• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Collaboration Between Infosec Community and CERT Teams : Project Sonar case
 

Collaboration Between Infosec Community and CERT Teams : Project Sonar case

on

  • 417 views

Along with their day-to-day duties, CERT/CSIRT teams need to be aware about the security state of their subscribers/clients. My goal here is to present this initiative named "Project Sonar", started ...

Along with their day-to-day duties, CERT/CSIRT teams need to be aware about the security state of their subscribers/clients. My goal here is to present this initiative named "Project Sonar", started by many members of the Infosec Community. Also, i would like to present an use case in which the collaboration between the CERT/CSIRT team and the Infosec Community can be more profitable for all of us. This use case will be based on an analysis of some data provided by Project Sonar.

Statistics

Views

Total Views
417
Views on SlideShare
414
Embed Views
3

Actions

Likes
0
Downloads
2
Comments
0

1 Embed 3

http://www.linkedin.com 3

Accessibility

Categories

Upload Details

Uploaded via as OpenOffice

Usage Rights

CC Attribution-ShareAlike LicenseCC Attribution-ShareAlike License

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Collaboration Between Infosec Community and CERT Teams : Project Sonar case Collaboration Between Infosec Community and CERT Teams : Project Sonar case Presentation Transcript

    • Collaboration Between Infosec Community and CERT Teams : Project Sonar case 1
    • Summary 1- Intro 2- A little Flashback 3- Who is the Infosec Community ? 3- What is Project Sonar ? 4- How can it be useful for CERT/CSIRT ? 5- What can be done ? 6- Conclusion 2
    • INTRO ● ● /me { Valdes T. Nzalli | @valdesjo77 Co-Founder & Security Evangelist at Cameroon Cyber Security } Cameroon Cyber Security : { NGO Association, Infosec Workshops, Trainings, Awareness and Share ! | @camcybersec www.camcybersec.cm « Be Secure, Be Safe ! » } 3
    • A LITTLE FLASHBACK Internet Census Map (Carna Botnet) 4
    • Who is the Infosec Community ? ● Infosec Researchers ● Infosec Products Builders / Vendors ● Security Analysts worldwide 5
    • What is Project Sonar ? ● Scanning Public Internet-facing Systems ● Analyse datasets provided by Scans ● Share result and datasets with IT Security Community Datasets Availables : IPv4 TCP banners & UDP probe replies IPv4 Reverse DNS PTR records IPv4 SSL Certificates 6
    • What is Project Sonar ? ● Public Vulnerabilities on UpnP device reveled 7
    • What is Project Sonar ? Serial Console Port Services exposed worldwide 8
    • What is Project Sonar ? OpenSSH servers usage and vulnerabilities frequency in Africa 9
    • How can it be useful for CERT/CSIRT ? 10
    • How can it be useful for CERT/CSIRT ? ● Workforce reduced ● More Specific Awareness Campaign ● ● Improvement of the Global Cybersecurity State Pro-active Incident Response 11
    • What can be done ? ● ● ● ● ● Working together with Infosec Researchers/Products Builders Define standard of communication with Infosec Community Grab Datasets available for « internal » usage Analyse and use this Informations for their customers Also, share their information with Infosec Community to improve global Cybersecurity 12
    • Conclusion Useful Ressources : ● ● ● ● Project Sonar free Datasets https://scans.io/ Internet Census Project http://internetcensus2012.bitbucket.org/ Rapid7 Community : Welcome to Project Sonar https://community.rapid7.com/community/infosec/sonar/blog/2 Additional : Shodan HQ : www.shodanhq.com 13