SlideShare a Scribd company logo

45th_TF-CSIRT_Meeting_CSUC_Poznan_2014

Jordi Guijarro
Jordi Guijarro
1 of 38
Download to read offline
CSUC-CSIRT: Security services for Catalan R&E community jordi.guijarro@csuc.cat @jordiguijarro @cloudadms Poznan, 21/05/2015
Agenda IntroductionIntroduction CSUC-CSIRT Context Our Services Ecosystem of tools In the near future Q&A
New Catalan Universities services consortium (formerly known as CESCA)
OUR VISION
Focused to Research and Education agents
Focused to Research and Education agents
Regional R&E Networks
Our services
“CSUC” and Security Serveis In Operation from 2003 Services • Equip de Resposta a Incidents de l'Anella Científica (ERIAC) •Proactive detection •Incident Handling •Network focused Listening to the NET: SMARTxAC ERIAC: Security Response Team SMARTxAC
Security Services: CSUC-CSIRT http://www.csuc.cat/en/communications/security/incident-response-team
Security incidents statistics 2012 2013 2014 Abusive content 40% 20% 33% Availability 2% 5% 6% Fraud 7% 14% 7% Malware 19% 27% 24% Information rec.. 4% 5% 4% Data Security 5% 5% 2% Intrusion 4% 2% 6% Intrusion Attempt 16% 8% 8% Other 3% 12% 10% Total Crítical High Medium Low 2012 660 2% 11% 19% 68% 2013 410 3% 4% 13% 79% 2014 689 12% 2% 10% 76% 0 20 40 60 80 100 120 140 G F M A M J J A S O N D
¿Inside our DNA?
NOW -> CERTSI Collaboration
Collaboration
New challenges - “Hybrid Clouds”
Ecosystem of tools
HOMEMADE FEEDS HUB Ecosystem of tools
Nfsen + Cymru “power” -> Flow Sonar
Logs correlation
External feeds placed together
External feeds placed together
SmartxAC Platform SMARTxAC is the collaboration between UPC BarcelonaTech (CCABA) and CSUC
Architecture
Apps detection
Apps Classification
Top N
Autozoom
Security anomalies detection
Flows search
Eyes for our constituency
HOMEMADE FEEDS HUB Proactive monitoring workflow and tools
Close to University (be viral!) Master in Security Technologies
Near Future New Audit ServicesNew Audit Services RT → RTIR More focus to DNS DDOS 'headache' And continuously listening the NET ;-)
Dzięki!Dzięki! Thanks!Thanks! Gracias!Gracias! Gràcies!Gràcies! jordi.guijarro@csuc.cat CSUC-CSIRT (eriac@csuc.cat) Q & A time Note: ERI -> CSIRT in Catalan

Recommended

Security Trainingen 2015
Security Trainingen 2015Security Trainingen 2015
Security Trainingen 2015Roderick Commerell
 
Saber 11 2011_promedio_por_areas
Saber 11 2011_promedio_por_areasSaber 11 2011_promedio_por_areas
Saber 11 2011_promedio_por_areasjeaport
 
Trace Mc Entire1 121009
Trace Mc Entire1 121009Trace Mc Entire1 121009
Trace Mc Entire1 121009Mike Domingos
 
Psicomotricidad en los programas del Método Doman
Psicomotricidad en los programas del Método DomanPsicomotricidad en los programas del Método Doman
Psicomotricidad en los programas del Método DomanSantiago Ortiz
 
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...Dale Butler
 
European smart grid cyber and scada security
European smart grid cyber and scada securityEuropean smart grid cyber and scada security
European smart grid cyber and scada securityYulia Rotar
 
Fintech Belgium_Webinar 3: Cybersecurity / Covid-19: Home Working Challenge ...
Fintech Belgium_Webinar 3: Cybersecurity / Covid-19: Home Working Challenge ... Fintech Belgium_Webinar 3: Cybersecurity / Covid-19: Home Working Challenge ...
Fintech Belgium_Webinar 3: Cybersecurity / Covid-19: Home Working Challenge ...FinTech Belgium
 
