SlideShare a Scribd company logo

Abuse helper app - Networkshop44

Download as PPTX, PDF
Jisc
Jisc

AbuseHelper is a tool that automates the collection, processing, and reporting of abuse data to help organizations secure their networks. It ingests data from various feeds, processes it by augmenting, sanitizing, de-duplicating, filtering, and adding additional data. It then distributes actionable reports to customers through various outputs like email and security systems. This improves over manual processes by providing faster processing, timely reporting of only relevant data, and clear communication needs for responses. It also provides situational awareness through data visualization.

Education
1 of 28
AbuseHelper Lee Harrigan-Green
#nsw44 How we currently process abuse intel RTIR Report comes in Incident handler is alerted to new ticket Script parses data and creates tickets Incident handler processes report using home-grown script Data distributed to organisations as part of ticket creation process
#nsw44 How we currently process abuse intel 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all) RTIR Report comes in Incident handler is alerted to new ticket Script parses data and adds data to existing ticket Incident handler checks ticket for new data Incident handler sends data on to site
#nsw44 Process review findings »Shadowserver data delay ~24hrs »Getting the latest data sent out requires intervention by an incident handler »Incomplete data is sometimes sent out making investigations difficult »A response is often not required and creates unnecessary work for both parties 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all)
#nsw44 The landscape is evolving »Major vulnerabilities are being disclosed »More open/insecure services reachable via the internet »Malware is frequently becoming more complex »Guest networks and BYOD == Larger attack surface! »Increase in intel data and available feeds = security teams are processing a substantial amount of data »This means that we need to automate more! 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all)
#nsw44 We know we can do much better! »Faster processing »Timely reporting »All data should be actionable and relevant »Must communicate clearly when an acknowledgement or response is required 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all)
#nsw44 AbuseHelper »AbuseHelper or AbuseSA automates the collection, processing and reporting of intelligence and abuse data to help organisations secure their networks »Developed by Codenomicon a branch of Synopsys 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all)
#nsw44 AbuseHelper –What is it? The core of AbuseHelper is a framework to help with automating the distribution of abuse information in three steps: »Input feeds »Processing »Output 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all)
#nsw44 AbuseHelper – Input feeds »Shadowserver »Codenomicon sinkhole »Abuse.ch »Team-Cymru »Phishtank »Microsoft CTIP 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all)
#nsw44 AbuseHelper - Processing Processing the events from these feeds. »Augmenting »Sanitizing »De-duplicating »Filtering »Adding additional data (GeoIP,Whois, CRM, ASN lookups) 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all)
#nsw44 AbuseHelper - Output Sending out actionable reports to our customers. Outputs supported by AbuseHelper: »Direct emails »XMPP feeds »Incident handling systems »Updating firewall rules »CSV »JSON In the last couple of weeks 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all)
#nsw44 Options available to you! »Customers can specify how they want their data »Reporting style – do you want reports per-IP or aggregated per- org? »Reporting frequency is based on reporting style: › Per-IP = near real time › Aggregated = every 12 hours or daily 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all)
#nsw44 Incident walkthrough 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all) Input feeds Processing Output
#nsw44 Input feed »Each feed bot will frequently poll its source and retrieve data for ASN786 »Once retrieved, each bot will store the data in an XMPP chat room 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all)
#nsw44 Incident walkthrough 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all) Input feeds Processing Output
#nsw44 Data Processing The processing stage allows us to customise certain aspects of the data we receive from each feed. We will: »Filter out reports with “missing data” »Remove duplicate entries »Run whois lookups to find correct contacts »Run GeoIP lookups on IP address »Retrieve reporting style for each customer Once this work has been completed, the report is now ready to be outputted. 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all)
#nsw44 Incident walkthrough 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all) Input feeds Processing Output
#nsw44 Data output/distribution »The output stage is where we send the information to you »Once the processing stage is complete, what’s left will be an actionable report with the relevant contact details appended »An “RTIR bot” will then connect to our RTIR instance and send out data depending on the reporting style configured 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all)
#nsw44 Customer interaction »All reports will come from intelligence@csirt.ja.net »We will no longer require a response to issues from this address »RTIR reference number included with each report »Feel free to ask for assistance »Provide feedback where relevant (samples, C&C hosts, pcaps, proxy logs) 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all)
#nsw44 How does this improve things for you? ✓Faster processing ✓Timely reporting ✓All data will be actionable ✓Must communicate clearly when an acknowledgement or response is required ✓Sites will have more information to help secure their networks 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all)
#nsw44 How does this improve things for Janet CSIRT? Use of automation where possible to enable us to use our time for: »Research »Writing more best practice and advisory documents »Proactive “hunting” »Improve existing services and tools »Develop new services and tools 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all)
#nsw44 Situational Awareness »AbuseHelper provides a range of visualisation options giving us a better view and understanding of the state of security on the Janet network »We can see where we’ve improved as a network »Help identify where we could or should focus our efforts 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all)
#nsw44 Visualisation example 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all)
#nsw44 Visualisation example 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all)
#nsw44 Visualisation example 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all)
#nsw44 Visualisation example 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all)
#nsw44 Where we are currently »Around 100 Jisc customers currently receiving AbuseHelper reporting »Deployment has been slow due to efforts on other projects »Currently only processing ShadowServer data »Feedback from the initial pilot organisations is positive »Looking for all customers active by June »If you want to be added sooner please get in contact 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all)
#nsw44 jisc.ac.uk Thanks for listening! Lee Harrigan-Green Senior Security Architect Lee.Harrigan-Green@jisc.ac.uk

Recommended

REF Compliance Checker for EPrints - Tim Miles-Board
REF Compliance Checker for EPrints - Tim Miles-BoardREF Compliance Checker for EPrints - Tim Miles-Board
REF Compliance Checker for EPrints - Tim Miles-Board
Jisc
 
Introducing the IRUSdataUK pilot webinar
Introducing the IRUSdataUK pilot webinarIntroducing the IRUSdataUK pilot webinar
Introducing the IRUSdataUK pilot webinar
Jisc
 
OpenAIRE: Science. Set Free, Iryna Kuchma, EIFL
OpenAIRE: Science. Set Free, Iryna Kuchma, EIFLOpenAIRE: Science. Set Free, Iryna Kuchma, EIFL
OpenAIRE: Science. Set Free, Iryna Kuchma, EIFL
Platforma Otwartej Nauki
 
OpenAIRE presentation - Open Access Week 2014 @EKT Conference (Greece)
OpenAIRE presentation - Open Access Week 2014 @EKT Conference (Greece)OpenAIRE presentation - Open Access Week 2014 @EKT Conference (Greece)
OpenAIRE presentation - Open Access Week 2014 @EKT Conference (Greece)
Pedro Príncipe
 
Open Data & Open Research Data Repositories
Open Data & Open Research Data RepositoriesOpen Data & Open Research Data Repositories
Open Data & Open Research Data Repositories
Vasantha Raju N
 
Practical Guide to Publishing Open Data
Practical Guide to Publishing Open DataPractical Guide to Publishing Open Data
Practical Guide to Publishing Open Data
Derilinx
 
Introducing the IRUSdataUK pilot - Jisc Digifest 2016
Introducing the IRUSdataUK pilot - Jisc Digifest 2016Introducing the IRUSdataUK pilot - Jisc Digifest 2016
Introducing the IRUSdataUK pilot - Jisc Digifest 2016
Jisc
 
