Uploaded byvicenteDiaz_KL
10,155 views

Analogic Opsec 101

The document discusses operational security (OPSEC) best practices for security analysts. It warns that adversaries are not necessarily enemies and have varying levels of resources. It advises analysts to be wary of mass surveillance by agencies and to use encrypted communication tools. When meeting suspicious people, analysts should not go alone, plan an exit, and have a dead man's switch. At borders, analysts should be collaborative with officers but not consent to searches or help without a warrant. Overall the document stresses preparation, having alternatives, and maintaining discipline over relying solely on tools when doing their work.

Embed presentation

Downloaded 13 times
OPSEC KRAV MAGA Dani Creus, Vicente Díaz Security Analysts, Global Research and Analysis Team, Kaspersky Lab
OPSEC AGAIN! WHY? 2 •  Unsolved questions. •  Non technical stuff. •  Unrealistic advices. •  The “Jordan Rules” Security Analyst Summit 2015
ADVERSARIES 3 •  Adversary != Enemy Resources vs No Resources Agencies The rest *.Mil Big Bad Boys Security Analyst Summit 2015 ProTip: Don´t let your PR feed these guys for free
MASS SURVEILLANCE 4 •  Good ROI for Agencies! •  They don´t like encryption •  PGP, ZRTP, OTR, TrueCrypt Security Analyst Summit 2015
MASS SURVEILLANCE 5 •  Some inherent problems •  And some non-technical problems Security Analyst Summit 2015
RECRUITMENT 6Security Analyst Summit 2015 •  Neglected approach ? •  Approaches and interaction. •  Move to termination.
TERMINATION 7Security Analyst Summit 2015 •  Deterrence is your best option. •  Plan alternatives. •  Prepare an escalation strategy.
SUSPICIOUS MEETINGS 8 •  Don´t go alone. •  Go on your own, plan how to get out. •  Dead man switch. •  Tell them you are ready. •  The trap might NOT be the meeting! Security Analyst Summit 2015
UNPLEASANT COMPANY 9 •  Suspicious patterns. •  You are not James Bond. •  Go to a safe place, protect contacts. •  Ask yourself what they want. •  Option: direct approach. •  Better: inform your people Security Analyst Summit 2015
BORDERS 10 •  If you consent a search, no warrant needed. •  Police can search your computer at the border without a warrant. •  Warrant limitations are ignored if they see something illegal while searching. •  You don´t have to help or answer questions. •  You cannot interfere or lie to an officer. Security Analyst Summit 2015
BORDERS – OUR ADVICE 11 •  Be collaborative. •  Don´t make things worse. •  Have your story ready and back it up. •  Don´t bring anything with you. Security Analyst Summit 2015
EXTENDING OPSEC 12 Your company should provide you: •  Single POC for when in trouble. •  International legal support. •  Small briefing on the country you are going to. Security Analyst Summit 2015
13Security Analyst Summit 2015 Do your homework.
CONCLUSION 14 •  STFU. •  Discipline over tools. •  Preparation and alternatives. •  Don´t forget your role. Security Analyst Summit 2015
THANK YOU Dani Creus Vicente Díaz @them0ux @trompi

More Related Content

PDF
Opsec for security researchers
byvicenteDiaz_KL
 
PDF
Click and Dragger: Denial and Deception on Android mobile
bygrugq
 
PDF
An Underground education
bygrugq
 
PPTX
The Inmates Are Running the Asylum: Why Some Multi-Factor Authentication Tech...
byClare Nelson, CISSP, CIPP-E
 
PPTX
Ed McCabe - Putting the Intelligence back in Threat Intelligence
bycentralohioissa
 
PPT
Developing Software with Security in Mind
bysblom
 
PDF
Hacking Diversity – Hacker Halted . 2019 – Marcelle Lee
byEC-Council
 
PDF
It's Okay To Touch Yourself - DerbyCon 2013
byBen Ten (0xA)
 
Opsec for security researchers
byvicenteDiaz_KL
 
Click and Dragger: Denial and Deception on Android mobile
bygrugq
 
An Underground education
bygrugq
 
The Inmates Are Running the Asylum: Why Some Multi-Factor Authentication Tech...
byClare Nelson, CISSP, CIPP-E
 
