SlideShare a Scribd company logo

Network Insight: How To Assess Findings - Tier 1 SOC Triage - Mark Gilbert ,Threat Researcher, Core Security

Core Security
Core Security

Speed to respond is critical in fighting cyber threats and cyberattacks. Learning how to quickly assess findings leads to faster response and containment. As users get familiar with the Network Insight, formerly Failsafe, user console and how to read results, quick decisions can be made as to next steps to response. In this session, we will cover how to quickly assess findings in the GUI directly or when pivoting from a SIEM or ITSM in response to a case – including top dashboard widgets for quickly drilling down on pre-filtered lists of assets. This session will cover asset filtering methods to highlight what things are important to each organization. Most importantly you will learn how to drill down on individual assets, what to look for and which sections can quickly decide on next steps.

Software
1 of 9
Download to read offline
CONNECT  2017   How  To  Assess  Findings Network  Insight  Track
AGENDA • Asset  tab • What’s  what • Column  Review • Reviewing  Filtering • Decorators • Verdict  Score  vs.  Risk  Score • Asset  Categories • Asset  details • Findings • Event  Timeline • PCAPS • A  few  things  about  files • Threat  Operator  review • SIEM  event  basics • Asset  events  vs.  Evidence  events
L E A R N M O R E Mark  Gilbert Threat  Research,  Core  Security Mark’s  bio  goes  here.  Lorim Ipsum.   Mark  knows  threats,  he’s  a  data  scientist,  coder  turned   threat  researcher  and  his  knowledge  about  threats  and     operators  TTP’s  are  extensive.  Prior  to  Core  Security  he   did  ____  at  ____.  He  has  personally  put  bad  guys  in   prison  through  research  and  testimony.  Fear  him.  
Rapid   Tier1   Triage STEP   ONE-­‐ Identify  Asset STEP   TWO-­‐ Review   Asset   Verdict  &  Risk STEP   THREE-­‐ Review   Profiler  hits  and  events   timeline STEP   FOUR-­‐ Make   decision   to  escalate Example  of  Basic  Triage  Steps
Cont i nuo us   Moni t ori ng Behavioral,  Content,  and  Threat   Intelligence  based  analysis  of   network  activity  to  profile   suspicious  and  malicious   activity. T hre a t   D i s c ov e ry Block  C&C  activity  or  trigger   device  specific  actions  through   integrations  with  leading   NGFWs,  Proxy  Solutions,  SIEMs,   etc. R a pi d   R e s pons e Agentless  visibility  of  activity   from  all  devices  and  device   types  indifferent  of  OS  on  your   network Prioritized  notifications  of   Infections  based  on  forensic   evidence  over  time  rather  than   noisy  alerts  along  with  risk   attributes  and  threat  context Ca s e   Ma na g e m e nt Live  DemoNetwork  Insight
Q   &   A
THANK  YOU
Title  Left Subtitle  left
Network Insight: How To Assess Findings - Tier 1 SOC Triage - Mark Gilbert ,Threat Researcher, Core Security

Recommended

Carbon Black Corporate Overview 2016
Carbon Black Corporate Overview 2016 Carbon Black Corporate Overview 2016
Carbon Black Corporate Overview 2016 Exclusive Networks ME
 
How Ethical Hacking is Healthy for Business
How Ethical Hacking is Healthy for BusinessHow Ethical Hacking is Healthy for Business
How Ethical Hacking is Healthy for BusinessSecurityMetrics
 
Ethical hacking/ Penetration Testing
Ethical hacking/ Penetration TestingEthical hacking/ Penetration Testing
Ethical hacking/ Penetration TestingANURAG CHAKRABORTY
 
The Four Types of Threat Detection and Use Cases in Industrial Security
The Four Types of Threat Detection and Use Cases in Industrial SecurityThe Four Types of Threat Detection and Use Cases in Industrial Security
The Four Types of Threat Detection and Use Cases in Industrial SecurityDragos, Inc.
 
Penetration testing & Ethical Hacking
Penetration testing & Ethical HackingPenetration testing & Ethical Hacking
Penetration testing & Ethical HackingS.E. CTS CERT-GOV-MD
 
SOC Architecture - Building the NextGen SOC
SOC Architecture - Building the NextGen SOCSOC Architecture - Building the NextGen SOC
SOC Architecture - Building the NextGen SOCPriyanka Aash
 
Cyber Crimes: The next five years.
Cyber Crimes: The next five years. Cyber Crimes: The next five years.
Cyber Crimes: The next five years. Gregory McCardle
 
Penetration Testing vs. Vulnerability Scanning
Penetration Testing vs. Vulnerability ScanningPenetration Testing vs. Vulnerability Scanning
Penetration Testing vs. Vulnerability ScanningSecurityMetrics
 

Recommended

Carbon Black Corporate Overview 2016
Carbon Black Corporate Overview 2016 Carbon Black Corporate Overview 2016
Carbon Black Corporate Overview 2016 Exclusive Networks ME
 
How Ethical Hacking is Healthy for Business
How Ethical Hacking is Healthy for BusinessHow Ethical Hacking is Healthy for Business
How Ethical Hacking is Healthy for BusinessSecurityMetrics
 
Ethical hacking/ Penetration Testing
Ethical hacking/ Penetration TestingEthical hacking/ Penetration Testing
Ethical hacking/ Penetration TestingANURAG CHAKRABORTY
 
The Four Types of Threat Detection and Use Cases in Industrial Security
The Four Types of Threat Detection and Use Cases in Industrial SecurityThe Four Types of Threat Detection and Use Cases in Industrial Security
The Four Types of Threat Detection and Use Cases in Industrial SecurityDragos, Inc.
 