Tryggve support for-research
Tryggve support for-researchTryggve support for-research
Tryggve support for-research
anttipursula
 

Recommended

REF Compliance Checker for EPrints - Tim Miles-Board
REF Compliance Checker for EPrints - Tim Miles-BoardREF Compliance Checker for EPrints - Tim Miles-Board
REF Compliance Checker for EPrints - Tim Miles-Board
Jisc
 
Introducing the IRUSdataUK pilot webinar
Introducing the IRUSdataUK pilot webinarIntroducing the IRUSdataUK pilot webinar
Introducing the IRUSdataUK pilot webinar
Jisc
 
OpenAIRE: Science. Set Free, Iryna Kuchma, EIFL
OpenAIRE: Science. Set Free, Iryna Kuchma, EIFLOpenAIRE: Science. Set Free, Iryna Kuchma, EIFL
OpenAIRE: Science. Set Free, Iryna Kuchma, EIFL
Platforma Otwartej Nauki
 
OpenAIRE presentation - Open Access Week 2014 @EKT Conference (Greece)
OpenAIRE presentation - Open Access Week 2014 @EKT Conference (Greece)OpenAIRE presentation - Open Access Week 2014 @EKT Conference (Greece)
OpenAIRE presentation - Open Access Week 2014 @EKT Conference (Greece)
Pedro Príncipe
 
Open Data & Open Research Data Repositories
Open Data & Open Research Data RepositoriesOpen Data & Open Research Data Repositories
Open Data & Open Research Data Repositories
Vasantha Raju N
 
Practical Guide to Publishing Open Data
Practical Guide to Publishing Open DataPractical Guide to Publishing Open Data
Practical Guide to Publishing Open Data
Derilinx
 
Introducing the IRUSdataUK pilot - Jisc Digifest 2016
Introducing the IRUSdataUK pilot - Jisc Digifest 2016Introducing the IRUSdataUK pilot - Jisc Digifest 2016
Introducing the IRUSdataUK pilot - Jisc Digifest 2016
Jisc
 
Tryggve support for-research
Tryggve support for-researchTryggve support for-research
Tryggve support for-research
anttipursula
 
ICIC 2017: Publication Analysis and Publication Strategy
ICIC 2017: Publication Analysis and Publication Strategy ICIC 2017: Publication Analysis and Publication Strategy
ICIC 2017: Publication Analysis and Publication Strategy
Dr. Haxel Consult
 
7th Content Providers Community Call
7th Content Providers Community Call7th Content Providers Community Call
7th Content Providers Community Call
OpenAIRE
 
OpenAIRE@info day_amsterdam_jan_2016
OpenAIRE@info day_amsterdam_jan_2016OpenAIRE@info day_amsterdam_jan_2016
OpenAIRE@info day_amsterdam_jan_2016
OpenAIRE
 
Open Research Gateway for the ELIXIR-GR Infrastructure (Part 2)
Open Research Gateway for the ELIXIR-GR Infrastructure (Part 2)Open Research Gateway for the ELIXIR-GR Infrastructure (Part 2)
Open Research Gateway for the ELIXIR-GR Infrastructure (Part 2)
OpenAIRE
 
Monitoring in Big Data Frameworks @ Big Data Meetup, Timisoara, 2015
Monitoring in Big Data Frameworks @ Big Data Meetup, Timisoara, 2015Monitoring in Big Data Frameworks @ Big Data Meetup, Timisoara, 2015
Monitoring in Big Data Frameworks @ Big Data Meetup, Timisoara, 2015
Institute e-Austria Timisoara
 
151111 tryggve-nordic biobank
151111 tryggve-nordic biobank151111 tryggve-nordic biobank
151111 tryggve-nordic biobank
anttipursula
 
Open Research Gateway for the ELIXIR-GR Infrastructure (Part 3)
Open Research Gateway for the ELIXIR-GR Infrastructure (Part 3)Open Research Gateway for the ELIXIR-GR Infrastructure (Part 3)
Open Research Gateway for the ELIXIR-GR Infrastructure (Part 3)
OpenAIRE
 
The OpenAIRE Catalogue of Services: Towards Open Science - Workshop: Design y...
The OpenAIRE Catalogue of Services: Towards Open Science - Workshop: Design y...The OpenAIRE Catalogue of Services: Towards Open Science - Workshop: Design y...
The OpenAIRE Catalogue of Services: Towards Open Science - Workshop: Design y...
OpenAIRE
 
Overview of the OA mandate and OpenAIRE infrastructure, Inge Van Nieuwerburgh...
Overview of the OA mandate and OpenAIRE infrastructure, Inge Van Nieuwerburgh...Overview of the OA mandate and OpenAIRE infrastructure, Inge Van Nieuwerburgh...
Overview of the OA mandate and OpenAIRE infrastructure, Inge Van Nieuwerburgh...
OpenAIRE
 
THOR Ambassador Webinar
THOR Ambassador WebinarTHOR Ambassador Webinar
THOR Ambassador Webinar
Maaike Duine
 
20170501 Distributed Network of Digital Heritage Information
20170501 Distributed Network of Digital Heritage Information20170501 Distributed Network of Digital Heritage Information
20170501 Distributed Network of Digital Heritage Information
Enno Meijers
 
balloon: LOD forecasting - cloudy with a chance of services
balloon: LOD forecasting - cloudy with a chance of servicesballoon: LOD forecasting - cloudy with a chance of services
balloon: LOD forecasting - cloudy with a chance of services
Kai Schlegel
 
OpenAIRE implementing open science
OpenAIRE implementing open scienceOpenAIRE implementing open science
OpenAIRE implementing open science
Jisc
 
Jisc support for equipment sharing - update for S-Lab Rothamsted conference J...
Jisc support for equipment sharing - update for S-Lab Rothamsted conference J...Jisc support for equipment sharing - update for S-Lab Rothamsted conference J...
Jisc support for equipment sharing - update for S-Lab Rothamsted conference J...
Martin Hamilton
 
OpenAIRE-connect: Services for open science
OpenAIRE-connect: Services for open scienceOpenAIRE-connect: Services for open science
OpenAIRE-connect: Services for open science
Jisc
 
Big Data Security: Facing the challenge
Big Data Security: Facing the challengeBig Data Security: Facing the challenge
Big Data Security: Facing the challenge
Stratio
 
The Scholix Framework and the OpenAIRE Scholexplorer Service (OpenAIRE webina...
The Scholix Framework and the OpenAIRE Scholexplorer Service (OpenAIRE webina...The Scholix Framework and the OpenAIRE Scholexplorer Service (OpenAIRE webina...
The Scholix Framework and the OpenAIRE Scholexplorer Service (OpenAIRE webina...
OpenAIRE
 
How compliant is your institution? Meeting RCUK and REF metadata and policy r...
How compliant is your institution? Meeting RCUK and REF metadata and policy r...How compliant is your institution? Meeting RCUK and REF metadata and policy r...
How compliant is your institution? Meeting RCUK and REF metadata and policy r...
Jisc
 
balloon Fusion: SPARQL Rewriting Based on Unified Co-Reference Information
balloon Fusion: SPARQL Rewriting Based on Unified Co-Reference Informationballoon Fusion: SPARQL Rewriting Based on Unified Co-Reference Information
balloon Fusion: SPARQL Rewriting Based on Unified Co-Reference Information
Kai Schlegel
 
