BitDefender: Defensa centralizada contra amenazas multi-vector –
Configuración de un centro de respuesta para incidentes d...
Buzzwords are not enough!
•Stuxnet : digital weapon attacking Siemens'•Stuxnet : digital weapon attacking Siemens'
WinCC / PCS 7 SCADA Systems
•ZeuS...
CERT / CSIRT
Incident Management
•Early Detection
•Handling & Remediation
•Prevention
Incident Triage
•Incident Triage: What hit me?
•Attacker Profiler : Who is behind this ?
•Sizing the Incident: How hard wa...
Incident Coordination
•Root cause analysis
•Contacting law enforcement, CERTs
•Documenting and reporting the incident
•Pub...
Incident Resolution
•Removing the Exploits
•Fixing Vulnerabilities•Fixing Vulnerabilities
•Patch Management
•Risk Analysis...
Proactive Services - People
www.malwarecity.es
Proactive Services - Technologies
•Managed Networking & Security Devices
•Security Information & Event Management
•Honeypo...
Proactive Services - Processes
•Procedures, Incident workflow
•Ticket management system
•Affiliations : MSPAlliance, FIRST
WÜtzÉá _âÇzâ
f|ÇvxÜxÜxÄç?f|ÇvxÜxÜxÄç?f|ÇvxÜxÜxÄç?f|ÇvxÜxÜxÄç?
Upcoming SlideShare
Loading in …5
×

Defensa Centralizada contra amenazas multi-vector - Configuración de un centro de respuestas para incidentes de seguridad informática

837 views

Published on

Charla impartida por Dragos Lungu de BitDefender, en el evento "Asegura IT Camp2" que tuvo lugar los días 22, 23 y 24 de Octubre de 2010 en El Escorial.

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
837
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
18
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Defensa Centralizada contra amenazas multi-vector - Configuración de un centro de respuestas para incidentes de seguridad informática

  1. 1. BitDefender: Defensa centralizada contra amenazas multi-vector – Configuración de un centro de respuesta para incidentes de seguridad informática Dragos Lungu, BitDefender Consultant
  2. 2. Buzzwords are not enough!
  3. 3. •Stuxnet : digital weapon attacking Siemens'•Stuxnet : digital weapon attacking Siemens' WinCC / PCS 7 SCADA Systems •ZeuS/ZBOT Trojan : loots money from bank accounts •Spanair Flight JK 502 : malware led to 20 August 2008 tragedy, 154 people died.
  4. 4. CERT / CSIRT
  5. 5. Incident Management •Early Detection •Handling & Remediation •Prevention
  6. 6. Incident Triage •Incident Triage: What hit me? •Attacker Profiler : Who is behind this ? •Sizing the Incident: How hard was I hit ?
  7. 7. Incident Coordination •Root cause analysis •Contacting law enforcement, CERTs •Documenting and reporting the incident •Public announcements
  8. 8. Incident Resolution •Removing the Exploits •Fixing Vulnerabilities•Fixing Vulnerabilities •Patch Management •Risk Analysis •Business Continuity •Disaster Recovery •Evidence Collection •Digital Forensics
  9. 9. Proactive Services - People www.malwarecity.es
  10. 10. Proactive Services - Technologies •Managed Networking & Security Devices •Security Information & Event Management •Honeypots (SMTP, HTTP, Other) •Security Assements & Penetration Testing
  11. 11. Proactive Services - Processes •Procedures, Incident workflow •Ticket management system •Affiliations : MSPAlliance, FIRST
  12. 12. WÜtzÉá _âÇzâ f|ÇvxÜxÜxÄç?f|ÇvxÜxÜxÄç?f|ÇvxÜxÜxÄç?f|ÇvxÜxÜxÄç?

×