Penetration testing & Ethical Hacking
Penetration testing & Ethical HackingPenetration testing & Ethical Hacking
Penetration testing & Ethical HackingS.E. CTS CERT-GOV-MD
 
SOC Architecture - Building the NextGen SOC
SOC Architecture - Building the NextGen SOCSOC Architecture - Building the NextGen SOC
SOC Architecture - Building the NextGen SOCPriyanka Aash
 
Cyber Crimes: The next five years.
Cyber Crimes: The next five years. Cyber Crimes: The next five years.
Cyber Crimes: The next five years. Gregory McCardle
 
Penetration Testing vs. Vulnerability Scanning
Penetration Testing vs. Vulnerability ScanningPenetration Testing vs. Vulnerability Scanning
Penetration Testing vs. Vulnerability ScanningSecurityMetrics
 
Jeffrey_Smith_Resume_2016
Jeffrey_Smith_Resume_2016Jeffrey_Smith_Resume_2016
Jeffrey_Smith_Resume_2016Jeffrey Smith
 
Webcast: The Similarity Evidence Explorer For Malware
Webcast: The Similarity Evidence Explorer For Malware Webcast: The Similarity Evidence Explorer For Malware
Webcast: The Similarity Evidence Explorer For Malware Invincea, Inc.
 
Custom defense - Blake final
Custom defense - Blake finalCustom defense - Blake final
Custom defense - Blake finalMinh Le
 
Vulnerability and Assessment Penetration Testing
Vulnerability and Assessment Penetration TestingVulnerability and Assessment Penetration Testing
Vulnerability and Assessment Penetration TestingYvonne Marambanyika
 
What is Next-Generation Antivirus?
What is Next-Generation Antivirus?What is Next-Generation Antivirus?
What is Next-Generation Antivirus?Ryan G. Murphy
 
TTPs for Threat hunting In Oil Refineries
TTPs for Threat hunting In Oil RefineriesTTPs for Threat hunting In Oil Refineries
TTPs for Threat hunting In Oil RefineriesDragos, Inc.
 
Cyber Incident Response Triage - CPX 360 Presentation
Cyber Incident Response Triage - CPX 360 PresentationCyber Incident Response Triage - CPX 360 Presentation
Cyber Incident Response Triage - CPX 360 PresentationInfocyte
 
What is Penetration & Penetration test ?
What is Penetration & Penetration test ?What is Penetration & Penetration test ?
What is Penetration & Penetration test ?Bhavin Shah
 
Tech Throwdown: Secure Containerization vs Whitelisting
Tech Throwdown: Secure Containerization vs WhitelistingTech Throwdown: Secure Containerization vs Whitelisting
Tech Throwdown: Secure Containerization vs WhitelistingInvincea, Inc.
 
Webinar: Operation DeathClick: Uncovering Micro-Targeted Malvertising Against...
Webinar: Operation DeathClick: Uncovering Micro-Targeted Malvertising Against...Webinar: Operation DeathClick: Uncovering Micro-Targeted Malvertising Against...
Webinar: Operation DeathClick: Uncovering Micro-Targeted Malvertising Against...Invincea, Inc.
 
What is pentest
What is pentestWhat is pentest
What is pentestitissolutions
 
Trustport - Roman Veleba
Trustport - Roman VelebaTrustport - Roman Veleba
Trustport - Roman VelebaJan Fried
 
Cybersecurity Incident Response Readiness: How to Find and Respond to Attacke...
Cybersecurity Incident Response Readiness: How to Find and Respond to Attacke...Cybersecurity Incident Response Readiness: How to Find and Respond to Attacke...
Cybersecurity Incident Response Readiness: How to Find and Respond to Attacke...Infocyte
 
Introduction to Penetration testing and tools
Introduction to Penetration testing and toolsIntroduction to Penetration testing and tools
Introduction to Penetration testing and toolsVikram Khanna
 
Most Ransomware Isn’t As Complex As You Might Think – Black Hat 2015
Most Ransomware Isn’t As Complex As You Might Think – Black Hat 2015 Most Ransomware Isn’t As Complex As You Might Think – Black Hat 2015
Most Ransomware Isn’t As Complex As You Might Think – Black Hat 2015 Lastline, Inc.
 