Cyber risks in supply chains
Cyber risks in supply chains Cyber risks in supply chains
Cyber risks in supply chains Aparajita Banerjee
 

Recommended

Security Trainingen 2015
Security Trainingen 2015Security Trainingen 2015
Security Trainingen 2015Roderick Commerell
 
Saber 11 2011_promedio_por_areas
Saber 11 2011_promedio_por_areasSaber 11 2011_promedio_por_areas
Saber 11 2011_promedio_por_areasjeaport
 
Trace Mc Entire1 121009
Trace Mc Entire1 121009Trace Mc Entire1 121009
Trace Mc Entire1 121009Mike Domingos
 
Psicomotricidad en los programas del Método Doman
Psicomotricidad en los programas del Método DomanPsicomotricidad en los programas del Método Doman
Psicomotricidad en los programas del Método DomanSantiago Ortiz
 
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...Dale Butler
 
European smart grid cyber and scada security
European smart grid cyber and scada securityEuropean smart grid cyber and scada security
European smart grid cyber and scada securityYulia Rotar
 
Fintech Belgium_Webinar 3: Cybersecurity / Covid-19: Home Working Challenge ...
Fintech Belgium_Webinar 3: Cybersecurity / Covid-19: Home Working Challenge ... Fintech Belgium_Webinar 3: Cybersecurity / Covid-19: Home Working Challenge ...
Fintech Belgium_Webinar 3: Cybersecurity / Covid-19: Home Working Challenge ...FinTech Belgium
 
Cyber risks in supply chains
Cyber risks in supply chains Cyber risks in supply chains
Cyber risks in supply chains Aparajita Banerjee
 
The SCISSOR approach to establishing situational awareness in Industrial Cont...
The SCISSOR approach to establishing situational awareness in Industrial Cont...The SCISSOR approach to establishing situational awareness in Industrial Cont...
The SCISSOR approach to establishing situational awareness in Industrial Cont...Stefano Salsano
 
New 2020 Vision web site coming soon.
New 2020 Vision web site coming soon.New 2020 Vision web site coming soon.
New 2020 Vision web site coming soon.Peter Houlis CSyP MSyl
 
Iot cyber security
Iot cyber securityIot cyber security
Iot cyber securitysajid mehmood
 
SC7 Workshop 3: Enhancing cyber defence of cyber space systems
SC7 Workshop 3: Enhancing cyber defence of cyber space systemsSC7 Workshop 3: Enhancing cyber defence of cyber space systems
SC7 Workshop 3: Enhancing cyber defence of cyber space systemsBigData_Europe
 
Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...
Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...
Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...TelecomValley
 
DEEP LEARNING APPROACH FOR SUSPICIOUS ACTIVITY DETECTION FROM SURVEILLANCE VIDEO
DEEP LEARNING APPROACH FOR SUSPICIOUS ACTIVITY DETECTION FROM SURVEILLANCE VIDEODEEP LEARNING APPROACH FOR SUSPICIOUS ACTIVITY DETECTION FROM SURVEILLANCE VIDEO
DEEP LEARNING APPROACH FOR SUSPICIOUS ACTIVITY DETECTION FROM SURVEILLANCE VIDEOIRJET Journal
 
santoskumaarResume - updated
santoskumaarResume - updatedsantoskumaarResume - updated
santoskumaarResume - updatedSantos Kumaar.S
 
CCTV Courses in mumbai .pptx
CCTV Courses in mumbai .pptxCCTV Courses in mumbai .pptx
CCTV Courses in mumbai .pptxMUNEERASHAMNAD
 
Solent Cyber Security Cluster Event 2, ACE/UoS Presentation
Solent Cyber Security Cluster Event 2, ACE/UoS PresentationSolent Cyber Security Cluster Event 2, ACE/UoS Presentation
Solent Cyber Security Cluster Event 2, ACE/UoS PresentationNine23Ltd
 
