A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:


Separating Security Intelligence from Security FUD Derbycon 2012 (Hacking Illustrated Series InfoSec Tutorial Videos)

Separating Security Intelligence from Security FUD
Derbycon 2012

Security Intelligence is the study of a significant amount of data from internal and external sources. The correlation of that data, is how we determine what security measures are necessary and effective in our enterprise, and which security measures are useless, or less than effective.

There are plenty of Honeypots and other measures to collect Security Intelligence. But many enterprises follow outmoded security measures, because they don’t actually collect any.
Those enterprises are running on Security FUD, making decisions based on less than correct intelligence and information. FUD is a poor place to make choices from. Wherever they get it from, security practices not based on data, aren’t based on real threats.

In this talk, we will learn tools to use to get the best intelligence, sources for good news on current and emerging threats, and the ways to utilize all this information to determine the most effective security measures to protect your organization.

We will examine some security measures that are utilized out of fear and inertia, not intelligence and information. We will discuss how you can garner the information to drive real change at your organization, from the business level, to the auditing level, to InfoSec trench level.

Joshua Marpet

Joshua Marpet has presented at Defcon, Derbycon, Shmoocon, Black Hat, DoD/Cybercrime, ECTF, Infragard, and many other conferences. His presentations are well received, and teach information that is synthesized from the latest research, and original research of his own.

Joshua’s background is varied, from Senior InfoSec Analyst, Blacksmith, Law Enforcement, Firefighter, and just about every childhood dream job except Astronaut.


Back to Derbycon 2012 video list

Printable version of this article

15 most recent posts on Irongeek.com:

If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast