warning signs
People
Correlate
Assess where YOU are!
Constant development
Align outwards
It's about
Counter-intel
Use THEIR tools...
Law is hackable
Kippo
Artillery
Then: Technology
Play nice with others
Conclusions
Call for Action
Taught by
Black Hat