Planning and Integrating Deception into Computer Security Defenses

•

0 likes•793 views

Deceptive techniques played a prominent role in many human conflicts throughout history. Digital conflicts are no different as the use of deception has found its way to computing since at least the 1980s. However, many computer defenses that uses deception were ad-hoc attempts to incorporate deceptive elements in them. In this paper, we present a model that can be used to plan and integrate deception in computer security defenses. We present an overview of why deception fundamentally works and what are the essential principles in using such techniques. We investigate the unique advantages deception-based mechanisms bring to traditional computer security defenses. Furthermore, we show how our model can be used to incorporate deception to many part of computer systems and discuss how we can use such techniques effectively. A successful deception should present plausible alternative(s) to the truth and these should be de- signed to exploit specific adversaries’ biases. We investigate these biases and discuss how can they be used by presenting a number of examples.

Technology

Planning and Integrating Deception into Computer
Security Defenses
!
NSPW’14
Mohammed Almeshekah
malmeshe@purdue.edu
Eugene Spafford
spaf@purdue.edu

Deception to Improve
Security
• Used as ad-hoc attempt:
• Deception has been mainly
used as “trapping” or
“deterrence” tools.
• Traditional security (-) and
deception (+) work in tandem.
• Three unique advantages:
1.Increase entropy of leakage.
2.Gain information about
adversaries.
3.Gives defenders an edge in
OODA.

Why are you using this
deceptive method?
Deception Model (1) Strategic Goal

What effect(s) do you
want to see on the
attacker?
Deception Model (2) Desired Reaction(s)

What are the plausible
responses to the attack
and which ones should
you use?
Deception Model (3) Exploit Attacker’s Biases

Make your system lie
Deception Model (4) Apply Deception

Define Success and
Failure
Deception Model (5) Deception Feedback Channels

Assess the new risks
introduced by deception
Deception Model (6) Risk Assessment

Deceptive components
should be part of the real
system
Deception Model (7) Implementation and Integration

Continuous monitoring
and dynamic adjustment
based on the attacker’s
response
Deception Model (8) Monitoring and Dynamic Adjusting

What's hot

The term Red Team or Red Teaming has become more prevalent in the security industry. Both commercial and government organizations conduct "Red Team Exercises". What does this mean? What is a Red Team engagement? How is it different that other security tests? Isn't current penetration and vulnerability security testing enough? Red Teaming share many of the fundamentals of other security testing types, yet focuses on specific scenarios and goals that are used to evaluate and measure an organization's overall security defense posture. Organizations spend a great deal of time and money on the security of their systems. Red Teams have a unique goal of testing an organization's ability to detect, respond to, and recover from an attack. When properly conducted, Red Team activities can significantly contribute to the improvement an organization's security controls, help hone defensive capabilities, and measure the effectiveness of security operations. This presentation introduces the Red Teaming concept of IOC management, how a Red Team operator can use specific IOCs to blend in to a target, and how to design specific scenarios to test a Blue Team's defensive posture.

Using IOCs to Design and Control Threat Activities During a Red Team Engagement

Joe Vest

Strata 2015 Presentation -- Detecting Lateral Movement

Ram Shankar Siva Kumar

In this virtual meetup of DNIF KONNNECT (04.04.2019), where the growing DNIF community connects, interacts, shares and helps each other to grow and learn about the latest in threat hunting and many more...this time we have Mr. Ankit Panchal from NSDL who shall demonstrate an end to end demo of how you can achieve security maturity. Learn more about DNIF KONNECT here - https://dnif.it/dnif-konnect.html Learn more about DNIF KONNECT here - https://dnif.it/dnif-konnect.html

Threat hunting and achieving security maturity

DNIF

View webinar: "Cyber Threat Hunting: Identify and Hunt Down Intruders": https://www2.infosecinstitute.com/l/12882/2018-11-29/b9gwfd View companion webinar: "Red Team Operations: Attack and Think Like a Criminal": https://www2.infosecinstitute.com/l/12882/2018-11-29/b9gw5q Are you red team, blue team — or both? Get an inside look at the offensive and defensive sides of information security in our webinar series. Senior Security Researcher and InfoSec Instructor Jeremy Martin discusses what it takes to be modern-day threat hunter during our webinar, Cyber Threat Hunting: Identify and Hunt Down Intruders. The webinar covers: - The job duties of a Cyber Threat Hunting professional - Frameworks and strategies for Cyber Threat Hunting - How to get started and progress your defensive security career - And questions from live viewers! Learn about InfoSec Institute's Cyber Threat Hunting couse here: https://www.infosecinstitute.com/courses/cyber-threat-hunting/

Cyber Threat Hunting: Identify and Hunt Down Intruders

Infosec

Threat hunting 101 by Sandeep Singh

OWASP Delhi

Understanding the key components necessary to build a successful threat hunting program starts with visibility, the appropriate tools and automation. Skilled, experienced analysts, engineers and incident responders with analytical minds who can apply concepts and approaches to a variety of different toolsets are also instrumental to the process. In this presentation, We'll describe and discuss some of the most common challenges, recommended best practices, and focus areas for achieving an effective threat hunting capability based on lessons learned over the past 15 years.

Building a Successful Threat Hunting Program

Carl C. Manion

Enabling effective hunt teaming and incident response

jeffmcjunkin

SEC 572 Entire Course NEW

shyamuopiv

From MITRE ATT&CKcon Power Hour October 2020 By Matan Hart, Co-Founder & CEO Cymptom @machosec Adversary emulation is commonly used to validate security controls and is considered one of the most popular use-cases for the ATT&CK framework. However, emulating adversary TTPs on production environments is often very limited in testing scope and frequency, and such practice may cause unwanted business disruption. In this talk from the MITRE ATT&CKcon Power Hour session on October 9, 2020, Hart presents a different approach to testing controls against ATT&CK. He demonstrates how it is possible to provide data-based methods to evaluate the exploitability of ATT&CK techniques by gathering information from the network, endpoint, and services; this unique approach does not emulate any sort of malicious action, thus reducing the potential of causing business disruption to the minimum. Hart also outlines a new open-source guideline based on ATT&CK mitigations, that security teams can use to assess their security posture non-intrusively and at scale.

Transforming Adversary Emulation Into a Data Analysis Question

MITRE - ATT&CKcon

Security of Machine Learning

Institute of Contemporary Sciences

In our webinar “What is Threat Hunting and why do you need it?" we discussed the folowing key points: 1. What Threat hunting is. 2. Why it is becoming so popular and what kinds of attacks are making it necessary. 3. What the challenges are. 4. Threat Hunting and Investigation services for attacks. 5. Case studies. Find out more on https://www.pandasecurity.com/business/adaptive-defense/?utm_source=slideshare&utm_medium=social&utm_content=SM_EN_WEB_adaptive_defense&track=180715

What is Threat Hunting? - Panda Security

Panda Security

In the modern age, all organizations face threats from various types of cyber attacks. Although great strides have been made to consider human factors in cybersecurity and to become more proactive in threat analysis, security is still generally a reactive, technical field. The research presented in this talk seeks to develop a framework which adapts the existing MITRE ATT&CK framework to look at attacks in a less linear, more human-centered framework that focuses on the capabilities and decisions of the threat actor. The framework approaches threat analysis from a binary assessment of success vs. failure in order to see the entire attack and consider the potential for a number of methods and attempts made in a single attack. A detailed methodology and sample charts are included for a reference and a starting point in developing one’s own personalized charts, and recommendations are made for ways to integrate this methodology into the risk management process.

MITRE ATT&CKcon 2018: Decision Analysis Applications in Threat Analysis Frame...

MITRE - ATT&CKcon

MITRE ATTACKcon Power Hour - October

MITRE - ATT&CKcon

Threat hunting - Every day is hunting season

Ben Boyd

From MITRE ATT&CKcon Power Hour January 2021 By Valentine Mairet, Security Researcher, McAfee The MITRE ATT&CK framework is the industry standard to dissect cyberattacks into used techniques. At McAfee, all attack information is disseminated into different categories, including ATT&CK techniques. What results from this exercise is an extensive repository of techniques used in cyberattacks that goes back many years. Much can be learned from looking at historical attack data, but how can we piece all this information together to identify new relationships between threats and attacks? In her recent efforts, Valentine has embraced analyzing ATT&CK data in graphical representations. One lesson learned is that it is not just about merely mapping out attacks and techniques used into graphs, but the strength lies in applying different algorithms to answer specific questions. In this presentation, Valentine will showcase the results and techniques obtained from her research journey using graph and graph algorithms.

ATTACKers Think in Graphs: Building Graphs for Threat Intelligence

MITRE - ATT&CKcon

There are hundreds (if not thousands) of adversary groups out there, and it’s understandable if defenders sometimes feel like resistance is futile. Good news: you don’t have to defend against all of them! Even better news: there’s a simple way you can prioritize what adversaries you focus on and how you defend against them–threat modeling. This presentation will present a simple, practical threat modeling approach that any analyst or defender can use to get started figuring out what threats matter to their organization. The presentation will start by acknowledging the many approaches to threat modeling that others have created, and then discuss why there’s confusion around it. The presentation will then explain four simple steps and practical actions that anyone can take to get started with threat modeling: know your organization, know your adversaries, match those up, and take action. The audience will leave with an understanding of how threat modeling can help any team prioritize what threats they care about and use that to improve their organization’s defenses.

Resistance Isn't Futile: A Practical Approach to Threat Modeling

Katie Nickels

The Information Security Community on LinkedIn, with the support of Cybereason, conducted a comprehensive online research project to gain more insight into the state of threat hunting in security operation centers (SOCs). When the 330 cybersecurity and IT professionals were asked what keeps them up at night, many comments revolved around a central theme of undetected threats slipping through an organization’s defenses. Many responses included “unknown” and “advanced” when describing threats, indicating the respondents understand the challenges and fear those emerging threats. Read the full report here.

Threat Hunting Report

Morane Decriem

SOC2016 - The Investigation Labyrinth

chrissanders88

Invincea fake british airways ticket spear-phish malware 03-21-2014

Invincea, Inc.

Tech ThrowDown:Invincea FreeSpace vs EMET 5.0

Invincea, Inc.

What's hot (20)

Using IOCs to Design and Control Threat Activities During a Red Team Engagement

Strata 2015 Presentation -- Detecting Lateral Movement

Threat hunting and achieving security maturity

Cyber Threat Hunting: Identify and Hunt Down Intruders

Threat hunting 101 by Sandeep Singh

Building a Successful Threat Hunting Program

Enabling effective hunt teaming and incident response

SEC 572 Entire Course NEW

Transforming Adversary Emulation Into a Data Analysis Question

Security of Machine Learning

What is Threat Hunting? - Panda Security

MITRE ATT&CKcon 2018: Decision Analysis Applications in Threat Analysis Frame...

MITRE ATTACKcon Power Hour - October

Threat hunting - Every day is hunting season

ATTACKers Think in Graphs: Building Graphs for Threat Intelligence

Resistance Isn't Futile: A Practical Approach to Threat Modeling

Threat Hunting Report

SOC2016 - The Investigation Labyrinth

Invincea fake british airways ticket spear-phish malware 03-21-2014

Tech ThrowDown:Invincea FreeSpace vs EMET 5.0

Similar to Planning and Integrating Deception into Computer Security Defenses

Threat Modeling And Analysis

Lalit Kale

Ensuring cyber security is a dynamic, demanding, and complex task. Due to the pace of development in this area, cyber security experts are forced to engage in constant education, having access to test environments and develop both offensive and defensive cyber techniques. The purpose of this presentation was to present both the possibilities of the attack modeling and ESM model for the analysis of past incidents. The model is suitable for presenting the knowledge in the form of analytical presentation of the attacks as well as for performing laboratory work and examination of students.

Use of the enhanced structural model for attack analysis and education

Blaz Ivanc

Threat modeling is a key part of securing your cloud computing environment and is unique to each organization's people, practices and processes. Without a threat model you could end up going on wild goose chases and miss the forest for the trees. This talk will introduce the concept of threat modeling including how to get started, guiding questions and recap findings from the Argo Project Threat Model from 2021. Learn how and why to start threat modeling today!

Threat Modeling in the Cloud

Paige Cruz

csce201 - software - sec Basic Security.ppt

gealehegn

Adversarial attacks are techniques used in the filed of Machine Learning in intentions to cheat the models through bad entries. These attacks are used form various reasons, and one of the most common is an attack or causing a "breakdown" in standard models of Deep Neural Networks. Solution for these attacks have not yet been found and there are more and more works that are being done on this topic in the hope that a solution will be found, because DNN are relatively easy to fool.

[DSC Europe 23] Aleksandar Tomcic - Adversarial Attacks

DataScienceConferenc1

6 Most Popular Threat Modeling Methodologies

EC-Council

Toward Effective Evaluation of Cyber Defense Threat Based Adversary Emulation Approach. Shakas Technologies ( Galaxy of Knowledge) #11/A 2nd East Main Road, Gandhi Nagar, Vellore - 632006. Mobile : +91-9500218218 / 8220150373| land line- 0416- 3552723 Shakas Training & Development | Shakas Sales & Services | Shakas Educational Trust|IEEE projects | Research & Development | Journal Publication | Email : info@shakastech.com | shakastech@gmail.com | website: www.shakastech.com Facebook: https://www.facebook.com/pages/Shakas-Technologies

Toward Effective Evaluation of Cyber Defense Threat Based Adversary Emulation...

Shakas Technologies

Introduction to Computer Security

Kamal Acharya

Using an Open Source Threat Model for Prioritized Defense

EnclaveSecurity

Practice makes perfect. And unfortunately for security professionals, attackers have realized that persistence is a powerful approach to breaching an organization's defenses. Focusing on prevention alone is no longer a sufficient strategy for securing your organization against the business risks of a breach. Our current security environment demands an approach less centered on ideal prevention and more focused on reality. During this webcast, we discussed key strategies that limit your risk and exposure to unrelenting threats. Some highlighted topics include: - How the shift in attacker motivations has impacted today's threat landscape - Why preventative techniques alone can no longer ensure a secure environment - Which strategies need to be considered for a holistic approach to security - What next steps you can take towards identifying your best strategy against attacks

Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead

OpenDNS

6 Most Common Threat Modeling Misconceptions

Cigital

HD: swagitda.com/speaking/us-17-Shortridge-Big-Game-Theory-Hunting.pdf We all groan when we hear it's "time for some game theory," but traditional game theory – modelling conflict and cooperation between rational decision-makers – still pervades how we think of defensive strategy as an industry. This primitive analysis is a disservice to defenders, who are facing humans (and who are, in fact, humans themselves), but are modelling their own actions and opponent's actions based on the assumption of machine-like behavior. In this session, I will examine traditional game theory and propose why behavioral game theory should take its place in the philosophy of defense. Next, I'll review the first principles of game theory, through the lens of behavioral game theory, which empirically measures how humans actually behave in games, rather than assumes they will behave coldly rational. I'll explain the "rules" of the information security game and how traditional game theory is poorly suited to those conditions, along with the various behavioral models and why they are a superior fit. I'll then explore the two primarily methods that play into how humans make decisions in games – "thinking" and "learning" and what empirical data from behavioral game theory studies suggests on how to improve thinking and learning, extrapolating to applications for infosec defenders. Finally, I'll present new insights from my own research, examining how defenders and attackers play the infosec game specifically, and bridging from theory to practice, to see how the lessons from behavioral game theory can be tangibly incorporated into defenders' strategic decision making processes. I'll conclude the session by outlining the practical steps for improving threat modelling, countering offensive moves, and deciding which products to use, so that defenders can start gaining the high ground in the infosec game.

Big Game Theory Hunting: The Peculiarities of Human Behavior in the InfoSec Game

Kelly Shortridge

Appsec2013 assurance tagging-robert martin

drewz lin

Assess risks to IT security.pptx

lochanrajdahal

Blackbox Testing in AI Cybersecurity

ShauryaGupta38

Threat Modeling to Reduce Software Security Risk

Security Innovation

Adversarial ML - Part 1.pdf

KSChidanandKumarJSSS

As you've likely heard, Meltdown and Spectre are vulnerabilities that exist in Intel CPUs built since 1995. Hackers can exploit Meltdown and Spectre to get hold of information stored in the memory of other running programs. This might include passwords stored in a password manager or browser, photos, emails, instant messages and even business-critical documents. Join us for a technical webcast to learn more about these threats, and how the security controls in AlienVault Unified Security Management (USM) can help you mitigate these threats. You'll learn: What the AlienVault Labs security research team has learned about these threats How to scan your environment (cloud and on-premises) for the vulnerability with AlienVault USM Anywhere How built-in intrusion detection capabilities of USM Anywhere can detect exploits of these vulnerabilities How the incident response capabilities in USM Anywhere can help you mitigate attacks Watch the On-Demand Webcast here: https://www.alienvault.com/resource-center/webcasts/meltdown-and-spectre-how-to-detect-the-vulnerabilities-and-exploits?utm_medium=Social&utm_source=SlideShare&utm_content=meltdown-spectre-webcast Hosted By Sacha Dawes Principal Product Marketing Manager Sacha joined AlienVault in Feb 2017, where he is responsible for the technical marketing of the AlienVault Unified Security Management (USM) family of solutions. He brings multiple years of experience from product management, product marketing and business management roles at Microsoft, NetIQ, Gemalto and Schlumberger where he has delivered both SaaS-delivered and boxed-product solutions that address the IT security, identity and management space. Originally from the UK, Sacha is based in Austin, TX.

Meltdown and Spectre - How to Detect the Vulnerabilities and Exploits

AlienVault

The security mindset securing social media integrations and social learning...

franco_bb

APT attacks originate from people, against a specific target, for an explicit malicious purpose. Attempting to protect all assets from every type of attack is not reasonable or sustainable. Understanding the archetypes of Threat Agents is key to an effective defense. Knowing the capabilities, objectives, and most likely methods of APTs targeting your organization provides predictive insights to where prevention, detection, and response tools and processes will have maximum impact. Such analysis complements the traditional vulnerability management structures which look generically for weaknesses.

2015 Global APT Summit - Understanding APT threat agent characteristics is ke...

Matthew Rosenquist

Similar to Planning and Integrating Deception into Computer Security Defenses (20)

Threat Modeling And Analysis

Use of the enhanced structural model for attack analysis and education

Threat Modeling in the Cloud

csce201 - software - sec Basic Security.ppt

[DSC Europe 23] Aleksandar Tomcic - Adversarial Attacks

6 Most Popular Threat Modeling Methodologies

Toward Effective Evaluation of Cyber Defense Threat Based Adversary Emulation...

Introduction to Computer Security

Using an Open Source Threat Model for Prioritized Defense

Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead

6 Most Common Threat Modeling Misconceptions

Big Game Theory Hunting: The Peculiarities of Human Behavior in the InfoSec Game

Appsec2013 assurance tagging-robert martin

Assess risks to IT security.pptx

Blackbox Testing in AI Cybersecurity

Threat Modeling to Reduce Software Security Risk

Adversarial ML - Part 1.pdf

Meltdown and Spectre - How to Detect the Vulnerabilities and Exploits

The security mindset securing social media integrations and social learning...

2015 Global APT Summit - Understanding APT threat agent characteristics is ke...

Recently uploaded

Passkeys: Developing APIs to enable passwordless authentication Cody Salas, Sr Developer Advocate | Solutions Architect - Yubico Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...

apidays

Strategies for Landing an Oracle DBA Job as a Fresher

Remote DBA Services

When you’re building (micro)services, you have lots of framework options. Spring Boot is no doubt a popular choice. But there’s more! Take Quarkus, a framework that’s considered the rising star for Kubernetes-native Java. It always depends on what's best for your situation, but how to choose the best solution if you're comparing 2 frameworks? Both Spring Boot and Quarkus have their positives and negatives. Let us compare the two by live coding a couple of common use cases in Spring Boot and Quarkus. After this talk, you’ll be ready to get started with Quarkus yourself, and know when to select Quarkus or Spring Boot.

Spring Boot vs Quarkus the ultimate battle - DevoxxUK

Jago de Vreede

Abhishek Deb(1), Mr Abdul Kalam(2) M. Des (UX) , School of Design, DIT University , Dehradun. This paper explores the future potential of AI-enabled smartphone processors, aiming to investigate the advancements, capabilities, and implications of integrating artificial intelligence (AI) into smartphone technology. The research study goals consist of evaluating the development of AI in mobile phone processors, analyzing the existing state as well as abilities of AI-enabled cpus determining future patterns as well as chances together with reviewing obstacles as well as factors to consider for more growth.

Exploring the Future Potential of AI-Enabled Smartphone Processors

debabhi2

Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...

Zilliz

Architecting Cloud Native Applications

WSO2

Dubai, often portrayed as a shimmering oasis in the desert, faces its own set of challenges, including the occasional threat of flooding. Despite its reputation for opulence and modernity, the emirate is not immune to the forces of nature. In recent years, Dubai has experienced sporadic but significant floods, testing the resilience of its infrastructure and communities. Among the critical lifelines in this bustling metropolis is the Dubai International Airport, a bustling hub that connects the city to the world. This article explores the intersection of Dubai flood events and the resilience demonstrated by the Dubai International Airport in the face of such challenges.

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...

Orbitshub

Axa Assurance Maroc - Insurer Innovation Award 2024

The Digital Insurer

How to Troubleshoot Apps for the Modern Connected Worker

ThousandEyes

Artificial Intelligence Chap.5 : Uncertainty

Khushali Kathiriya

EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER

MadyBayot

Angeliki Cooney has spent over twenty years at the forefront of the life sciences industry, working out of Wynantskill, NY. She is highly regarded for her dedication to advancing the development and accessibility of innovative treatments for chronic diseases, rare disorders, and cancer. Her professional journey has centered on strategic consulting for biopharmaceutical companies, facilitating digital transformation, enhancing omnichannel engagement, and refining strategic commercial practices. Angeliki's innovative contributions include pioneering several software-as-a-service (SaaS) products for the life sciences sector, earning her three patents. As the Senior Vice President of Life Sciences at Avenga, Angeliki orchestrated the firm's strategic entry into the U.S. market. Avenga, a renowned digital engineering and consulting firm, partners with significant entities in the pharmaceutical and biotechnology fields. Her leadership was instrumental in expanding Avenga's client base and establishing its presence in the competitive U.S. market.

Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...

Angeliki Cooney

AXA XL - Insurer Innovation Award Americas 2024

The Digital Insurer

Following the popularity of “Cloud Revolution: Exploring the New Wave of Serverless Spatial Data,” we’re thrilled to announce this much-anticipated encore webinar. In this sequel, we’ll dive deeper into the Cloud-Native realm by uncovering practical applications and FME support for these new formats, including COGs, COPC, FlatGeoBuf, GeoParquet, STAC, and ZARR. Building on the foundation laid by industry leaders Michelle Roby of Radiant Earth and Chris Holmes of Planet in the first webinar, this second part offers an in-depth look at the real-world application and behind-the-scenes dynamics of these cutting-edge formats. We will spotlight specific use-cases and workflows, showcasing their efficiency and relevance in practical scenarios. Discover the vast possibilities each format holds, highlighted through detailed discussions and demonstrations. Our expert speakers will dissect the key aspects and provide critical takeaways for effective use, ensuring attendees leave with a thorough understanding of how to apply these formats in their own projects. Elevate your understanding of how FME supports these cutting-edge technologies, enhancing your ability to manage, share, and analyze spatial data. Whether you’re building on knowledge from our initial session or are new to the serverless spatial data landscape, this webinar is your gateway to mastering cloud-native formats in your workflows.

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Safe Software

ICT role in 21st century education and its challenges

rafiqahmad00786416

[BuildWithAI] Introduction to Gemini.pdf

Sandro Moreira

Webinar Recording: https://www.panagenda.com/webinars/why-teams-call-analytics-is-critical-to-your-entire-business Nothing is as frustrating and noticeable as being in an important call and being unable to see or hear the other person. Not surprising then, that issues with Teams calls are among the most common problems users call their helpdesk for. Having in depth insight into everything relevant going on at the user’s device, local network, ISP and Microsoft itself during the call is crucial for good Microsoft Teams Call quality support. To ensure a quick and adequate solution and to ensure your users get the most out of their Microsoft 365. But did you know that ‘bad calls’ are also an excellent indicator of other problems arising? Precisely because it is so noticeable!? Like the canary in the mine, bad calls can be early indicators of problems. Problems that might otherwise not have been noticed for a while but can have a big impact on productivity and satisfaction. Join this session by Christoph Adler to learn how true Microsoft Teams call quality analytics helped other organizations troubleshoot bad calls and identify and fix problems that impacted Teams calls or the use of Microsoft365 in general. See what it can do to keep your users happy and productive! In this session we will cover - Why CQD data alone is not enough to troubleshoot call problems - The importance of attributing call problems to the right call participant - What call quality analytics can do to help you quickly find, fix-, and prevent problems - Why having retrospective detailed insights matters - Real life examples of how others have used Microsoft Teams call quality monitoring to problem shoot problems with their ISP, network, device health and more.

Why Teams call analytics are critical to your entire business

panagenda

The action of the next cyber saga takes place in the mystical lands of the Asia-Pacific region, where the main characters began their digital activities in the middle of 2021 and qualitatively strengthened it in 2022. Corporate espionage, document theft, audio recordings, and data leaks from messaging platforms were all a matter of one day for Dark Pink. Their geographical focus may have started in the Asia-Pacific region, but their ambitions knew no bounds, targeting a European government ministry in a bold move to expand their portfolio. Their victim profile was as diverse as a UN meeting, targeting military organizations, government agencies, and even a religious organization. Because discrimination is not a fashionable agenda. In the world of cybercrime, they serve as a reminder that sometimes the most serious threats come in the most unassuming packages with a pink bow.

Cyberprint. Dark Pink Apt Group [EN].pdf

Overkill Security

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Juan lago vázquez

Effective data discovery is crucial for maintaining compliance and mitigating risks in today's rapidly evolving privacy landscape. However, traditional manual approaches often struggle to keep pace with the growing volume and complexity of data. Join us for an insightful webinar where industry leaders from TrustArc and Privya will share their expertise on leveraging AI-powered solutions to revolutionize data discovery. You'll learn how to: - Effortlessly maintain a comprehensive, up-to-date data inventory - Harness code scanning insights to gain complete visibility into data flows leveraging the advantages of code scanning over DB scanning - Simplify compliance by leveraging Privya's integration with TrustArc - Implement proven strategies to mitigate third-party risks Our panel of experts will discuss real-world case studies and share practical strategies for overcoming common data discovery challenges. They'll also explore the latest trends and innovations in AI-driven data management, and how these technologies can help organizations stay ahead of the curve in an ever-changing privacy landscape.

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

TrustArc

Recently uploaded (20)

Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...

Strategies for Landing an Oracle DBA Job as a Fresher

Spring Boot vs Quarkus the ultimate battle - DevoxxUK

Exploring the Future Potential of AI-Enabled Smartphone Processors

Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...

Architecting Cloud Native Applications

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...

Axa Assurance Maroc - Insurer Innovation Award 2024

How to Troubleshoot Apps for the Modern Connected Worker

Artificial Intelligence Chap.5 : Uncertainty

EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER

Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...

AXA XL - Insurer Innovation Award Americas 2024

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

ICT role in 21st century education and its challenges

[BuildWithAI] Introduction to Gemini.pdf

Why Teams call analytics are critical to your entire business

Cyberprint. Dark Pink Apt Group [EN].pdf

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

Planning and Integrating Deception into Computer Security Defenses

1. Planning and Integrating Deception into Computer Security Defenses ! NSPW’14 Mohammed Almeshekah malmeshe@purdue.edu Eugene Spafford spaf@purdue.edu

2. Deception to Improve Security • Used as ad-hoc attempt: • Deception has been mainly used as “trapping” or “deterrence” tools. • Traditional security (-) and deception (+) work in tandem. • Three unique advantages: 1.Increase entropy of leakage. 2.Gain information about adversaries. 3.Gives defenders an edge in OODA.

3. Why are you using this deceptive method? Deception Model (1) Strategic Goal

4. What effect(s) do you want to see on the attacker? Deception Model (2) Desired Reaction(s)

5. What are the plausible responses to the attack and which ones should you use? Deception Model (3) Exploit Attacker’s Biases

6. Make your system lie Deception Model (4) Apply Deception

7. Deception Model (4) Apply Deception

8. Define Success and Failure Deception Model (5) Deception Feedback Channels

9. Assess the new risks introduced by deception Deception Model (6) Risk Assessment

10. Deceptive components should be part of the real system Deception Model (7) Implementation and Integration

11. Continuous monitoring and dynamic adjustment based on the attacker’s response Deception Model (8) Monitoring and Dynamic Adjusting

12. Continuous monitoring and dynamic adjustment based on the attacker’s response Deception Model (8) Monitoring and Dynamic Adjusting

13. Continuous monitoring and dynamic adjustment based on the attacker’s response Deception Model (8) Monitoring and Dynamic Adjusting

14. Thanks! @meshekah @TheRealSpaf

Planning and Integrating Deception into Computer Security Defenses

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Planning and Integrating Deception into Computer Security Defenses

Similar to Planning and Integrating Deception into Computer Security Defenses (20)

Recently uploaded

Recently uploaded (20)

Planning and Integrating Deception into Computer Security Defenses