MEDINA General Presentation
MEDINA General PresentationMEDINA General Presentation
MEDINA General PresentationMEDINA
 
University of Granada
University of GranadaUniversity of Granada
University of GranadaCisco Case Studies
 
ScadaLab Project
ScadaLab Project ScadaLab Project
ScadaLab Project JMBALBOA
 
Dean Economou - NICTA Overview
Dean Economou - NICTA OverviewDean Economou - NICTA Overview
Dean Economou - NICTA OverviewICT Illawarra
 
PSUT Cisco English.pptx
PSUT Cisco English.pptxPSUT Cisco English.pptx
PSUT Cisco English.pptxAshrafSabha3
 
Cybersecurity isaca
Cybersecurity isacaCybersecurity isaca
Cybersecurity isacaAntoine Vigneron
 
ATIPS - Advanced Technology Information Processing Systems
ATIPS - Advanced Technology Information Processing SystemsATIPS - Advanced Technology Information Processing Systems
ATIPS - Advanced Technology Information Processing SystemsWael Badawy
 
Cyber Security_Presentation_KTH
Cyber Security_Presentation_KTHCyber Security_Presentation_KTH
Cyber Security_Presentation_KTHAwais Shibli
 
SMi Group's Smart Grid Cyber Security 2019 conference
SMi Group's Smart Grid Cyber Security 2019 conferenceSMi Group's Smart Grid Cyber Security 2019 conference
SMi Group's Smart Grid Cyber Security 2019 conferenceDale Butler
 
Application scenarios and real-world deployments for IoT and Smart Cities
Application scenarios and real-world deployments for IoT and Smart CitiesApplication scenarios and real-world deployments for IoT and Smart Cities
Application scenarios and real-world deployments for IoT and Smart CitiesMàrius Montón
 
Infrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy HiremathInfrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy HiremathClubHack
 
NcN_CSUC_CSIRT
NcN_CSUC_CSIRTNcN_CSUC_CSIRT
NcN_CSUC_CSIRTJordi Guijarro
 
jguijarro_Dc4cities_DCDC_Abril15
jguijarro_Dc4cities_DCDC_Abril15jguijarro_Dc4cities_DCDC_Abril15
jguijarro_Dc4cities_DCDC_Abril15Jordi Guijarro
 

More Related Content

Similar to 45th_TF-CSIRT_Meeting_CSUC_Poznan_2014

The SCISSOR approach to establishing situational awareness in Industrial Cont...
The SCISSOR approach to establishing situational awareness in Industrial Cont...The SCISSOR approach to establishing situational awareness in Industrial Cont...
The SCISSOR approach to establishing situational awareness in Industrial Cont...Stefano Salsano
 
SC7 Workshop 3: Enhancing cyber defence of cyber space systems
SC7 Workshop 3: Enhancing cyber defence of cyber space systemsSC7 Workshop 3: Enhancing cyber defence of cyber space systems
SC7 Workshop 3: Enhancing cyber defence of cyber space systemsBigData_Europe
 
Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...
Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...
Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...TelecomValley
 
DEEP LEARNING APPROACH FOR SUSPICIOUS ACTIVITY DETECTION FROM SURVEILLANCE VIDEO
DEEP LEARNING APPROACH FOR SUSPICIOUS ACTIVITY DETECTION FROM SURVEILLANCE VIDEODEEP LEARNING APPROACH FOR SUSPICIOUS ACTIVITY DETECTION FROM SURVEILLANCE VIDEO
DEEP LEARNING APPROACH FOR SUSPICIOUS ACTIVITY DETECTION FROM SURVEILLANCE VIDEOIRJET Journal
 
santoskumaarResume - updated
santoskumaarResume - updatedsantoskumaarResume - updated
santoskumaarResume - updatedSantos Kumaar.S
 
CCTV Courses in mumbai .pptx
CCTV Courses in mumbai .pptxCCTV Courses in mumbai .pptx
CCTV Courses in mumbai .pptxMUNEERASHAMNAD
 
Solent Cyber Security Cluster Event 2, ACE/UoS Presentation
Solent Cyber Security Cluster Event 2, ACE/UoS PresentationSolent Cyber Security Cluster Event 2, ACE/UoS Presentation
Solent Cyber Security Cluster Event 2, ACE/UoS PresentationNine23Ltd
 
MEDINA General Presentation
MEDINA General PresentationMEDINA General Presentation
MEDINA General PresentationMEDINA
 
ScadaLab Project
ScadaLab Project ScadaLab Project
ScadaLab Project JMBALBOA
 
Dean Economou - NICTA Overview
Dean Economou - NICTA OverviewDean Economou - NICTA Overview
Dean Economou - NICTA OverviewICT Illawarra
 
PSUT Cisco English.pptx
PSUT Cisco English.pptxPSUT Cisco English.pptx
PSUT Cisco English.pptxAshrafSabha3
 
ATIPS - Advanced Technology Information Processing Systems
ATIPS - Advanced Technology Information Processing SystemsATIPS - Advanced Technology Information Processing Systems
ATIPS - Advanced Technology Information Processing SystemsWael Badawy
 
Cyber Security_Presentation_KTH
Cyber Security_Presentation_KTHCyber Security_Presentation_KTH
Cyber Security_Presentation_KTHAwais Shibli
 
SMi Group's Smart Grid Cyber Security 2019 conference
SMi Group's Smart Grid Cyber Security 2019 conferenceSMi Group's Smart Grid Cyber Security 2019 conference
SMi Group's Smart Grid Cyber Security 2019 conferenceDale Butler
 
Application scenarios and real-world deployments for IoT and Smart Cities
Application scenarios and real-world deployments for IoT and Smart CitiesApplication scenarios and real-world deployments for IoT and Smart Cities
Application scenarios and real-world deployments for IoT and Smart CitiesMàrius Montón
 
Infrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy HiremathInfrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy HiremathClubHack
 

Similar to 45th_TF-CSIRT_Meeting_CSUC_Poznan_2014 (20)

The SCISSOR approach to establishing situational awareness in Industrial Cont...
The SCISSOR approach to establishing situational awareness in Industrial Cont...The SCISSOR approach to establishing situational awareness in Industrial Cont...
The SCISSOR approach to establishing situational awareness in Industrial Cont...
 
New 2020 Vision web site coming soon.
New 2020 Vision web site coming soon.New 2020 Vision web site coming soon.
New 2020 Vision web site coming soon.
 
Iot cyber security
Iot cyber securityIot cyber security
Iot cyber security
 
SC7 Workshop 3: Enhancing cyber defence of cyber space systems
SC7 Workshop 3: Enhancing cyber defence of cyber space systemsSC7 Workshop 3: Enhancing cyber defence of cyber space systems
SC7 Workshop 3: Enhancing cyber defence of cyber space systems
 
Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...
Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...
Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...
 
DEEP LEARNING APPROACH FOR SUSPICIOUS ACTIVITY DETECTION FROM SURVEILLANCE VIDEO
DEEP LEARNING APPROACH FOR SUSPICIOUS ACTIVITY DETECTION FROM SURVEILLANCE VIDEODEEP LEARNING APPROACH FOR SUSPICIOUS ACTIVITY DETECTION FROM SURVEILLANCE VIDEO
DEEP LEARNING APPROACH FOR SUSPICIOUS ACTIVITY DETECTION FROM SURVEILLANCE VIDEO
 
santoskumaarResume - updated
santoskumaarResume - updatedsantoskumaarResume - updated
santoskumaarResume - updated
 
CCTV Courses in mumbai .pptx
CCTV Courses in mumbai .pptxCCTV Courses in mumbai .pptx
CCTV Courses in mumbai .pptx
 
Solent Cyber Security Cluster Event 2, ACE/UoS Presentation
Solent Cyber Security Cluster Event 2, ACE/UoS PresentationSolent Cyber Security Cluster Event 2, ACE/UoS Presentation
Solent Cyber Security Cluster Event 2, ACE/UoS Presentation
 
MEDINA General Presentation
MEDINA General PresentationMEDINA General Presentation
MEDINA General Presentation
 
University of Granada
University of GranadaUniversity of Granada
University of Granada
 
ScadaLab Project
ScadaLab Project ScadaLab Project
ScadaLab Project
 
Dean Economou - NICTA Overview
Dean Economou - NICTA OverviewDean Economou - NICTA Overview
Dean Economou - NICTA Overview
 
PSUT Cisco English.pptx
PSUT Cisco English.pptxPSUT Cisco English.pptx
PSUT Cisco English.pptx
 
Cybersecurity isaca
Cybersecurity isacaCybersecurity isaca
Cybersecurity isaca
 
ATIPS - Advanced Technology Information Processing Systems
ATIPS - Advanced Technology Information Processing SystemsATIPS - Advanced Technology Information Processing Systems
ATIPS - Advanced Technology Information Processing Systems
 
Cyber Security_Presentation_KTH
Cyber Security_Presentation_KTHCyber Security_Presentation_KTH
Cyber Security_Presentation_KTH
 
SMi Group's Smart Grid Cyber Security 2019 conference
SMi Group's Smart Grid Cyber Security 2019 conferenceSMi Group's Smart Grid Cyber Security 2019 conference
SMi Group's Smart Grid Cyber Security 2019 conference
 
Application scenarios and real-world deployments for IoT and Smart Cities
Application scenarios and real-world deployments for IoT and Smart CitiesApplication scenarios and real-world deployments for IoT and Smart Cities
Application scenarios and real-world deployments for IoT and Smart Cities
 
Infrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy HiremathInfrastructure Security by Sivamurthy Hiremath
Infrastructure Security by Sivamurthy Hiremath
 

More from Jordi Guijarro

jguijarro_Dc4cities_DCDC_Abril15
jguijarro_Dc4cities_DCDC_Abril15jguijarro_Dc4cities_DCDC_Abril15
jguijarro_Dc4cities_DCDC_Abril15Jordi Guijarro
 
jguijarro_opennebula_conf_2014_ss
jguijarro_opennebula_conf_2014_ssjguijarro_opennebula_conf_2014_ss
jguijarro_opennebula_conf_2014_ssJordi Guijarro
 
RedIRIS 2014 - Revising Software Innovation in Science University and Industr...
RedIRIS 2014 - Revising Software Innovation in Science University and Industr...RedIRIS 2014 - Revising Software Innovation in Science University and Industr...
RedIRIS 2014 - Revising Software Innovation in Science University and Industr...Jordi Guijarro
 
DC4Cities Project Overview - Goal: Data centres become energy adaptive
DC4Cities Project Overview - Goal: Data centres become energy adaptiveDC4Cities Project Overview - Goal: Data centres become energy adaptive
DC4Cities Project Overview - Goal: Data centres become energy adaptiveJordi Guijarro
 
Herramientas para la seguridad: prevención, protección y mitigación de DDoS
Herramientas para la seguridad: prevención, protección y mitigación de DDoSHerramientas para la seguridad: prevención, protección y mitigación de DDoS
Herramientas para la seguridad: prevención, protección y mitigación de DDoSJordi Guijarro
 
Jt2013 Exprimiendo la Infraestructura TIC con OpenNebula
Jt2013 Exprimiendo la Infraestructura TIC con OpenNebulaJt2013 Exprimiendo la Infraestructura TIC con OpenNebula
Jt2013 Exprimiendo la Infraestructura TIC con OpenNebulaJordi Guijarro
 
Community clouds from scratch
Community clouds from scratchCommunity clouds from scratch
Community clouds from scratchJordi Guijarro
 
Scaling software challenges
Scaling software challengesScaling software challenges
Scaling software challengesJordi Guijarro
 
Tnc2012 Spanish R&E Inter Cloud Initiative
Tnc2012 Spanish R&E Inter Cloud InitiativeTnc2012 Spanish R&E Inter Cloud Initiative
Tnc2012 Spanish R&E Inter Cloud InitiativeJordi Guijarro
 
X Foro Seguridad Red Iris Jguijarro
X Foro Seguridad Red Iris JguijarroX Foro Seguridad Red Iris Jguijarro
X Foro Seguridad Red Iris JguijarroJordi Guijarro
 
Infraestructuras A La Carta Jguijarro Cesca
Infraestructuras A La Carta Jguijarro CescaInfraestructuras A La Carta Jguijarro Cesca
Infraestructuras A La Carta Jguijarro CescaJordi Guijarro
 

More from Jordi Guijarro (13)

NcN_CSUC_CSIRT
NcN_CSUC_CSIRTNcN_CSUC_CSIRT
NcN_CSUC_CSIRT
 
jguijarro_Dc4cities_DCDC_Abril15
jguijarro_Dc4cities_DCDC_Abril15jguijarro_Dc4cities_DCDC_Abril15
jguijarro_Dc4cities_DCDC_Abril15
 
jguijarro_opennebula_conf_2014_ss
jguijarro_opennebula_conf_2014_ssjguijarro_opennebula_conf_2014_ss
jguijarro_opennebula_conf_2014_ss
 
RedIRIS 2014 - Revising Software Innovation in Science University and Industr...
RedIRIS 2014 - Revising Software Innovation in Science University and Industr...RedIRIS 2014 - Revising Software Innovation in Science University and Industr...
RedIRIS 2014 - Revising Software Innovation in Science University and Industr...
 
DC4Cities Project Overview - Goal: Data centres become energy adaptive
DC4Cities Project Overview - Goal: Data centres become energy adaptiveDC4Cities Project Overview - Goal: Data centres become energy adaptive
DC4Cities Project Overview - Goal: Data centres become energy adaptive
 
Herramientas para la seguridad: prevención, protección y mitigación de DDoS
Herramientas para la seguridad: prevención, protección y mitigación de DDoSHerramientas para la seguridad: prevención, protección y mitigación de DDoS
Herramientas para la seguridad: prevención, protección y mitigación de DDoS
 
Jt2013 Exprimiendo la Infraestructura TIC con OpenNebula
Jt2013 Exprimiendo la Infraestructura TIC con OpenNebulaJt2013 Exprimiendo la Infraestructura TIC con OpenNebula
Jt2013 Exprimiendo la Infraestructura TIC con OpenNebula
 
Community clouds from scratch
Community clouds from scratchCommunity clouds from scratch
Community clouds from scratch
 
Scaling software challenges
Scaling software challengesScaling software challenges
Scaling software challenges
 
Tnc2012 Spanish R&E Inter Cloud Initiative
Tnc2012 Spanish R&E Inter Cloud InitiativeTnc2012 Spanish R&E Inter Cloud Initiative
Tnc2012 Spanish R&E Inter Cloud Initiative
 
X Foro Seguridad Red Iris Jguijarro
X Foro Seguridad Red Iris JguijarroX Foro Seguridad Red Iris Jguijarro
X Foro Seguridad Red Iris Jguijarro
 
Megha Jt2011
Megha Jt2011Megha Jt2011
Megha Jt2011
 
Infraestructuras A La Carta Jguijarro Cesca
Infraestructuras A La Carta Jguijarro CescaInfraestructuras A La Carta Jguijarro Cesca
Infraestructuras A La Carta Jguijarro Cesca
 

45th_TF-CSIRT_Meeting_CSUC_Poznan_2014