XECUREIT.COM“Your Security,Our Passion”ConsultancyAssuranceResearchEducationEffective Honeynet inHigh Grade Security Strat...
Effective HoneynetPage 2 XECUREIT.COMExample
Effective HoneynetPage 3 XECUREIT.COMEnemy Level Very High● Government grade attacker● “Unlimited” resources, “lawful” H...
Effective HoneynetPage 4 XECUREIT.COMEasy to know your enemy ;)(Production)group_server1.organisasi.idgroup_server2.organi...
Effective HoneynetPage 5 XECUREIT.COMHow to know the malicious authorized user?(Production)group_server1.organisasi.idgrou...
Effective HoneynetPage 6 XECUREIT.COMEasy to know the “potential” malicious authorized users(Production)group_server1.orga...
Effective HoneynetPage 7 XECUREIT.COMEasy to know the malicious authorized users(Production)group_server1.organisasi.idgro...
Effective HoneynetPage 8 XECUREIT.COMRequirements High Grade Security Strategy● Appropriate information security classifi...
XECUREIT.COM“Your Security,Our Passion”ConsultancyAssuranceResearchEducationTERIMAKASIHTHANK YOU"Feeling secure is dangero...
Upcoming SlideShare
Loading in...5
×

Gildas Deograt - Effective Honeynet in High Grade Security Strategy

438

Published on

Gildas Deograt - Effective Honeynet in High Grade Security Strategy

Published in: Technology, Education
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
438
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
38
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Gildas Deograt - Effective Honeynet in High Grade Security Strategy

  1. 1. XECUREIT.COM“Your Security,Our Passion”ConsultancyAssuranceResearchEducationEffective Honeynet inHigh Grade Security Strategy"Feeling secure is dangerous. It makes us complacent.""Rasa aman berbahaya. Rasa aman membuat kita lengah."Gildas Deograt Lumy, CISA, CISSP, ISO27001 LAChief Technology Officergildas@xecureit.com
  2. 2. Effective HoneynetPage 2 XECUREIT.COMExample
  3. 3. Effective HoneynetPage 3 XECUREIT.COMEnemy Level Very High● Government grade attacker● “Unlimited” resources, “lawful” High● High level of expertise, using advance in-house developed tools,budget <USD 1 Million● Authorized users both consciously and as victims of social engineering Medium● Have expertise, using public or customized tools, budget <USD100,000● Known Attacker, such as employees, contractors, partners or customersboth consciously and as victims of social engineering Low / Very Low● Script kiddies, new born attacker, using public tools, budget <USD10,000● Unknown Attacker (Public)
  4. 4. Effective HoneynetPage 4 XECUREIT.COMEasy to know your enemy ;)(Production)group_server1.organisasi.idgroup_server2.organisasi.id(External Honeynet)
  5. 5. Effective HoneynetPage 5 XECUREIT.COMHow to know the malicious authorized user?(Production)group_server1.organisasi.idgroup_server2.organisasi.id(External Honeynet)
  6. 6. Effective HoneynetPage 6 XECUREIT.COMEasy to know the “potential” malicious authorized users(Production)group_server1.organisasi.idgroup_server2.organisasi.id(External Honeynet)
  7. 7. Effective HoneynetPage 7 XECUREIT.COMEasy to know the malicious authorized users(Production)group_server1.organisasi.idgroup_server2.organisasi.id(External Honeynet)
  8. 8. Effective HoneynetPage 8 XECUREIT.COMRequirements High Grade Security Strategy● Appropriate information security classification.● Balance prevention and detection mechanism.● Effective systems “separation of duties”.● Clear understanding of information security policies andprocedures (Do’s and Dont’s). Integrated Tools● Honeynet, Honeypot & Honeytoken● Network-based IDS● SIEM
  9. 9. XECUREIT.COM“Your Security,Our Passion”ConsultancyAssuranceResearchEducationTERIMAKASIHTHANK YOU"Feeling secure is dangerous. It makes us complacent.""Rasa aman berbahaya. Rasa aman membuat kita lengah."Gildas Deograt Lumy, CISA, CISSP, ISO27001 LAChief Technology Officergildas@xecureit.com
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×