Overview
Explore defensive cybersecurity strategies in this 44CON Information Security Conference talk. Learn how to maximize your organization's "home-field advantage" by adopting a proactive approach to security. Discover techniques for intelligence gathering on potential attackers, effective modeling for focused defense, and methods to expand your defensive spectrum beyond reactive measures. Gain insights into validating assumptions, adapting security strategies, and setting traps for adversaries. Examine practical examples, including the use of tools like Snort, Keepo, Artillery, and Honey Pots. Understand the importance of taking initiative in cybersecurity and how to effectively implement lessons learned from red team exercises. This presentation emphasizes utilizing existing resources and knowledge to improve your security posture without relying solely on new purchases.
Syllabus
Intro
Background
Red Team Test
Ad Reports
Vulnerability
Threat
Methodology
Attacker Perspective
RedTeaming
Mapping
Gathering Intelligence
People are breakable
Correlation is hard
Hadoop
Act defensively
Validate your assumptions
Adapt your security strategy
Set traps
Examples
First example
Download binaries
snort
Legal discussion
Keepo
Artillery
Tools
Honey Pots
Play nice
Call for action
Take the initiative
Lower the thing down
Taught by
44CON Information Security Conference