Base Metal Forensics
Base Metal ForensicsBase Metal Forensics
Base Metal ForensicsNapier University
 
Penetration Testing Services, Penetration Testing
Penetration Testing Services, Penetration TestingPenetration Testing Services, Penetration Testing
Penetration Testing Services, Penetration TestingeNinja Technologies
 
Regan, Keller, SF State Securing the vendor mr&ak
Regan, Keller, SF State Securing the vendor mr&akRegan, Keller, SF State Securing the vendor mr&ak
Regan, Keller, SF State Securing the vendor mr&akDET/CHE Directors of Educational Technology - California in Higher Education
 
What is penetration testing and career path
What is penetration testing and career pathWhat is penetration testing and career path
What is penetration testing and career pathVikram Khanna
 
Discover advanced threats with threat intelligence - Jeremy Li
Discover advanced threats with threat intelligence - Jeremy LiDiscover advanced threats with threat intelligence - Jeremy Li
Discover advanced threats with threat intelligence - Jeremy LiJeremy Li
 
RMS Security Breakfast
RMS Security BreakfastRMS Security Breakfast
RMS Security BreakfastRackspace
 
Applied cognitive security complementing the security analyst
Applied cognitive security complementing the security analyst Applied cognitive security complementing the security analyst
Applied cognitive security complementing the security analyst Priyanka Aash
 

More Related Content

What's hot

Jeffrey_Smith_Resume_2016
Jeffrey_Smith_Resume_2016Jeffrey_Smith_Resume_2016
Jeffrey_Smith_Resume_2016Jeffrey Smith
 
Webcast: The Similarity Evidence Explorer For Malware
Webcast: The Similarity Evidence Explorer For Malware Webcast: The Similarity Evidence Explorer For Malware
Webcast: The Similarity Evidence Explorer For Malware Invincea, Inc.
 
Custom defense - Blake final
Custom defense - Blake finalCustom defense - Blake final
Custom defense - Blake finalMinh Le
 
Vulnerability and Assessment Penetration Testing
Vulnerability and Assessment Penetration TestingVulnerability and Assessment Penetration Testing
Vulnerability and Assessment Penetration TestingYvonne Marambanyika
 
What is Next-Generation Antivirus?
What is Next-Generation Antivirus?What is Next-Generation Antivirus?
What is Next-Generation Antivirus?Ryan G. Murphy
 
TTPs for Threat hunting In Oil Refineries
TTPs for Threat hunting In Oil RefineriesTTPs for Threat hunting In Oil Refineries
TTPs for Threat hunting In Oil RefineriesDragos, Inc.
 
Cyber Incident Response Triage - CPX 360 Presentation
Cyber Incident Response Triage - CPX 360 PresentationCyber Incident Response Triage - CPX 360 Presentation
Cyber Incident Response Triage - CPX 360 PresentationInfocyte
 
What is Penetration & Penetration test ?
What is Penetration & Penetration test ?What is Penetration & Penetration test ?
What is Penetration & Penetration test ?Bhavin Shah
 
Tech Throwdown: Secure Containerization vs Whitelisting
Tech Throwdown: Secure Containerization vs WhitelistingTech Throwdown: Secure Containerization vs Whitelisting
Tech Throwdown: Secure Containerization vs WhitelistingInvincea, Inc.
 
Webinar: Operation DeathClick: Uncovering Micro-Targeted Malvertising Against...
Webinar: Operation DeathClick: Uncovering Micro-Targeted Malvertising Against...Webinar: Operation DeathClick: Uncovering Micro-Targeted Malvertising Against...
Webinar: Operation DeathClick: Uncovering Micro-Targeted Malvertising Against...Invincea, Inc.
 
Trustport - Roman Veleba
Trustport - Roman VelebaTrustport - Roman Veleba
Trustport - Roman VelebaJan Fried
 
Cybersecurity Incident Response Readiness: How to Find and Respond to Attacke...
Cybersecurity Incident Response Readiness: How to Find and Respond to Attacke...Cybersecurity Incident Response Readiness: How to Find and Respond to Attacke...
Cybersecurity Incident Response Readiness: How to Find and Respond to Attacke...Infocyte
 
Introduction to Penetration testing and tools
Introduction to Penetration testing and toolsIntroduction to Penetration testing and tools
Introduction to Penetration testing and toolsVikram Khanna
 
Most Ransomware Isn’t As Complex As You Might Think – Black Hat 2015
Most Ransomware Isn’t As Complex As You Might Think – Black Hat 2015 Most Ransomware Isn’t As Complex As You Might Think – Black Hat 2015
Most Ransomware Isn’t As Complex As You Might Think – Black Hat 2015 Lastline, Inc.
 
Penetration Testing Services, Penetration Testing
Penetration Testing Services, Penetration TestingPenetration Testing Services, Penetration Testing
Penetration Testing Services, Penetration TestingeNinja Technologies
 
What is penetration testing and career path
What is penetration testing and career pathWhat is penetration testing and career path
What is penetration testing and career pathVikram Khanna
 
Discover advanced threats with threat intelligence - Jeremy Li
Discover advanced threats with threat intelligence - Jeremy LiDiscover advanced threats with threat intelligence - Jeremy Li
Discover advanced threats with threat intelligence - Jeremy LiJeremy Li
 

What's hot (20)

Jeffrey_Smith_Resume_2016
Jeffrey_Smith_Resume_2016Jeffrey_Smith_Resume_2016
Jeffrey_Smith_Resume_2016
 
Webcast: The Similarity Evidence Explorer For Malware
Webcast: The Similarity Evidence Explorer For Malware Webcast: The Similarity Evidence Explorer For Malware
Webcast: The Similarity Evidence Explorer For Malware
 
Custom defense - Blake final
Custom defense - Blake finalCustom defense - Blake final
Custom defense - Blake final
 
Vulnerability and Assessment Penetration Testing
Vulnerability and Assessment Penetration TestingVulnerability and Assessment Penetration Testing
Vulnerability and Assessment Penetration Testing
 
What is Next-Generation Antivirus?
What is Next-Generation Antivirus?What is Next-Generation Antivirus?
What is Next-Generation Antivirus?
 
TTPs for Threat hunting In Oil Refineries
TTPs for Threat hunting In Oil RefineriesTTPs for Threat hunting In Oil Refineries
TTPs for Threat hunting In Oil Refineries
 
Cyber Incident Response Triage - CPX 360 Presentation
Cyber Incident Response Triage - CPX 360 PresentationCyber Incident Response Triage - CPX 360 Presentation
Cyber Incident Response Triage - CPX 360 Presentation
 
What is Penetration & Penetration test ?
What is Penetration & Penetration test ?What is Penetration & Penetration test ?
What is Penetration & Penetration test ?
 
Tech Throwdown: Secure Containerization vs Whitelisting
Tech Throwdown: Secure Containerization vs WhitelistingTech Throwdown: Secure Containerization vs Whitelisting
Tech Throwdown: Secure Containerization vs Whitelisting
 
Webinar: Operation DeathClick: Uncovering Micro-Targeted Malvertising Against...
Webinar: Operation DeathClick: Uncovering Micro-Targeted Malvertising Against...Webinar: Operation DeathClick: Uncovering Micro-Targeted Malvertising Against...
Webinar: Operation DeathClick: Uncovering Micro-Targeted Malvertising Against...
 
What is pentest
What is pentestWhat is pentest
What is pentest
 
Trustport - Roman Veleba
Trustport - Roman VelebaTrustport - Roman Veleba
Trustport - Roman Veleba
 
Cybersecurity Incident Response Readiness: How to Find and Respond to Attacke...
Cybersecurity Incident Response Readiness: How to Find and Respond to Attacke...Cybersecurity Incident Response Readiness: How to Find and Respond to Attacke...
Cybersecurity Incident Response Readiness: How to Find and Respond to Attacke...
 
Introduction to Penetration testing and tools
Introduction to Penetration testing and toolsIntroduction to Penetration testing and tools
Introduction to Penetration testing and tools
 
Most Ransomware Isn’t As Complex As You Might Think – Black Hat 2015
Most Ransomware Isn’t As Complex As You Might Think – Black Hat 2015 Most Ransomware Isn’t As Complex As You Might Think – Black Hat 2015
Most Ransomware Isn’t As Complex As You Might Think – Black Hat 2015
 
Base Metal Forensics
Base Metal ForensicsBase Metal Forensics
Base Metal Forensics
 
Penetration Testing Services, Penetration Testing
Penetration Testing Services, Penetration TestingPenetration Testing Services, Penetration Testing
Penetration Testing Services, Penetration Testing
 
Regan, Keller, SF State Securing the vendor mr&ak
Regan, Keller, SF State Securing the vendor mr&akRegan, Keller, SF State Securing the vendor mr&ak
Regan, Keller, SF State Securing the vendor mr&ak
 
What is penetration testing and career path
What is penetration testing and career pathWhat is penetration testing and career path
What is penetration testing and career path
 
Discover advanced threats with threat intelligence - Jeremy Li
Discover advanced threats with threat intelligence - Jeremy LiDiscover advanced threats with threat intelligence - Jeremy Li
Discover advanced threats with threat intelligence - Jeremy Li
 

Similar to Network Insight: How To Assess Findings - Tier 1 SOC Triage - Mark Gilbert ,Threat Researcher, Core Security

RMS Security Breakfast
RMS Security BreakfastRMS Security Breakfast
RMS Security BreakfastRackspace
 
Applied cognitive security complementing the security analyst
Applied cognitive security complementing the security analyst Applied cognitive security complementing the security analyst
Applied cognitive security complementing the security analyst Priyanka Aash
 
Operationalizing Security Intelligence
Operationalizing Security IntelligenceOperationalizing Security Intelligence
Operationalizing Security IntelligenceSplunk
 
Reducing cyber risks in the era of digital transformation
Reducing cyber risks in the era of digital transformationReducing cyber risks in the era of digital transformation
Reducing cyber risks in the era of digital transformationSergey Soldatov
 
How To Turbo-Charge Incident Response With Threat Intelligence
How To Turbo-Charge Incident Response With Threat IntelligenceHow To Turbo-Charge Incident Response With Threat Intelligence
How To Turbo-Charge Incident Response With Threat IntelligenceResilient Systems
 
How To Turbo-Charge Incident Response With Threat Intelligence
How To Turbo-Charge Incident Response With Threat IntelligenceHow To Turbo-Charge Incident Response With Threat Intelligence
How To Turbo-Charge Incident Response With Threat IntelligenceResilient Systems
 
Cyber Threat Hunting Workshop
Cyber Threat Hunting WorkshopCyber Threat Hunting Workshop
Cyber Threat Hunting WorkshopDigit Oktavianto
 
Cyber Threat Hunting Workshop.pdf
Cyber Threat Hunting Workshop.pdfCyber Threat Hunting Workshop.pdf
Cyber Threat Hunting Workshop.pdfssuser4237d4
 
Cyber Threat Hunting Workshop.pdf
Cyber Threat Hunting Workshop.pdfCyber Threat Hunting Workshop.pdf
Cyber Threat Hunting Workshop.pdfssuser4237d4
 
Artificial Intelligence – Time Bomb or The Promised Land?
Artificial Intelligence – Time Bomb or The Promised Land?Artificial Intelligence – Time Bomb or The Promised Land?
Artificial Intelligence – Time Bomb or The Promised Land?Raffael Marty
 
C4I cyber secuirty by Eric Eifert - Keynote 9.pptx
C4I cyber secuirty by Eric Eifert - Keynote 9.pptxC4I cyber secuirty by Eric Eifert - Keynote 9.pptx
C4I cyber secuirty by Eric Eifert - Keynote 9.pptxbakhtinasiriav
 
Security Breakout Session
Security Breakout Session Security Breakout Session
Security Breakout Session Splunk
 
CNIT 50: 9. NSM Operations
CNIT 50: 9. NSM OperationsCNIT 50: 9. NSM Operations
CNIT 50: 9. NSM OperationsSam Bowne
 
Info Security - Vulnerability Assessment
Info Security - Vulnerability AssessmentInfo Security - Vulnerability Assessment
Info Security - Vulnerability AssessmentMarcelo Silva
 
Cyber warfare introduction
Cyber warfare introductionCyber warfare introduction
Cyber warfare introductionjagadeesh katla
 
How to protect your corporate from advanced attacks
How to protect your corporate from advanced attacksHow to protect your corporate from advanced attacks
How to protect your corporate from advanced attacksMicrosoft
 
FireSIGHT Management Center (FMC) slides
FireSIGHT Management Center (FMC) slidesFireSIGHT Management Center (FMC) slides
FireSIGHT Management Center (FMC) slidesAmy Gerrie
 
Cervone uof t - nist framework (1)
Cervone uof t - nist framework (1)Cervone uof t - nist framework (1)
Cervone uof t - nist framework (1)Stephen Abram
 
Detect Unknown Threats, Reduce Dwell Time, Accelerate Response
Detect Unknown Threats, Reduce Dwell Time, Accelerate ResponseDetect Unknown Threats, Reduce Dwell Time, Accelerate Response
Detect Unknown Threats, Reduce Dwell Time, Accelerate ResponseRahul Neel Mani
 

Similar to Network Insight: How To Assess Findings - Tier 1 SOC Triage - Mark Gilbert ,Threat Researcher, Core Security (20)

RMS Security Breakfast
RMS Security BreakfastRMS Security Breakfast
RMS Security Breakfast
 
Applied cognitive security complementing the security analyst
Applied cognitive security complementing the security analyst Applied cognitive security complementing the security analyst
Applied cognitive security complementing the security analyst
 
Operationalizing Security Intelligence
Operationalizing Security IntelligenceOperationalizing Security Intelligence
Operationalizing Security Intelligence
 
Reducing cyber risks in the era of digital transformation
Reducing cyber risks in the era of digital transformationReducing cyber risks in the era of digital transformation
Reducing cyber risks in the era of digital transformation
 
How To Turbo-Charge Incident Response With Threat Intelligence
How To Turbo-Charge Incident Response With Threat IntelligenceHow To Turbo-Charge Incident Response With Threat Intelligence
How To Turbo-Charge Incident Response With Threat Intelligence
 
How To Turbo-Charge Incident Response With Threat Intelligence
How To Turbo-Charge Incident Response With Threat IntelligenceHow To Turbo-Charge Incident Response With Threat Intelligence
How To Turbo-Charge Incident Response With Threat Intelligence
 
Cyber Threat Hunting Workshop
Cyber Threat Hunting WorkshopCyber Threat Hunting Workshop
Cyber Threat Hunting Workshop
 
Cyber Threat Hunting Workshop.pdf
Cyber Threat Hunting Workshop.pdfCyber Threat Hunting Workshop.pdf
Cyber Threat Hunting Workshop.pdf
 
Cyber Threat Hunting Workshop.pdf
Cyber Threat Hunting Workshop.pdfCyber Threat Hunting Workshop.pdf
Cyber Threat Hunting Workshop.pdf
 
Artificial Intelligence – Time Bomb or The Promised Land?
Artificial Intelligence – Time Bomb or The Promised Land?Artificial Intelligence – Time Bomb or The Promised Land?
Artificial Intelligence – Time Bomb or The Promised Land?
 
