A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
ISDPodcast Button
RootSecure Button
Social-engineer-training Button
Irongeek Button

Web Hosting:
Dreamhost Logo
Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Stop Shooting Blanks: No magic bullets in your arsenal - Renegade6 (Nicolle Neulist) (BSides Las Vegas 2013) (Hacking Illustrated Series InfoSec Tutorial Videos)

Stop Shooting Blanks: No magic bullets in your arsenal - Renegade6 (Nicolle Neulist)

There is no one single device that will provide a total security solution. All those "magic" and 4th quadrant solutions will not protect you. Security is not a framework, not a destination, and not a weekend of overtime implementing a new tool. It is not news that organizations need defense in depth or layered defenses. Too many organizations are stuck in a reactive security mode. Businesses react to network alerts, researching events in the morning from the day before.  They react to virus detections when the av solution emails them a report. Each security solution only provides a part of the answer to the question "Am I owned'" Network alerts only provide a partial picture, same with host monitoring. By combining logs, network alerts, and system alerts a much clearer picture emerges. This talk will show that you can detect system compromises days, weeks and even months before antivirus will catch it. It will cover key system events and locations to monitor.  Network events that you may not currently be watching for that you absolutely should be watching. Plus how simple visualization of log data can make potential compromises really stand out. Examples from compromises will be used to reinforce the concepts presented.

BIO: Renegade6 has been addicted to computers since he won a TI-99/4A in a school raffle. In 1997 he was blown away by NMRC, L0pht, and others. Past positions include satellite network administrator, network administrator, system administrator, information security team lead, Information Assurance Security Officer for the Green Zone in Iraq, Information Assurance Manager, instructor, network defense, and currently Network Defense SME and Senior Incident Handler.

 

Back to BSides Las Vegas 2013 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2014, IronGeek
Louisville / Kentuckiana Information Security Enthusiast