New Product Introductions - Minesoft
New Product Introductions - MinesoftNew Product Introductions - Minesoft
New Product Introductions - Minesoft
Dr. Haxel Consult
 
Internet in space - Networkshop44
Internet in space - Networkshop44Internet in space - Networkshop44
Internet in space - Networkshop44
Jisc
 
Application of Assent in the safe - Networkshop44
Application of Assent in the safe - Networkshop44Application of Assent in the safe - Networkshop44
Application of Assent in the safe - Networkshop44
Jisc
 

More Related Content

What's hot

ICIC 2017: Publication Analysis and Publication Strategy
ICIC 2017: Publication Analysis and Publication Strategy ICIC 2017: Publication Analysis and Publication Strategy
ICIC 2017: Publication Analysis and Publication Strategy
Dr. Haxel Consult
 
7th Content Providers Community Call
7th Content Providers Community Call7th Content Providers Community Call
7th Content Providers Community Call
OpenAIRE
 
OpenAIRE@info day_amsterdam_jan_2016
OpenAIRE@info day_amsterdam_jan_2016OpenAIRE@info day_amsterdam_jan_2016
OpenAIRE@info day_amsterdam_jan_2016
OpenAIRE
 
Open Research Gateway for the ELIXIR-GR Infrastructure (Part 2)
Open Research Gateway for the ELIXIR-GR Infrastructure (Part 2)Open Research Gateway for the ELIXIR-GR Infrastructure (Part 2)
Open Research Gateway for the ELIXIR-GR Infrastructure (Part 2)
OpenAIRE
 
Monitoring in Big Data Frameworks @ Big Data Meetup, Timisoara, 2015
Monitoring in Big Data Frameworks @ Big Data Meetup, Timisoara, 2015Monitoring in Big Data Frameworks @ Big Data Meetup, Timisoara, 2015
Monitoring in Big Data Frameworks @ Big Data Meetup, Timisoara, 2015
Institute e-Austria Timisoara
 
151111 tryggve-nordic biobank
151111 tryggve-nordic biobank151111 tryggve-nordic biobank
151111 tryggve-nordic biobank
anttipursula
 
Open Research Gateway for the ELIXIR-GR Infrastructure (Part 3)
Open Research Gateway for the ELIXIR-GR Infrastructure (Part 3)Open Research Gateway for the ELIXIR-GR Infrastructure (Part 3)
Open Research Gateway for the ELIXIR-GR Infrastructure (Part 3)
OpenAIRE
 
The OpenAIRE Catalogue of Services: Towards Open Science - Workshop: Design y...
The OpenAIRE Catalogue of Services: Towards Open Science - Workshop: Design y...The OpenAIRE Catalogue of Services: Towards Open Science - Workshop: Design y...
The OpenAIRE Catalogue of Services: Towards Open Science - Workshop: Design y...
OpenAIRE
 
Overview of the OA mandate and OpenAIRE infrastructure, Inge Van Nieuwerburgh...
Overview of the OA mandate and OpenAIRE infrastructure, Inge Van Nieuwerburgh...Overview of the OA mandate and OpenAIRE infrastructure, Inge Van Nieuwerburgh...
Overview of the OA mandate and OpenAIRE infrastructure, Inge Van Nieuwerburgh...
OpenAIRE
 
THOR Ambassador Webinar
THOR Ambassador WebinarTHOR Ambassador Webinar
THOR Ambassador Webinar
Maaike Duine
 
20170501 Distributed Network of Digital Heritage Information
20170501 Distributed Network of Digital Heritage Information20170501 Distributed Network of Digital Heritage Information
20170501 Distributed Network of Digital Heritage Information
Enno Meijers
 
balloon: LOD forecasting - cloudy with a chance of services
balloon: LOD forecasting - cloudy with a chance of servicesballoon: LOD forecasting - cloudy with a chance of services
balloon: LOD forecasting - cloudy with a chance of services
Kai Schlegel
 
OpenAIRE implementing open science
OpenAIRE implementing open scienceOpenAIRE implementing open science
OpenAIRE implementing open science
Jisc
 
Jisc support for equipment sharing - update for S-Lab Rothamsted conference J...
Jisc support for equipment sharing - update for S-Lab Rothamsted conference J...Jisc support for equipment sharing - update for S-Lab Rothamsted conference J...
Jisc support for equipment sharing - update for S-Lab Rothamsted conference J...
Martin Hamilton
 
OpenAIRE-connect: Services for open science
OpenAIRE-connect: Services for open scienceOpenAIRE-connect: Services for open science
OpenAIRE-connect: Services for open science
Jisc
 
Big Data Security: Facing the challenge
Big Data Security: Facing the challengeBig Data Security: Facing the challenge
Big Data Security: Facing the challenge
Stratio
 
The Scholix Framework and the OpenAIRE Scholexplorer Service (OpenAIRE webina...
The Scholix Framework and the OpenAIRE Scholexplorer Service (OpenAIRE webina...The Scholix Framework and the OpenAIRE Scholexplorer Service (OpenAIRE webina...
The Scholix Framework and the OpenAIRE Scholexplorer Service (OpenAIRE webina...
OpenAIRE
 
How compliant is your institution? Meeting RCUK and REF metadata and policy r...
How compliant is your institution? Meeting RCUK and REF metadata and policy r...How compliant is your institution? Meeting RCUK and REF metadata and policy r...
How compliant is your institution? Meeting RCUK and REF metadata and policy r...
Jisc
 
balloon Fusion: SPARQL Rewriting Based on Unified Co-Reference Information
balloon Fusion: SPARQL Rewriting Based on Unified Co-Reference Informationballoon Fusion: SPARQL Rewriting Based on Unified Co-Reference Information
balloon Fusion: SPARQL Rewriting Based on Unified Co-Reference Information
Kai Schlegel
 
New Product Introductions - Minesoft
New Product Introductions - MinesoftNew Product Introductions - Minesoft
New Product Introductions - Minesoft
Dr. Haxel Consult
 

What's hot (20)

ICIC 2017: Publication Analysis and Publication Strategy
ICIC 2017: Publication Analysis and Publication Strategy ICIC 2017: Publication Analysis and Publication Strategy
ICIC 2017: Publication Analysis and Publication Strategy
 
7th Content Providers Community Call
7th Content Providers Community Call7th Content Providers Community Call
7th Content Providers Community Call
 
OpenAIRE@info day_amsterdam_jan_2016
OpenAIRE@info day_amsterdam_jan_2016OpenAIRE@info day_amsterdam_jan_2016
OpenAIRE@info day_amsterdam_jan_2016
 
Open Research Gateway for the ELIXIR-GR Infrastructure (Part 2)
Open Research Gateway for the ELIXIR-GR Infrastructure (Part 2)Open Research Gateway for the ELIXIR-GR Infrastructure (Part 2)
Open Research Gateway for the ELIXIR-GR Infrastructure (Part 2)
 
Monitoring in Big Data Frameworks @ Big Data Meetup, Timisoara, 2015
Monitoring in Big Data Frameworks @ Big Data Meetup, Timisoara, 2015Monitoring in Big Data Frameworks @ Big Data Meetup, Timisoara, 2015
Monitoring in Big Data Frameworks @ Big Data Meetup, Timisoara, 2015
 
151111 tryggve-nordic biobank
151111 tryggve-nordic biobank151111 tryggve-nordic biobank
151111 tryggve-nordic biobank
 
Open Research Gateway for the ELIXIR-GR Infrastructure (Part 3)
Open Research Gateway for the ELIXIR-GR Infrastructure (Part 3)Open Research Gateway for the ELIXIR-GR Infrastructure (Part 3)
Open Research Gateway for the ELIXIR-GR Infrastructure (Part 3)
 
The OpenAIRE Catalogue of Services: Towards Open Science - Workshop: Design y...
The OpenAIRE Catalogue of Services: Towards Open Science - Workshop: Design y...The OpenAIRE Catalogue of Services: Towards Open Science - Workshop: Design y...
The OpenAIRE Catalogue of Services: Towards Open Science - Workshop: Design y...
 