Vapt life cycle
Vapt life cycleVapt life cycle
Vapt life cycle
 
C4I cyber secuirty by Eric Eifert - Keynote 9.pptx
C4I cyber secuirty by Eric Eifert - Keynote 9.pptxC4I cyber secuirty by Eric Eifert - Keynote 9.pptx
C4I cyber secuirty by Eric Eifert - Keynote 9.pptx
 
Security Breakout Session
Security Breakout Session Security Breakout Session
Security Breakout Session
 
CNIT 50: 9. NSM Operations
CNIT 50: 9. NSM OperationsCNIT 50: 9. NSM Operations
CNIT 50: 9. NSM Operations
 
Info Security - Vulnerability Assessment
Info Security - Vulnerability AssessmentInfo Security - Vulnerability Assessment
Info Security - Vulnerability Assessment
 
Cyber warfare introduction
Cyber warfare introductionCyber warfare introduction
Cyber warfare introduction
 
How to protect your corporate from advanced attacks
How to protect your corporate from advanced attacksHow to protect your corporate from advanced attacks
How to protect your corporate from advanced attacks
 
FireSIGHT Management Center (FMC) slides
FireSIGHT Management Center (FMC) slidesFireSIGHT Management Center (FMC) slides
FireSIGHT Management Center (FMC) slides
 
Cervone uof t - nist framework (1)
Cervone uof t - nist framework (1)Cervone uof t - nist framework (1)
Cervone uof t - nist framework (1)
 
Detect Unknown Threats, Reduce Dwell Time, Accelerate Response
Detect Unknown Threats, Reduce Dwell Time, Accelerate ResponseDetect Unknown Threats, Reduce Dwell Time, Accelerate Response
Detect Unknown Threats, Reduce Dwell Time, Accelerate Response
 

More from Core Security

How to Solve the Top 3 Struggles with Identity Governance and Administration ...
How to Solve the Top 3 Struggles with Identity Governance and Administration ...How to Solve the Top 3 Struggles with Identity Governance and Administration ...
How to Solve the Top 3 Struggles with Identity Governance and Administration ...Core Security
 
Lazy Penetration Tester Tricks
Lazy Penetration Tester Tricks Lazy Penetration Tester Tricks
Lazy Penetration Tester Tricks Core Security
 
Thanks for All the Phish: Introducing Core Impact 18.1
Thanks for All the Phish: Introducing Core Impact 18.1Thanks for All the Phish: Introducing Core Impact 18.1
Thanks for All the Phish: Introducing Core Impact 18.1Core Security
 
Identity + Security: Welcome to Your New Career
Identity + Security: Welcome to Your New Career Identity + Security: Welcome to Your New Career
Identity + Security: Welcome to Your New Career Core Security
 
Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...
Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...
Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...Core Security
 
No More SIlos: Connected Security - Mike Desai and Ryan Rowcliffe
No More SIlos: Connected Security - Mike Desai and Ryan RowcliffeNo More SIlos: Connected Security - Mike Desai and Ryan Rowcliffe
No More SIlos: Connected Security - Mike Desai and Ryan RowcliffeCore Security
 
Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...
Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...
Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...Core Security
 
Security Consulting Services - Which Is The Best Option For Me? - Diego Sor, ...
Security Consulting Services - Which Is The Best Option For Me? - Diego Sor, ...Security Consulting Services - Which Is The Best Option For Me? - Diego Sor, ...
Security Consulting Services - Which Is The Best Option For Me? - Diego Sor, ...Core Security
 
Threat Dissection - Alberto Soliño Testa Research Director, Core Security
Threat Dissection - Alberto Soliño Testa Research Director, Core SecurityThreat Dissection - Alberto Soliño Testa Research Director, Core Security
Threat Dissection - Alberto Soliño Testa Research Director, Core SecurityCore Security
 
How to Defeat the Vulnerability Hydra - Andy Nickel Sales Engineer, Core Secu...
How to Defeat the Vulnerability Hydra - Andy Nickel Sales Engineer, Core Secu...How to Defeat the Vulnerability Hydra - Andy Nickel Sales Engineer, Core Secu...
How to Defeat the Vulnerability Hydra - Andy Nickel Sales Engineer, Core Secu...Core Security
 
Understanding Network Insight Integrations to Automate Containment and Kick S...
Understanding Network Insight Integrations to Automate Containment and Kick S...Understanding Network Insight Integrations to Automate Containment and Kick S...
Understanding Network Insight Integrations to Automate Containment and Kick S...Core Security
 
Product Vision - Stephen Newman – SecureAuth+Core Security
Product Vision - Stephen Newman – SecureAuth+Core Security Product Vision - Stephen Newman – SecureAuth+Core Security
Product Vision - Stephen Newman – SecureAuth+Core Security Core Security
 
The Good, the Bad, and The Not So Bad: Tracking Threat Operators with Our Thr...
The Good, the Bad, and The Not So Bad: Tracking Threat Operators with Our Thr...The Good, the Bad, and The Not So Bad: Tracking Threat Operators with Our Thr...
The Good, the Bad, and The Not So Bad: Tracking Threat Operators with Our Thr...Core Security
 
