Hackanalytics. With Tips and Tricks. Cyberpunk Fairytale DeepSec 2013 Edition
Upcoming SlideShare
Loading in...5
×
 

Hackanalytics. With Tips and Tricks. Cyberpunk Fairytale DeepSec 2013 Edition

on

  • 1,414 views

High tech brings Security struggle resulting in low life. Security Ninjas struggle to overcome obstacles of Enterprise world chaos in this Cyberpunk world.

High tech brings Security struggle resulting in low life. Security Ninjas struggle to overcome obstacles of Enterprise world chaos in this Cyberpunk world.

Statistics

Views

Total Views
1,414
Views on SlideShare
1,410
Embed Views
4

Actions

Likes
0
Downloads
8
Comments
0

1 Embed 4

https://twitter.com 4

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Hackanalytics. With Tips and Tricks. Cyberpunk Fairytale DeepSec 2013 Edition Hackanalytics. With Tips and Tricks. Cyberpunk Fairytale DeepSec 2013 Edition Presentation Transcript

  • Hackanalytics What's hot What's not Cyberpunk Fairytale with Tips and Tricks By Alexey Kachalin Advanced Monitoring
  • advancedmonitoring.ru Advanced Monitoring @kchln Credits as The Team Alexey Kachalin as Narrator Shiny IT as High Tech Security Struggle as Low Life [AK@DeepSec 2013 Nov 21]$ story begin_
  • advancedmonitoring.ru @kchln
  • advancedmonitoring.ru @kchln Security Struggle
  • advancedmonitoring.ru @kchln Why Struggle? More Secure  Less Secure Insecurity System Evolution Incidents System Complexity ??? Positive link Negative link Enforcing loop Tool: System Diagrams Introduce Controls Response
  • advancedmonitoring.ru Wanna skip to Ninjas part? 1. Choose methodology Technology specific  OWASP Task specific  PTES Domain specific  OSSTMM Result-oriented  CSC 2. Scoping … n. Rock’n’Roll! @kchln
  • advancedmonitoring.ru @kchln 1 Security Ninja wasted. Continue [ y/N] _ Tool: Mindmap, brainstorm. Don’t read it all now – I made it for lols
  • advancedmonitoring.ru Some Hack-o-sophy then? Creating stuff Engineering view User view Analytical thinking Critical thinking Out-of-box thinking *Technical expertise is required anyway @kchln
  • advancedmonitoring.ru @kchln When are you? Understand Their protocols Enterprise runs hundreds of projects and processes when you happen’ … not going to stop Plan – Identify & Analyze Do- Develop Solution Check- …and Improve Solution Act – Implement Solution You better know Their context Tool: Deming cycle and whatever follows PMBOK, TIL, ISO9000
  • advancedmonitoring.ru @kchln Pareto-zation. The benefit of hindsight 20% effort 80% $$$ Proves to be correct over and over Rarely used in planning Why? No Data Tool: Pareto, Knapsack problem Log don’t memorize Work out logs and use in planning
  • advancedmonitoring.ru Suggest Project/Teamwork Strategy Waterfall – stages, WBS Agile concept Time-limited iterations Team work on component Tasks not assigned – taken Scope change tolerance Customer awareness Tool: WBS, T-Shirt estimate, Burndown @kchln
  • advancedmonitoring.ru @kchln Broken communication – any project’s issue Phone call – I’ll call you back E-mail – ignored, maybe in spam? Checklist – too big – please e-mail Interview –please send checklist Discussion – I will do my way AaaRghh!!!
  • advancedmonitoring.ru Communicating in and out tricks Fight fears Appreciative Inquiry (5Ds) Too sweet? Criticize! Constructive Controversy Explore causes 5 Whys Overcome egos Six Hats Tool: Communications scenarios. It’s not always the same @kchln
  • advancedmonitoring.ru @kchln “Fairytale” Editor’s cut includes section Other Extremely Effective Communication tips
  • advancedmonitoring.ru Skimming documentation Don’t read or rewrite or annotate Review and analyze Structure - what’s there, not there Any logic in bundle? Check consistency How up-to-date documents are? Authors available for comments? Tool: Structure schemes, Sequence Diagrams @kchln
  • advancedmonitoring.ru Organize Chaos Track and Log * List * List of received documents List of created documents for the project UID * – use ID’s across artifacts ID’s used by customer are inconsistent… often Translation tables ID!=UID IP is not UID, MAC -? Don’t stop hallway through: Brainstorm Mindmap?  Actions! Tool: Affinity Diagram & workflow @kchln
  • advancedmonitoring.ru @kchln Almost there? Report.Create Outline first – don’t generate texts List items and give Definitions Structure and facts Width/Depth Switching prototyping Get approval/corrections Get clarification Tool: Outline & Example first, WDS Prototype (am)
  • advancedmonitoring.ru @kchln Avoid extremes Data and trends Visualization ex.#1 Obvious  Preconceived Simple  Complicated Boring  Fancy Report Texts Full description  Screenshots/logs only Boasting vulns  Hug problems Hack Slang  Baby talk ex.#2 Demonstrate. Communicate. Avoid
  • advancedmonitoring.ru Don’t restrict ideas by sticking to standard forms but do not neglect them Tool: Standard vis tools in excel/calc etc. RTFM please! @kchln ?
  • advancedmonitoring.ru @kchln Simple standard things. Use them right! ex.#1 Tool: Piecharts ex.#2
  • advancedmonitoring.ru Even if You can explain it – it’s too much Tool: No idea. shrooms?? @kchln
  • advancedmonitoring.ru Tool: Visualization Taxonomy (give it a look here) @kchln
  • advancedmonitoring.ru Powerful complex general tools for fast analysis and check ideas. Don’t over engineer Tool: Grid analysis (services up/vulns found excel by am) @kchln
  • advancedmonitoring.ru Got idea? Prototype. Don’t over engineer Tool: treemap (for services vis by am) @kchln
  • advancedmonitoring.ru Report.Automate – Build your System Store Data (received/generated) Human readable Machine readable Itemized (lists) Well named Actionable Edit, Snippets takings Filters, Sorting Manage and service @kchln
  • advancedmonitoring.ru @kchln Report.Repeat – They think they are all the same? No! Look!! They are sooo different Rep q1 Rep q2 Rep q3 Rep q4
  • advancedmonitoring.ru Hurling results to “Them” Pitches that should’ve made it but could as well fail SQLi up to RCE for any registered user Any scary words like XSS Database vulnerability leads to full compromise Critical vulnerability in AAA config Doh! You’re gonna get hacked soon @kchln
  • advancedmonitoring.ru @kchln Master “Their” language Bridge Current State Tool: MindTools.com for reference Desired new State SWOT Value chain 7S, McKinsey’s Decision Trees Comparison analysis Impact (Organization) analysis
  • That’s all, folks! Summary Philosophy and high-level concepts Planning and management Report crafting Communication tweaks Visualization demystified Organize chaos and keep tracking Craft tools and build Your own System Interpret results for presentation
  • advancedmonitoring.ru Advanced Monitoring OpSec/R&D/Forensics/Trainings IT Security R&D Cooperation Worldwide Russia – Europe - Americas – Asia Alexey Kachalin, COO kachalin@advancedmonitoring.ru @kchln @kchln