Overview of the OA mandate and OpenAIRE infrastructure, Inge Van Nieuwerburgh...
Overview of the OA mandate and OpenAIRE infrastructure, Inge Van Nieuwerburgh...Overview of the OA mandate and OpenAIRE infrastructure, Inge Van Nieuwerburgh...
Overview of the OA mandate and OpenAIRE infrastructure, Inge Van Nieuwerburgh...
 
THOR Ambassador Webinar
THOR Ambassador WebinarTHOR Ambassador Webinar
THOR Ambassador Webinar
 
20170501 Distributed Network of Digital Heritage Information
20170501 Distributed Network of Digital Heritage Information20170501 Distributed Network of Digital Heritage Information
20170501 Distributed Network of Digital Heritage Information
 
balloon: LOD forecasting - cloudy with a chance of services
balloon: LOD forecasting - cloudy with a chance of servicesballoon: LOD forecasting - cloudy with a chance of services
balloon: LOD forecasting - cloudy with a chance of services
 
OpenAIRE implementing open science
OpenAIRE implementing open scienceOpenAIRE implementing open science
OpenAIRE implementing open science
 
Jisc support for equipment sharing - update for S-Lab Rothamsted conference J...
Jisc support for equipment sharing - update for S-Lab Rothamsted conference J...Jisc support for equipment sharing - update for S-Lab Rothamsted conference J...
Jisc support for equipment sharing - update for S-Lab Rothamsted conference J...
 
OpenAIRE-connect: Services for open science
OpenAIRE-connect: Services for open scienceOpenAIRE-connect: Services for open science
OpenAIRE-connect: Services for open science
 
Big Data Security: Facing the challenge
Big Data Security: Facing the challengeBig Data Security: Facing the challenge
Big Data Security: Facing the challenge
 
The Scholix Framework and the OpenAIRE Scholexplorer Service (OpenAIRE webina...
The Scholix Framework and the OpenAIRE Scholexplorer Service (OpenAIRE webina...The Scholix Framework and the OpenAIRE Scholexplorer Service (OpenAIRE webina...
The Scholix Framework and the OpenAIRE Scholexplorer Service (OpenAIRE webina...
 
How compliant is your institution? Meeting RCUK and REF metadata and policy r...
How compliant is your institution? Meeting RCUK and REF metadata and policy r...How compliant is your institution? Meeting RCUK and REF metadata and policy r...
How compliant is your institution? Meeting RCUK and REF metadata and policy r...
 
balloon Fusion: SPARQL Rewriting Based on Unified Co-Reference Information
balloon Fusion: SPARQL Rewriting Based on Unified Co-Reference Informationballoon Fusion: SPARQL Rewriting Based on Unified Co-Reference Information
balloon Fusion: SPARQL Rewriting Based on Unified Co-Reference Information
 
New Product Introductions - Minesoft
New Product Introductions - MinesoftNew Product Introductions - Minesoft
New Product Introductions - Minesoft
 

Viewers also liked

Internet in space - Networkshop44
Internet in space - Networkshop44Internet in space - Networkshop44
Internet in space - Networkshop44
Jisc
 
Application of Assent in the safe - Networkshop44
Application of Assent in the safe - Networkshop44Application of Assent in the safe - Networkshop44
Application of Assent in the safe - Networkshop44
Jisc
 
How to view a project, as a junior engineer - Networkshop44
How to view a project, as a junior engineer - Networkshop44How to view a project, as a junior engineer - Networkshop44
How to view a project, as a junior engineer - Networkshop44
Jisc
 
Trust and identity in the Géant project - Networkshop44
Trust and identity in the Géant project - Networkshop44Trust and identity in the Géant project - Networkshop44
Trust and identity in the Géant project - Networkshop44
Jisc
 
Professional development processes - Networkshop44
Professional development processes - Networkshop44Professional development processes - Networkshop44
Professional development processes - Networkshop44
Jisc
 
EAP TLS, the Rolls-Royce of extensible authentication protocol (EAP) methods ...
EAP TLS, the Rolls-Royce of extensible authentication protocol (EAP) methods ...EAP TLS, the Rolls-Royce of extensible authentication protocol (EAP) methods ...
EAP TLS, the Rolls-Royce of extensible authentication protocol (EAP) methods ...
Jisc
 
Attracting, recruiting and retaining staff - Networkshop44
Attracting, recruiting and retaining staff - Networkshop44Attracting, recruiting and retaining staff - Networkshop44
Attracting, recruiting and retaining staff - Networkshop44
Jisc
 
Greenbone vulnerability assessment - Networkshop44
Greenbone vulnerability assessment - Networkshop44Greenbone vulnerability assessment - Networkshop44
Greenbone vulnerability assessment - Networkshop44
Jisc
 
Eduroam seminar - Networkshop44 2016
Eduroam seminar - Networkshop44 2016Eduroam seminar - Networkshop44 2016
Eduroam seminar - Networkshop44 2016
Jisc
 
IPv6 experience from a large enterprise - Networkshop44
IPv6 experience from a large enterprise - Networkshop44IPv6 experience from a large enterprise - Networkshop44
IPv6 experience from a large enterprise - Networkshop44
Jisc
 
Network performance lessons from the coal face - Networkshop44
Network performance lessons from the coal face - Networkshop44Network performance lessons from the coal face - Networkshop44
Network performance lessons from the coal face - Networkshop44
Jisc
 
End to end performance - Networkshop44
End to end performance - Networkshop44End to end performance - Networkshop44
End to end performance - Networkshop44
Jisc
 
Jisc update janet6 upgrade networkshop44
Jisc update janet6 upgrade networkshop44Jisc update janet6 upgrade networkshop44
Jisc update janet6 upgrade networkshop44
Jisc
 
Edupert best practices in supporting end users - Networkshop44
Edupert best practices in supporting end users - Networkshop44Edupert best practices in supporting end users - Networkshop44
Edupert best practices in supporting end users - Networkshop44
Jisc
 
Finding vulnerabilities - networkshop44
Finding vulnerabilities - networkshop44Finding vulnerabilities - networkshop44
Finding vulnerabilities - networkshop44
Jisc
 
Development of Jisc security programme - Networkshop44
Development of Jisc security programme - Networkshop44Development of Jisc security programme - Networkshop44
Development of Jisc security programme - Networkshop44
Jisc
 
Data networking at UCL - Networkshop44
Data networking at UCL - Networkshop44Data networking at UCL - Networkshop44
Data networking at UCL - Networkshop44
Jisc
 
Ipv6 deployment at the university of warwick - networkshop44
Ipv6 deployment at the university of warwick - networkshop44Ipv6 deployment at the university of warwick - networkshop44
Ipv6 deployment at the university of warwick - networkshop44
Jisc
 