Introducing Core Role Designer - Michael Marks Product Manager - Identity, Co...
Introducing Core Role Designer - Michael Marks Product Manager - Identity, Co...Introducing Core Role Designer - Michael Marks Product Manager - Identity, Co...
Introducing Core Role Designer - Michael Marks Product Manager - Identity, Co...Core Security
 
Core Connector API Demo - Michael Marks Product Manager - Identity, Core Secu...
Core Connector API Demo - Michael Marks Product Manager - Identity, Core Secu...Core Connector API Demo - Michael Marks Product Manager - Identity, Core Secu...
Core Connector API Demo - Michael Marks Product Manager - Identity, Core Secu...Core Security
 
Access Assurance Suite Tips & Tricks - Lisa Lombardo Principal Architect Iden...
Access Assurance Suite Tips & Tricks - Lisa Lombardo Principal Architect Iden...Access Assurance Suite Tips & Tricks - Lisa Lombardo Principal Architect Iden...
Access Assurance Suite Tips & Tricks - Lisa Lombardo Principal Architect Iden...Core Security
 
The Why - Keith Graham, CTO – SecureAuth+Core Security
The Why - Keith Graham, CTO – SecureAuth+Core Security The Why - Keith Graham, CTO – SecureAuth+Core Security
The Why - Keith Graham, CTO – SecureAuth+Core Security Core Security
 
Vulnerability Insight Tips & Tricks - Magno Gomes SE Manager, Core Security
Vulnerability Insight Tips & Tricks - Magno Gomes SE Manager, Core SecurityVulnerability Insight Tips & Tricks - Magno Gomes SE Manager, Core Security
Vulnerability Insight Tips & Tricks - Magno Gomes SE Manager, Core SecurityCore Security
 
10 IT Security Trends to Watch for in 2016
10 IT Security Trends to Watch for in 201610 IT Security Trends to Watch for in 2016
10 IT Security Trends to Watch for in 2016Core Security
 
Trending it security threats in the public sector
Trending it security threats in the public sectorTrending it security threats in the public sector
Trending it security threats in the public sectorCore Security
 

More from Core Security (20)

How to Solve the Top 3 Struggles with Identity Governance and Administration ...
How to Solve the Top 3 Struggles with Identity Governance and Administration ...How to Solve the Top 3 Struggles with Identity Governance and Administration ...
How to Solve the Top 3 Struggles with Identity Governance and Administration ...
 
Lazy Penetration Tester Tricks
Lazy Penetration Tester Tricks Lazy Penetration Tester Tricks
Lazy Penetration Tester Tricks
 
Thanks for All the Phish: Introducing Core Impact 18.1
Thanks for All the Phish: Introducing Core Impact 18.1Thanks for All the Phish: Introducing Core Impact 18.1
Thanks for All the Phish: Introducing Core Impact 18.1
 
Identity + Security: Welcome to Your New Career
Identity + Security: Welcome to Your New Career Identity + Security: Welcome to Your New Career
Identity + Security: Welcome to Your New Career
 
Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...
Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...
Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...
 
No More SIlos: Connected Security - Mike Desai and Ryan Rowcliffe
No More SIlos: Connected Security - Mike Desai and Ryan RowcliffeNo More SIlos: Connected Security - Mike Desai and Ryan Rowcliffe
No More SIlos: Connected Security - Mike Desai and Ryan Rowcliffe
 
Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...
Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...
Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...
 
Security Consulting Services - Which Is The Best Option For Me? - Diego Sor, ...
Security Consulting Services - Which Is The Best Option For Me? - Diego Sor, ...Security Consulting Services - Which Is The Best Option For Me? - Diego Sor, ...
Security Consulting Services - Which Is The Best Option For Me? - Diego Sor, ...
 
Threat Dissection - Alberto Soliño Testa Research Director, Core Security
Threat Dissection - Alberto Soliño Testa Research Director, Core SecurityThreat Dissection - Alberto Soliño Testa Research Director, Core Security
Threat Dissection - Alberto Soliño Testa Research Director, Core Security
 
How to Defeat the Vulnerability Hydra - Andy Nickel Sales Engineer, Core Secu...
How to Defeat the Vulnerability Hydra - Andy Nickel Sales Engineer, Core Secu...How to Defeat the Vulnerability Hydra - Andy Nickel Sales Engineer, Core Secu...
How to Defeat the Vulnerability Hydra - Andy Nickel Sales Engineer, Core Secu...
 
Understanding Network Insight Integrations to Automate Containment and Kick S...
Understanding Network Insight Integrations to Automate Containment and Kick S...Understanding Network Insight Integrations to Automate Containment and Kick S...
Understanding Network Insight Integrations to Automate Containment and Kick S...
 
Product Vision - Stephen Newman – SecureAuth+Core Security
Product Vision - Stephen Newman – SecureAuth+Core Security Product Vision - Stephen Newman – SecureAuth+Core Security
Product Vision - Stephen Newman – SecureAuth+Core Security
 
The Good, the Bad, and The Not So Bad: Tracking Threat Operators with Our Thr...
The Good, the Bad, and The Not So Bad: Tracking Threat Operators with Our Thr...The Good, the Bad, and The Not So Bad: Tracking Threat Operators with Our Thr...
The Good, the Bad, and The Not So Bad: Tracking Threat Operators with Our Thr...
 
