Your SlideShare is downloading. ×
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
It's Okay To Touch Yourself - DerbyCon 2013
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

It's Okay To Touch Yourself - DerbyCon 2013

798

Published on

It takes a company an average of 35 days to detect when they have been compromised. For some, it can take years. As fast as software changes and new vulnerabilities are discovered, waiting for an …

It takes a company an average of 35 days to detect when they have been compromised. For some, it can take years. As fast as software changes and new vulnerabilities are discovered, waiting for an annual penetration test is just not enough. In this talk, I will show you how we perform self-audits on our own network on a continual basis. You will learn about the tools that we use so that you can audit your own network to determine if your technical and physical controls will detect a security incident. I will show you how our self-audits and 'fire drills' engage our IT team, allowing us to learn both how to detect when an incident is occurring and how to react. I will also share some mistakes I've made and give you tips on performing a self-assessment without disrupting your business. You will see how this has strengthened our awareness education and our overall security posture. If you've never performed a self-audit this talk will be a great introduction. It's okay to touch your...network.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
798
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
5
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. It's Okay To Touch Yourself! DerbyCon 2013 Ben Ten (@Ben0xA)
  • 2. About Me ● 12+ years experience in Health Care Information Systems ● Vice President & Security Officer ● Developer (Builder) ● Security Consultant, Trainer It's Okay To Touch Yourself Ben0xA - DerbyCon 2013
  • 3. About Me ● Federal Regulation Compliance Oversight (HIPAA, HITECH, PCI, Meaningful Use, Red Flag) ● Manager ● Gamer ● Love Science Fiction It's Okay To Touch Yourself Ben0xA - DerbyCon 2013
  • 4. Overview It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 This talk is SFW!
  • 5. Overview ● State of Breach Detection ● What is a Self Assessment ● Performing Fire Drills ● Pitfalls to Avoid ● Tools ● Acknowledgments ● Q&A It's Okay To Touch Yourself Ben0xA - DerbyCon 2013
  • 6. DerbyConTest It's Okay To Touch Yourself Ben0xA - DerbyCon 2013
  • 7. DerbyConTest It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 #10
  • 8. DerbyConTest It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 #9
  • 9. DerbyConTest It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 #8
  • 10. DerbyConTest It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 #7
  • 11. DerbyConTest It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 #6
  • 12. DerbyConTest It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 #5
  • 13. DerbyConTest It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 #4
  • 14. DerbyConTest It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 #3
  • 15. DerbyConTest It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 #2
  • 16. DerbyConTest It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 #1
  • 17. Why This Talk? Why Me? It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 A @dave_rel1k story...
  • 18. Why This Talk? Why Me? It's Okay To Touch Yourself Ben0xA - DerbyCon 2013
  • 19. State of Breach Detection It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 64% of businesses did not detect they had a breach until after 90 days! Source: 2013 Global Security Report ~ Trustwave https://www2.trustwave.com/2013GSR.html
  • 20. State of Breach Detection It's Okay To Touch Yourself Ben0xA - DerbyCon 2013
  • 21. State of Breach Detection It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 Approximately 70% of breaches were discovered by external parties who then notified the victim. Source: 2013 Data Breach Investigations Report ~ Verizon http://www.verizonenterprise.com/DBIR/2013/
  • 22. State of Breach Detection It's Okay To Touch Yourself Ben0xA - DerbyCon 2013
  • 23. State of Breach Detection It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 Source: 2013 Data Breach Investigations Report ~ Verizon http://www.verizonenterprise.com/DBIR/2013/
  • 24. State of Breach Detection It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 But we have these tools!!!11!!!two ● SIEM ● DLP ● IDS/IPS ● Logs
  • 25. State of Breach Detection It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 So, what's the problem?
  • 26. State of Breach Detection It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 ● Poorly implemented tools ● Lack of implemented tools ● Or maybe it's a perception issue...
  • 27. State of Breach Detection It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 Security by Obscurity
  • 28. State of Breach Detection It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 Security by Vicinity
  • 29. State of Breach Detection It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 Security by Divinity
  • 30. Self Assessment It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 It's time to get intimate with your...network!
  • 31. Self Assessment It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 At the very least, the critical parts of your network!
  • 32. Self Assessment It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 PTES – An Intro ● Pre-engagement Interactions ● Intelligence Gathering ● Threat Modeling ● Vulnerability Analysis ● Exploitation ● Post Exploitation ● Reporting
  • 33. Self Assessment It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 ● Pre-engagement Interactions ● Intelligence Gathering ● Threat Modeling ● Vulnerability Analysis ● Exploitation ● Post Exploitation ● Reporting PTES – An Intro
  • 34. Self Assessment It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 http://www.pentest-standard.org/index.php/Vulnerability_Analysis
  • 35. Self Assessment It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 http://www.pentest-standard.org/index.php/Vulnerability_Analysis
  • 36. Self Assessment It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 http://www.pentest-standard.org/index.php/Vulnerability_Analysis
  • 37. DISCLAIMER It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 ● I am not a professional penetration tester. But, I am staying at the Hyatt. ● Do not attempt anything on any network unless you have written permission! ● Do not do this on production first. Use a test environment!
  • 38. DISCLAIMER It's Okay To Touch Yourself Ben0xA - DerbyCon 2013
  • 39. DISCLAIMER It's Okay To Touch Yourself Ben0xA - DerbyCon 2013
  • 40. Self Assessment It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 Getting Intimate Know your Ports!
  • 41. Self Assessment It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 Getting Intimate Know your Logs!
  • 42. Self Assessment It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 Getting Intimate Know your Software!
  • 43. It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 https://www2.trustwave.com/cpn-hackers-playbook-2013-sm.html Self Assessment
  • 44. Self Assessment It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 Tools ● NeXpose (Rapid7) ● Nessus (Tenable) ● BurpSuite ● Health Monitor ● nmap/zenmap ● ninite
  • 45. Fire Drills It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 Why?
  • 46. Fire Drills It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 ● Are your tools working? ● Does your team react appropriately? ● What is happening during that nmap, nexpose, nessus, scan? ● What's the Incident Response plan and is it working?
  • 47. Pitfalls to Avoid It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 ● Verify Scope! ● Start Small / Focused ● Be wary of untested tools! ● Secure your results ● Don't DoS yourself
  • 48. It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 “[T]he ultimate goal should be to develop an environment in which security events are discovered innately—by both responsible security professionals or others in the organization.” Source: 2013 Global Security Report ~ Trustwave https://www2.trustwave.com/2013GSR.html New Tool
  • 49. It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 My Big Security Idea! New Tool
  • 50. It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 New Tool Will Steele @pen_test
  • 51. It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 New Tool
  • 52. Conclusion It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 In Conclusion
  • 53. Acknowledgments It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 ● @securitymoey ● @jwgoerlich ● @jaysonstreet ● @elizmmartin ● @rogueclown ● @dualcoremusic ● @derbycon Conclusion
  • 54. PoshSec Developers It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 ● @mwjohnson ● @jwgoerlich ● @securitymoey ● @mortprime ● @rjcassara ● @PoshSec Conclusion
  • 55. PoshSec Framework - Beta It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 http://github.com/poshsec/poshsecframework Conclusion View the ReadMe!
  • 56. Contact Information It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 ● @Ben0xA ● Ben0xA on Freenode (IRC) ● derbycon@ben0xa.com ● http://ben0xa.com ● http://github.com/Ben0xA ● http://github.com/PoshSec Questions? Conclusion
  • 57. Thank You! It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 Conclusion

×