as the phish turns
TRANSCRIPT
Definitely a Devil Dog
WELCOME&
THANK YOU
ROB
+ Cadets, Midshipman, Pleebs
Father
What we’ll be talking about
Security Life Lessons
Current Threats
Defenses
Keeping up with the Jones
One more thing…
Life Lesson #1
Know whatyou own
Life Lesson #2
Logs.Are.
KING.
Life Lesson #3
Misconfiguration is the devil
Life Lesson #4
Layers
Life Lesson #5
Don’t fall asleep at work…
Life Lesson #5 (contd.)
…especially when your work laptop has a webcam…
No you cannot havethis picture
Current Threats
[A]dvanced[P]ersistent[T]hreats
[F]ear[U]ncertanty[D]oubt
OH-Day
_REAL_ Current Threats
Client-side Exploitation• Spam• Phishing• Malicious Attachments• Malicious Links
“Web App Sec”• Do you really know what apps you have
out there?... Really?
Your tools:
CASTLE Theory
[C]rown[A]ssess[S]nare[T]olerate[L]imit[E]levation
Your tools:
Risk Assessment
What is ACTUALLY important to the organization
Your tools:
Testing•Vulnerability Assessment•Penetration Testing•Information Operations
Your tools:
Incident Response•Log Analysis•Forensics
Your tools:
Intrusion Prevention Systems•Firewalls•Anti-Virus•IPS•Proxies
Intelligence Operations
What sets it apart:•Crown Jewels•Detectability•0day usage•Full Scope•Long Term
But how do I keep up?
Home Lab
PASSION
One more thing…
Start your brand NOW
http://bit.ly/5duczB
Couch to CareerIn 80 hours
THANK YOU
[email protected]://www.room362.comhttp://twitter.com/mubix