Introducing Core Role Designer - Michael Marks Product Manager - Identity, Co...
Introducing Core Role Designer - Michael Marks Product Manager - Identity, Co...Introducing Core Role Designer - Michael Marks Product Manager - Identity, Co...
Introducing Core Role Designer - Michael Marks Product Manager - Identity, Co...
 
Core Connector API Demo - Michael Marks Product Manager - Identity, Core Secu...
Core Connector API Demo - Michael Marks Product Manager - Identity, Core Secu...Core Connector API Demo - Michael Marks Product Manager - Identity, Core Secu...
Core Connector API Demo - Michael Marks Product Manager - Identity, Core Secu...
 
Access Assurance Suite Tips & Tricks - Lisa Lombardo Principal Architect Iden...
Access Assurance Suite Tips & Tricks - Lisa Lombardo Principal Architect Iden...Access Assurance Suite Tips & Tricks - Lisa Lombardo Principal Architect Iden...
Access Assurance Suite Tips & Tricks - Lisa Lombardo Principal Architect Iden...
 
The Why - Keith Graham, CTO – SecureAuth+Core Security
The Why - Keith Graham, CTO – SecureAuth+Core Security The Why - Keith Graham, CTO – SecureAuth+Core Security
The Why - Keith Graham, CTO – SecureAuth+Core Security
 
Vulnerability Insight Tips & Tricks - Magno Gomes SE Manager, Core Security
Vulnerability Insight Tips & Tricks - Magno Gomes SE Manager, Core SecurityVulnerability Insight Tips & Tricks - Magno Gomes SE Manager, Core Security
Vulnerability Insight Tips & Tricks - Magno Gomes SE Manager, Core Security
 
10 IT Security Trends to Watch for in 2016
10 IT Security Trends to Watch for in 201610 IT Security Trends to Watch for in 2016
10 IT Security Trends to Watch for in 2016
 
Trending it security threats in the public sector
Trending it security threats in the public sectorTrending it security threats in the public sector
Trending it security threats in the public sector
 

Recently uploaded

+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...Health
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...ICS
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxbodapatigopi8531
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...panagenda
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AIABDERRAOUF MEHENNI
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️anilsa9823
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...harshavardhanraghave
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Modelsaagamshah0812
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providermohitmore19
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsArshad QA
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdfWave PLM
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfkalichargn70th171
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...MyIntelliSource, Inc.
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...OnePlan Solutions
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionSolGuruz
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfkalichargn70th171
 
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female serviceCALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female serviceanilsa9823
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsAlberto González Trastoy
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVshikhaohhpro
 

Recently uploaded (20)

+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptx
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Models
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
 
Microsoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdfMicrosoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdf
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with Precision
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female serviceCALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 

Network Insight: How To Assess Findings - Tier 1 SOC Triage - Mark Gilbert ,Threat Researcher, Core Security

  • 1. CONNECT  2017   How  To  Assess  Findings Network  Insight  Track
  • 2. AGENDA • Asset  tab • What’s  what • Column  Review • Reviewing  Filtering • Decorators • Verdict  Score  vs.  Risk  Score • Asset  Categories • Asset  details • Findings • Event  Timeline • PCAPS • A  few  things  about  files • Threat  Operator  review • SIEM  event  basics • Asset  events  vs.  Evidence  events
  • 3. L E A R N M O R E Mark  Gilbert Threat  Research,  Core  Security Mark’s  bio  goes  here.  Lorim Ipsum.   Mark  knows  threats,  he’s  a  data  scientist,  coder  turned   threat  researcher  and  his  knowledge  about  threats  and     operators  TTP’s  are  extensive.  Prior  to  Core  Security  he   did  ____  at  ____.  He  has  personally  put  bad  guys  in   prison  through  research  and  testimony.  Fear  him.  
  • 4. Rapid   Tier1   Triage STEP   ONE-­‐ Identify  Asset STEP   TWO-­‐ Review   Asset   Verdict  &  Risk STEP   THREE-­‐ Review   Profiler  hits  and  events   timeline STEP   FOUR-­‐ Make   decision   to  escalate Example  of  Basic  Triage  Steps
  • 5. Cont i nuo us   Moni t ori ng Behavioral,  Content,  and  Threat   Intelligence  based  analysis  of   network  activity  to  profile   suspicious  and  malicious   activity. T hre a t   D i s c ov e ry Block  C&C  activity  or  trigger   device  specific  actions  through   integrations  with  leading   NGFWs,  Proxy  Solutions,  SIEMs,   etc. R a pi d   R e s pons e Agentless  visibility  of  activity   from  all  devices  and  device   types  indifferent  of  OS  on  your   network Prioritized  notifications  of   Infections  based  on  forensic   evidence  over  time  rather  than   noisy  alerts  along  with  risk   attributes  and  threat  context Ca s e   Ma na g e m e nt Live  DemoNetwork  Insight
  • 6. Q   &   A