Explore a comprehensive conference talk from DerbyCon 2015 that delves into the concept of active defense and its modern applications. Learn about the challenges faced in cybersecurity, including the limitations of widgets and the importance of visibility and complexity management. Discover how to regain control over critical assets, implement effective data governance projects, and recover from breaches. Examine the consequences of security failures, such as website defacements and stolen trade secrets, from both defense and attack perspectives. Gain insights into fundamental security practices, including asset management, network mapping, and threat intelligence. Understand the significance of home ice advantage, data collection, and intelligent prioritization in cybersecurity. Explore various types of threats, automated responses, and the value of human intervention in persistent threat scenarios. Discover strategies for raising costs for attackers and achieving real security through continuous learning and adaptation.
Overview
Syllabus
Intro
Widgets dont help
Python fans
Visibility
Complexity
Fail
Do you control the situation
Critical assets exfiltrated
Data governance projects
Recovering from a breach
What happens if you fail
Website defacements
Stolen trade secrets
Defense perspective
Attack perspective
Objective
We dont suck at security
Short game
Fundamentals
Asset Management
Network Map
Home Ice Advantage
Mapping Your Space
Collecting Data
Threat Intelligence
Intelligence
Where
Alerts
Pentesting
What threats are relevant
Malware
Types of Threats
Why Does This Matter
Tier 1 Automated Response
Reimage
Human time expended
Persistent threats
Human Time
Intelligent Prioritization
Learning
Raising Costs
The Goal
Real Security
