A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
ISDPodcast Button
RootSecure Button
Social-engineer-training Button
Irongeek Button

Web Hosting:
Dreamhost Logo
Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


IOCAware – Actively Collect Compromise Indicators and Test Your Entire Enterprise - Matt Jezorek, Dennis Kuntz Derbycon 2013 (Hacking Illustrated Series InfoSec Tutorial Videos)

IOCAware – Actively Collect Compromise Indicators and Test Your Entire Enterprise - Matt Jezorek, Dennis Kuntz
Derbycon 2013

Description: A/V avoidance is pitifully easy. Even when you know what to look for, most compromise indicators come out well after infections have occurred. IOCAware is a new approach in collecting compromise intelligence (IOCs) in near-real-time. That intelligence is then tested across your enterprise – again, in near-real-time. These indicators incorporate attacker behavior that may not be tied to a binary. IOCAware also provides tools for managing your IOCs as well as positive hits for indicators across your enterprise. But that’s just your enterprise. We are also creating an entire infrastructure for compromise indicator collection and anonymous sharing.

Bio: “Matt is an information security professional focused on saying “Yes”. “Yes, I got a shell on that”, “Yes, we can do that, however…”. His experience ranges from small to large companies each of them with the same problems. “Yes, you have to patch”. His expertise is faking it till he makes it, mixed in with incident response, threat intelligence, security operations and asking people to do work they have no time or desire to do it.
Dennis has been in IT and Information Security for 18 years doing various things. He has been an administrative assistant to a General at the NSA and cleaned bathrooms at the CIA. He is on the board of the Charlotte ISSA, even when he isn’t, and has spoken at a number of other conferences, including the first DerbyCon.”

Back to Derbycon 2013 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2014, IronGeek
Louisville / Kentuckiana Information Security Enthusiast