Dealing with pervasive monitoring - Networkshop44
Dealing with pervasive monitoring - Networkshop44Dealing with pervasive monitoring - Networkshop44
Dealing with pervasive monitoring - Networkshop44
Jisc
 
Data centre networking at the University of Bristol - Networkshop44
Data centre networking at the University of Bristol - Networkshop44Data centre networking at the University of Bristol - Networkshop44
Data centre networking at the University of Bristol - Networkshop44
Jisc
 

Viewers also liked (20)

Internet in space - Networkshop44
Internet in space - Networkshop44Internet in space - Networkshop44
Internet in space - Networkshop44
 
Application of Assent in the safe - Networkshop44
Application of Assent in the safe - Networkshop44Application of Assent in the safe - Networkshop44
Application of Assent in the safe - Networkshop44
 
How to view a project, as a junior engineer - Networkshop44
How to view a project, as a junior engineer - Networkshop44How to view a project, as a junior engineer - Networkshop44
How to view a project, as a junior engineer - Networkshop44
 
Trust and identity in the Géant project - Networkshop44
Trust and identity in the Géant project - Networkshop44Trust and identity in the Géant project - Networkshop44
Trust and identity in the Géant project - Networkshop44
 
Professional development processes - Networkshop44
Professional development processes - Networkshop44Professional development processes - Networkshop44
Professional development processes - Networkshop44
 
EAP TLS, the Rolls-Royce of extensible authentication protocol (EAP) methods ...
EAP TLS, the Rolls-Royce of extensible authentication protocol (EAP) methods ...EAP TLS, the Rolls-Royce of extensible authentication protocol (EAP) methods ...
EAP TLS, the Rolls-Royce of extensible authentication protocol (EAP) methods ...
 
Attracting, recruiting and retaining staff - Networkshop44
Attracting, recruiting and retaining staff - Networkshop44Attracting, recruiting and retaining staff - Networkshop44
Attracting, recruiting and retaining staff - Networkshop44
 
Greenbone vulnerability assessment - Networkshop44
Greenbone vulnerability assessment - Networkshop44Greenbone vulnerability assessment - Networkshop44
Greenbone vulnerability assessment - Networkshop44
 
Eduroam seminar - Networkshop44 2016
Eduroam seminar - Networkshop44 2016Eduroam seminar - Networkshop44 2016
Eduroam seminar - Networkshop44 2016
 
IPv6 experience from a large enterprise - Networkshop44
IPv6 experience from a large enterprise - Networkshop44IPv6 experience from a large enterprise - Networkshop44
IPv6 experience from a large enterprise - Networkshop44
 
Network performance lessons from the coal face - Networkshop44
Network performance lessons from the coal face - Networkshop44Network performance lessons from the coal face - Networkshop44
Network performance lessons from the coal face - Networkshop44
 
End to end performance - Networkshop44
End to end performance - Networkshop44End to end performance - Networkshop44
End to end performance - Networkshop44
 
Jisc update janet6 upgrade networkshop44
Jisc update janet6 upgrade networkshop44Jisc update janet6 upgrade networkshop44
Jisc update janet6 upgrade networkshop44
 
Edupert best practices in supporting end users - Networkshop44
Edupert best practices in supporting end users - Networkshop44Edupert best practices in supporting end users - Networkshop44
Edupert best practices in supporting end users - Networkshop44
 
Finding vulnerabilities - networkshop44
Finding vulnerabilities - networkshop44Finding vulnerabilities - networkshop44
Finding vulnerabilities - networkshop44
 
Development of Jisc security programme - Networkshop44
Development of Jisc security programme - Networkshop44Development of Jisc security programme - Networkshop44
Development of Jisc security programme - Networkshop44
 
Data networking at UCL - Networkshop44
Data networking at UCL - Networkshop44Data networking at UCL - Networkshop44
Data networking at UCL - Networkshop44
 
Ipv6 deployment at the university of warwick - networkshop44
Ipv6 deployment at the university of warwick - networkshop44Ipv6 deployment at the university of warwick - networkshop44
Ipv6 deployment at the university of warwick - networkshop44
 
Dealing with pervasive monitoring - Networkshop44
Dealing with pervasive monitoring - Networkshop44Dealing with pervasive monitoring - Networkshop44
Dealing with pervasive monitoring - Networkshop44
 
Data centre networking at the University of Bristol - Networkshop44
Data centre networking at the University of Bristol - Networkshop44Data centre networking at the University of Bristol - Networkshop44
Data centre networking at the University of Bristol - Networkshop44
 

Similar to Abuse helper app - Networkshop44

Best Practices For Sharing Data Across The Enteprrise
Best Practices For Sharing Data Across The EnteprriseBest Practices For Sharing Data Across The Enteprrise
Best Practices For Sharing Data Across The Enteprrise
Splunk
 
Taking Splunk to the Next Level - Manager
Taking Splunk to the Next Level - ManagerTaking Splunk to the Next Level - Manager
Taking Splunk to the Next Level - Manager
Splunk
 
The Present and Future of Serverless Observability
The Present and Future of Serverless ObservabilityThe Present and Future of Serverless Observability
The Present and Future of Serverless Observability
C4Media
 
Introduction to Streaming Analytics
Introduction to Streaming AnalyticsIntroduction to Streaming Analytics
Introduction to Streaming Analytics
Guido Schmutz
 
WJAX 2019 - Taking Distributed Tracing to the next level
WJAX 2019 - Taking Distributed Tracing to the next levelWJAX 2019 - Taking Distributed Tracing to the next level
WJAX 2019 - Taking Distributed Tracing to the next level
Frank Pfleger
 
2014-12-16 defense news - shutdown the hackers
2014-12-16 defense news - shutdown the hackers2014-12-16 defense news - shutdown the hackers
2014-12-16 defense news - shutdown the hackers
Shawn Wells
 
Splunk Enterprise for InfoSec Hands-On Breakout Session
Splunk Enterprise for InfoSec Hands-On Breakout SessionSplunk Enterprise for InfoSec Hands-On Breakout Session
Splunk Enterprise for InfoSec Hands-On Breakout Session
Splunk
 
Elevate your Splunk Deployment by Better Understanding your Value Breakfast S...
Elevate your Splunk Deployment by Better Understanding your Value Breakfast S...Elevate your Splunk Deployment by Better Understanding your Value Breakfast S...
Elevate your Splunk Deployment by Better Understanding your Value Breakfast S...
Splunk
 
Taking Splunk to the Next Level - Manager
Taking Splunk to the Next Level - ManagerTaking Splunk to the Next Level - Manager
Taking Splunk to the Next Level - Manager
Splunk
 
Jisc and janet network updates from network operations, operational services ...
Jisc and janet network updates from network operations, operational services ...Jisc and janet network updates from network operations, operational services ...
Jisc and janet network updates from network operations, operational services ...
Jisc
 
Primend Pilvekonverents - Azure Infrastruktuur
Primend Pilvekonverents - Azure InfrastruktuurPrimend Pilvekonverents - Azure Infrastruktuur
Primend Pilvekonverents - Azure Infrastruktuur
Primend
 
Nuix webinar presentation: See the bigger picture faster – early case assessm...
Nuix webinar presentation: See the bigger picture faster – early case assessm...Nuix webinar presentation: See the bigger picture faster – early case assessm...
Nuix webinar presentation: See the bigger picture faster – early case assessm...
Nina Ananiasvili
 
Introduction to Stream Processing
Introduction to Stream ProcessingIntroduction to Stream Processing
Introduction to Stream Processing
Guido Schmutz
 
IoT & Azure
IoT & AzureIoT & Azure
IoT & Azure
Mirco Vanini
 
Kafka summit SF 2019 - the art of the event-streaming app
Kafka summit SF 2019 - the art of the event-streaming appKafka summit SF 2019 - the art of the event-streaming app
Kafka summit SF 2019 - the art of the event-streaming app
Neil Avery
 
The art of the event streaming application: streams, stream processors and sc...
The art of the event streaming application: streams, stream processors and sc...The art of the event streaming application: streams, stream processors and sc...
The art of the event streaming application: streams, stream processors and sc...
confluent
 
Adventures in Real-World Data Science
Adventures in Real-World Data ScienceAdventures in Real-World Data Science
Adventures in Real-World Data Science
roblund
 
The present and future of serverless observability
The present and future of serverless observabilityThe present and future of serverless observability
The present and future of serverless observability
Yan Cui
 
Filtering From the Firehose: Real Time Social Media Streaming
Filtering From the Firehose: Real Time Social Media StreamingFiltering From the Firehose: Real Time Social Media Streaming
Filtering From the Firehose: Real Time Social Media Streaming
Cloud Elements
 
SDM (Standardized Data Management) - A Dynamic Adaptive Ingestion Frameworks ...
SDM (Standardized Data Management) - A Dynamic Adaptive Ingestion Frameworks ...SDM (Standardized Data Management) - A Dynamic Adaptive Ingestion Frameworks ...
SDM (Standardized Data Management) - A Dynamic Adaptive Ingestion Frameworks ...
DataWorks Summit
 

Similar to Abuse helper app - Networkshop44 (20)

Best Practices For Sharing Data Across The Enteprrise
Best Practices For Sharing Data Across The EnteprriseBest Practices For Sharing Data Across The Enteprrise
Best Practices For Sharing Data Across The Enteprrise
 
Taking Splunk to the Next Level - Manager
Taking Splunk to the Next Level - ManagerTaking Splunk to the Next Level - Manager
Taking Splunk to the Next Level - Manager
 
The Present and Future of Serverless Observability
The Present and Future of Serverless ObservabilityThe Present and Future of Serverless Observability
The Present and Future of Serverless Observability
 
Introduction to Streaming Analytics
Introduction to Streaming AnalyticsIntroduction to Streaming Analytics
Introduction to Streaming Analytics
 
WJAX 2019 - Taking Distributed Tracing to the next level
WJAX 2019 - Taking Distributed Tracing to the next levelWJAX 2019 - Taking Distributed Tracing to the next level
WJAX 2019 - Taking Distributed Tracing to the next level
 
2014-12-16 defense news - shutdown the hackers
2014-12-16 defense news - shutdown the hackers2014-12-16 defense news - shutdown the hackers
2014-12-16 defense news - shutdown the hackers
 
Splunk Enterprise for InfoSec Hands-On Breakout Session
Splunk Enterprise for InfoSec Hands-On Breakout SessionSplunk Enterprise for InfoSec Hands-On Breakout Session
Splunk Enterprise for InfoSec Hands-On Breakout Session
 
Elevate your Splunk Deployment by Better Understanding your Value Breakfast S...
Elevate your Splunk Deployment by Better Understanding your Value Breakfast S...Elevate your Splunk Deployment by Better Understanding your Value Breakfast S...
Elevate your Splunk Deployment by Better Understanding your Value Breakfast S...
 
Taking Splunk to the Next Level - Manager
Taking Splunk to the Next Level - ManagerTaking Splunk to the Next Level - Manager
Taking Splunk to the Next Level - Manager
 
Jisc and janet network updates from network operations, operational services ...
Jisc and janet network updates from network operations, operational services ...Jisc and janet network updates from network operations, operational services ...
Jisc and janet network updates from network operations, operational services ...
 
Primend Pilvekonverents - Azure Infrastruktuur
Primend Pilvekonverents - Azure InfrastruktuurPrimend Pilvekonverents - Azure Infrastruktuur
Primend Pilvekonverents - Azure Infrastruktuur
 
Nuix webinar presentation: See the bigger picture faster – early case assessm...
Nuix webinar presentation: See the bigger picture faster – early case assessm...Nuix webinar presentation: See the bigger picture faster – early case assessm...
Nuix webinar presentation: See the bigger picture faster – early case assessm...
 
Introduction to Stream Processing
Introduction to Stream ProcessingIntroduction to Stream Processing
Introduction to Stream Processing
 
IoT & Azure
IoT & AzureIoT & Azure
IoT & Azure
 
Kafka summit SF 2019 - the art of the event-streaming app
Kafka summit SF 2019 - the art of the event-streaming appKafka summit SF 2019 - the art of the event-streaming app
Kafka summit SF 2019 - the art of the event-streaming app
 
The art of the event streaming application: streams, stream processors and sc...
The art of the event streaming application: streams, stream processors and sc...The art of the event streaming application: streams, stream processors and sc...
The art of the event streaming application: streams, stream processors and sc...
 
Adventures in Real-World Data Science
Adventures in Real-World Data ScienceAdventures in Real-World Data Science
Adventures in Real-World Data Science
 
The present and future of serverless observability
The present and future of serverless observabilityThe present and future of serverless observability
The present and future of serverless observability
 
Filtering From the Firehose: Real Time Social Media Streaming
Filtering From the Firehose: Real Time Social Media StreamingFiltering From the Firehose: Real Time Social Media Streaming
Filtering From the Firehose: Real Time Social Media Streaming
 
SDM (Standardized Data Management) - A Dynamic Adaptive Ingestion Frameworks ...
SDM (Standardized Data Management) - A Dynamic Adaptive Ingestion Frameworks ...SDM (Standardized Data Management) - A Dynamic Adaptive Ingestion Frameworks ...
SDM (Standardized Data Management) - A Dynamic Adaptive Ingestion Frameworks ...
 

More from Jisc

Adobe Express Engagement Webinar (Delegate).pptx
Adobe Express Engagement Webinar (Delegate).pptxAdobe Express Engagement Webinar (Delegate).pptx
Adobe Express Engagement Webinar (Delegate).pptx
Jisc
 
How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...
Jisc
 
Supporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptxSupporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptx
Jisc
 
The approach at University of Liverpool.pptx
The approach at University of Liverpool.pptxThe approach at University of Liverpool.pptx
The approach at University of Liverpool.pptx
Jisc
 
Jisc's value to HE: the University of Sheffield
Jisc's value to HE: the University of SheffieldJisc's value to HE: the University of Sheffield
Jisc's value to HE: the University of Sheffield
Jisc
 
Towards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxTowards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptx
Jisc
 
Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)
Jisc
 
Wellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxWellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptx
Jisc
 
Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)
Jisc
 
Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...
Jisc
 
International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...
Jisc
 
Digital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptxDigital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptx
Jisc
 
Open Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptxOpen Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptx
Jisc
 
Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...
Jisc
 
How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...
Jisc
 
Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023
Jisc
 
Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023
Jisc
 
Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023
Jisc
 
JISC Presentation.pptx
JISC Presentation.pptxJISC Presentation.pptx
JISC Presentation.pptx
Jisc
 
Community-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptxCommunity-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptx
Jisc
 

More from Jisc (20)

Adobe Express Engagement Webinar (Delegate).pptx
Adobe Express Engagement Webinar (Delegate).pptxAdobe Express Engagement Webinar (Delegate).pptx
Adobe Express Engagement Webinar (Delegate).pptx
 
How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...
 
Supporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptxSupporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptx
 
The approach at University of Liverpool.pptx
The approach at University of Liverpool.pptxThe approach at University of Liverpool.pptx
The approach at University of Liverpool.pptx
 
Jisc's value to HE: the University of Sheffield
Jisc's value to HE: the University of SheffieldJisc's value to HE: the University of Sheffield
Jisc's value to HE: the University of Sheffield
 
Towards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxTowards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptx
 
Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)
 
Wellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxWellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptx
 
Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)
 
Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...
 
International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...
 
Digital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptxDigital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptx
 
Open Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptxOpen Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptx
 
Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...
 
How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...
 
Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023
 
Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023
 
Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023
 
JISC Presentation.pptx
JISC Presentation.pptxJISC Presentation.pptx
JISC Presentation.pptx
 
Community-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptxCommunity-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptx
 

Recently uploaded

special B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdfspecial B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdf
Special education needs
 
Introduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp NetworkIntroduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp Network
TechSoup
 
The Diamonds of 2023-2024 in the IGRA collection
The Diamonds of 2023-2024 in the IGRA collectionThe Diamonds of 2023-2024 in the IGRA collection
The Diamonds of 2023-2024 in the IGRA collection
Israel Genealogy Research Association
 
Operation Blue Star - Saka Neela Tara
Operation Blue Star - Saka Neela TaraOperation Blue Star - Saka Neela Tara
Operation Blue Star - Saka Neela Tara
Balvir Singh
 
Digital Artifact 2 - Investigating Pavilion Designs
Digital Artifact 2 - Investigating Pavilion DesignsDigital Artifact 2 - Investigating Pavilion Designs
Digital Artifact 2 - Investigating Pavilion Designs
chanes7
 
JEE1_This_section_contains_FOUR_ questions
JEE1_This_section_contains_FOUR_ questionsJEE1_This_section_contains_FOUR_ questions
JEE1_This_section_contains_FOUR_ questions
ShivajiThube2
 
A Survey of Techniques for Maximizing LLM Performance.pptx
A Survey of Techniques for Maximizing LLM Performance.pptxA Survey of Techniques for Maximizing LLM Performance.pptx
A Survey of Techniques for Maximizing LLM Performance.pptx
thanhdowork
 
S1-Introduction-Biopesticides in ICM.pptx
S1-Introduction-Biopesticides in ICM.pptxS1-Introduction-Biopesticides in ICM.pptx
S1-Introduction-Biopesticides in ICM.pptx
tarandeep35
 
Digital Artifact 1 - 10VCD Environments Unit
Digital Artifact 1 - 10VCD Environments UnitDigital Artifact 1 - 10VCD Environments Unit
Digital Artifact 1 - 10VCD Environments Unit
chanes7
 
A Strategic Approach: GenAI in Education
A Strategic Approach: GenAI in EducationA Strategic Approach: GenAI in Education
A Strategic Approach: GenAI in Education
Peter Windle
 
Pride Month Slides 2024 David Douglas School District
Pride Month Slides 2024 David Douglas School DistrictPride Month Slides 2024 David Douglas School District
Pride Month Slides 2024 David Douglas School District
David Douglas School District
 
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
Nguyen Thanh Tu Collection
 
Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.
Ashokrao Mane college of Pharmacy Peth-Vadgaon
 
Advantages and Disadvantages of CMS from an SEO Perspective
Advantages and Disadvantages of CMS from an SEO PerspectiveAdvantages and Disadvantages of CMS from an SEO Perspective
Advantages and Disadvantages of CMS from an SEO Perspective
Krisztián Száraz
 
The Accursed House by Émile Gaboriau.pptx
The Accursed House by Émile Gaboriau.pptxThe Accursed House by Émile Gaboriau.pptx
The Accursed House by Émile Gaboriau.pptx
DhatriParmar
 
Unit 8 - Information and Communication Technology (Paper I).pdf
Unit 8 - Information and Communication Technology (Paper I).pdfUnit 8 - Information and Communication Technology (Paper I).pdf
Unit 8 - Information and Communication Technology (Paper I).pdf
Thiyagu K
 
1.4 modern child centered education - mahatma gandhi-2.pptx
1.4 modern child centered education - mahatma gandhi-2.pptx1.4 modern child centered education - mahatma gandhi-2.pptx
1.4 modern child centered education - mahatma gandhi-2.pptx
JosvitaDsouza2
 
Chapter 4 - Islamic Financial Institutions in Malaysia.pptx
Chapter 4 - Islamic Financial Institutions in Malaysia.pptxChapter 4 - Islamic Financial Institutions in Malaysia.pptx
Chapter 4 - Islamic Financial Institutions in Malaysia.pptx
Mohd Adib Abd Muin, Senior Lecturer at Universiti Utara Malaysia
 
Model Attribute Check Company Auto Property
Model Attribute Check Company Auto PropertyModel Attribute Check Company Auto Property
Model Attribute Check Company Auto Property
Celine George
 
The Diamond Necklace by Guy De Maupassant.pptx
The Diamond Necklace by Guy De Maupassant.pptxThe Diamond Necklace by Guy De Maupassant.pptx
The Diamond Necklace by Guy De Maupassant.pptx
DhatriParmar
 

Recently uploaded (20)

special B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdfspecial B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdf
 
Introduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp NetworkIntroduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp Network
 
The Diamonds of 2023-2024 in the IGRA collection
The Diamonds of 2023-2024 in the IGRA collectionThe Diamonds of 2023-2024 in the IGRA collection
The Diamonds of 2023-2024 in the IGRA collection
 
Operation Blue Star - Saka Neela Tara
Operation Blue Star - Saka Neela TaraOperation Blue Star - Saka Neela Tara
Operation Blue Star - Saka Neela Tara
 
Digital Artifact 2 - Investigating Pavilion Designs
Digital Artifact 2 - Investigating Pavilion DesignsDigital Artifact 2 - Investigating Pavilion Designs
Digital Artifact 2 - Investigating Pavilion Designs
 
JEE1_This_section_contains_FOUR_ questions
JEE1_This_section_contains_FOUR_ questionsJEE1_This_section_contains_FOUR_ questions
JEE1_This_section_contains_FOUR_ questions
 
A Survey of Techniques for Maximizing LLM Performance.pptx
A Survey of Techniques for Maximizing LLM Performance.pptxA Survey of Techniques for Maximizing LLM Performance.pptx
A Survey of Techniques for Maximizing LLM Performance.pptx
 
S1-Introduction-Biopesticides in ICM.pptx
S1-Introduction-Biopesticides in ICM.pptxS1-Introduction-Biopesticides in ICM.pptx
S1-Introduction-Biopesticides in ICM.pptx
 
Digital Artifact 1 - 10VCD Environments Unit
Digital Artifact 1 - 10VCD Environments UnitDigital Artifact 1 - 10VCD Environments Unit
Digital Artifact 1 - 10VCD Environments Unit
 
A Strategic Approach: GenAI in Education
A Strategic Approach: GenAI in EducationA Strategic Approach: GenAI in Education
A Strategic Approach: GenAI in Education
 
Pride Month Slides 2024 David Douglas School District
Pride Month Slides 2024 David Douglas School DistrictPride Month Slides 2024 David Douglas School District
Pride Month Slides 2024 David Douglas School District
 
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
 
Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.
 
Advantages and Disadvantages of CMS from an SEO Perspective
Advantages and Disadvantages of CMS from an SEO PerspectiveAdvantages and Disadvantages of CMS from an SEO Perspective
Advantages and Disadvantages of CMS from an SEO Perspective
 
The Accursed House by Émile Gaboriau.pptx
The Accursed House by Émile Gaboriau.pptxThe Accursed House by Émile Gaboriau.pptx
The Accursed House by Émile Gaboriau.pptx
 
Unit 8 - Information and Communication Technology (Paper I).pdf
Unit 8 - Information and Communication Technology (Paper I).pdfUnit 8 - Information and Communication Technology (Paper I).pdf
Unit 8 - Information and Communication Technology (Paper I).pdf
 
1.4 modern child centered education - mahatma gandhi-2.pptx
1.4 modern child centered education - mahatma gandhi-2.pptx1.4 modern child centered education - mahatma gandhi-2.pptx
1.4 modern child centered education - mahatma gandhi-2.pptx
 
Chapter 4 - Islamic Financial Institutions in Malaysia.pptx
Chapter 4 - Islamic Financial Institutions in Malaysia.pptxChapter 4 - Islamic Financial Institutions in Malaysia.pptx
Chapter 4 - Islamic Financial Institutions in Malaysia.pptx
 
Model Attribute Check Company Auto Property
Model Attribute Check Company Auto PropertyModel Attribute Check Company Auto Property
Model Attribute Check Company Auto Property
 
The Diamond Necklace by Guy De Maupassant.pptx
The Diamond Necklace by Guy De Maupassant.pptxThe Diamond Necklace by Guy De Maupassant.pptx
The Diamond Necklace by Guy De Maupassant.pptx
 

Abuse helper app - Networkshop44

  • 2. #nsw44 How we currently process abuse intel RTIR Report comes in Incident handler is alerted to new ticket Script parses data and creates tickets Incident handler processes report using home-grown script Data distributed to organisations as part of ticket creation process
  • 3. #nsw44 How we currently process abuse intel 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all) RTIR Report comes in Incident handler is alerted to new ticket Script parses data and adds data to existing ticket Incident handler checks ticket for new data Incident handler sends data on to site
  • 4. #nsw44 Process review findings »Shadowserver data delay ~24hrs »Getting the latest data sent out requires intervention by an incident handler »Incomplete data is sometimes sent out making investigations difficult »A response is often not required and creates unnecessary work for both parties 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all)
  • 5. #nsw44 The landscape is evolving »Major vulnerabilities are being disclosed »More open/insecure services reachable via the internet »Malware is frequently becoming more complex »Guest networks and BYOD == Larger attack surface! »Increase in intel data and available feeds = security teams are processing a substantial amount of data »This means that we need to automate more! 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all)
  • 6. #nsw44 We know we can do much better! »Faster processing »Timely reporting »All data should be actionable and relevant »Must communicate clearly when an acknowledgement or response is required 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all)
  • 7. #nsw44 AbuseHelper »AbuseHelper or AbuseSA automates the collection, processing and reporting of intelligence and abuse data to help organisations secure their networks »Developed by Codenomicon a branch of Synopsys 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all)
  • 8. #nsw44 AbuseHelper –What is it? The core of AbuseHelper is a framework to help with automating the distribution of abuse information in three steps: »Input feeds »Processing »Output 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all)
  • 9. #nsw44 AbuseHelper – Input feeds »Shadowserver »Codenomicon sinkhole »Abuse.ch »Team-Cymru »Phishtank »Microsoft CTIP 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all)
  • 10. #nsw44 AbuseHelper - Processing Processing the events from these feeds. »Augmenting »Sanitizing »De-duplicating »Filtering »Adding additional data (GeoIP,Whois, CRM, ASN lookups) 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all)
  • 11. #nsw44 AbuseHelper - Output Sending out actionable reports to our customers. Outputs supported by AbuseHelper: »Direct emails »XMPP feeds »Incident handling systems »Updating firewall rules »CSV »JSON In the last couple of weeks 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all)
  • 12. #nsw44 Options available to you! »Customers can specify how they want their data »Reporting style – do you want reports per-IP or aggregated per- org? »Reporting frequency is based on reporting style: › Per-IP = near real time › Aggregated = every 12 hours or daily 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all)
  • 13. #nsw44 Incident walkthrough 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all) Input feeds Processing Output
  • 14. #nsw44 Input feed »Each feed bot will frequently poll its source and retrieve data for ASN786 »Once retrieved, each bot will store the data in an XMPP chat room 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all)
  • 15. #nsw44 Incident walkthrough 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all) Input feeds Processing Output
  • 16. #nsw44 Data Processing The processing stage allows us to customise certain aspects of the data we receive from each feed. We will: »Filter out reports with “missing data” »Remove duplicate entries »Run whois lookups to find correct contacts »Run GeoIP lookups on IP address »Retrieve reporting style for each customer Once this work has been completed, the report is now ready to be outputted. 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all)
  • 17. #nsw44 Incident walkthrough 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all) Input feeds Processing Output
  • 18. #nsw44 Data output/distribution »The output stage is where we send the information to you »Once the processing stage is complete, what’s left will be an actionable report with the relevant contact details appended »An “RTIR bot” will then connect to our RTIR instance and send out data depending on the reporting style configured 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all)
  • 19. #nsw44 Customer interaction »All reports will come from intelligence@csirt.ja.net »We will no longer require a response to issues from this address »RTIR reference number included with each report »Feel free to ask for assistance »Provide feedback where relevant (samples, C&C hosts, pcaps, proxy logs) 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all)
  • 20. #nsw44 How does this improve things for you? ✓Faster processing ✓Timely reporting ✓All data will be actionable ✓Must communicate clearly when an acknowledgement or response is required ✓Sites will have more information to help secure their networks 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all)
  • 21. #nsw44 How does this improve things for Janet CSIRT? Use of automation where possible to enable us to use our time for: »Research »Writing more best practice and advisory documents »Proactive “hunting” »Improve existing services and tools »Develop new services and tools 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all)
  • 22. #nsw44 Situational Awareness »AbuseHelper provides a range of visualisation options giving us a better view and understanding of the state of security on the Janet network »We can see where we’ve improved as a network »Help identify where we could or should focus our efforts 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all)
  • 23. #nsw44 Visualisation example 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all)
  • 24. #nsw44 Visualisation example 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all)
  • 25. #nsw44 Visualisation example 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all)
  • 26. #nsw44 Visualisation example 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all)
  • 27. #nsw44 Where we are currently »Around 100 Jisc customers currently receiving AbuseHelper reporting »Deployment has been slow due to efforts on other projects »Currently only processing ShadowServer data »Feedback from the initial pilot organisations is positive »Looking for all customers active by June »If you want to be added sooner please get in contact 24/03/2016 Title of presentation (Insert > Header & Footer > Slide > Footer > Apply to all)
  • 28. #nsw44 jisc.ac.uk Thanks for listening! Lee Harrigan-Green Senior Security Architect Lee.Harrigan-Green@jisc.ac.uk