Ed McCabe - Putting the Intelligence back in Threat Intelligence
bycentralohioissa
 
Developing Software with Security in Mind
bysblom
 
Hacking Diversity – Hacker Halted . 2019 – Marcelle Lee
byEC-Council
 
It's Okay To Touch Yourself - DerbyCon 2013
byBen Ten (0xA)
 

What's hot

PDF
MITRE ATT&CKcon 2018: From Automation to Analytics: Simulating the Adversary ...
byMITRE - ATT&CKcon
 
PDF
Enabling effective hunt teaming and incident response
byjeffmcjunkin
 
PDF
The Internet is on fire – don't just stand there, grab a bucket!
byFrode Hommedal
 
PPTX
Jason Samide - State of Security & 2016 Predictions
bycentralohioissa
 
PDF
A Journey Into Pen-tester land: Myths or Facts!
byAmmar WK
 
PDF
Security for Human Beings
byzekivazquez
 
PPTX
Machine learning cyphort_malware_most_wanted
byCyphort
 
PPTX
Janitor vs cleaner
byJohn Stauffacher
 
PDF
Internet security lessons for IoT
byDirk Zittersteyn
 
PPTX
Hacker Halted 2018: From CTF to CVE – How Application of Concepts and Persist...
byEC-Council
 
PPTX
Управление рисками: как перестать верить в иллюзии
byPositive Hack Days
 
PPTX
Jim Wojno: Incident Response - No Pain, No Gain!
bycentralohioissa
 
PPT
HIMSS Summit of the Southeast: Compliance and Controls
byTony Gambacorta
 
PDF
MITRE ATT&CKcon 2.0: Keynote Address - The Friends We Made Along the Way; Ton...
byMITRE - ATT&CKcon
 
PDF
Threat Intelligence Victory Garden
byRyan Kovar
 
PPTX
Database Security Risks You Might Not Have Considered, but Need To
byIDERA Software
 
PPTX
Alerting, Reminding, Reminding, Reminding And Releasing Vulnerabilities
bytmacuk
 
PPT
Anton Chuvakin on What is NOT Working in Security 2004
byAnton Chuvakin
 
PDF
Purple View
byHaydn Johnson
 
PPT
Will there be an IT Risk Management 2.0?
byLuke O'Connor
 
MITRE ATT&CKcon 2018: From Automation to Analytics: Simulating the Adversary ...
byMITRE - ATT&CKcon
 
Enabling effective hunt teaming and incident response
byjeffmcjunkin
 
The Internet is on fire – don't just stand there, grab a bucket!
byFrode Hommedal
 
Jason Samide - State of Security & 2016 Predictions
bycentralohioissa
 
A Journey Into Pen-tester land: Myths or Facts!
byAmmar WK
 
Security for Human Beings
byzekivazquez
 
Machine learning cyphort_malware_most_wanted
byCyphort
 
Janitor vs cleaner
byJohn Stauffacher
 
Internet security lessons for IoT
byDirk Zittersteyn
 
Hacker Halted 2018: From CTF to CVE – How Application of Concepts and Persist...
byEC-Council
 
Управление рисками: как перестать верить в иллюзии
byPositive Hack Days
 
Jim Wojno: Incident Response - No Pain, No Gain!
bycentralohioissa
 
HIMSS Summit of the Southeast: Compliance and Controls
byTony Gambacorta
 
MITRE ATT&CKcon 2.0: Keynote Address - The Friends We Made Along the Way; Ton...
byMITRE - ATT&CKcon
 
Threat Intelligence Victory Garden
byRyan Kovar
 
Database Security Risks You Might Not Have Considered, but Need To
byIDERA Software
 
Alerting, Reminding, Reminding, Reminding And Releasing Vulnerabilities
bytmacuk
 
Anton Chuvakin on What is NOT Working in Security 2004
byAnton Chuvakin
 
Purple View
byHaydn Johnson
 
Will there be an IT Risk Management 2.0?
byLuke O'Connor
 

Viewers also liked

KEY
OPSEC for hackers
bygrugq
 
PDF
Smr week 23 opsec and safe social networking
byFort Rucker FRSA
 
PDF
Conley Group Opsec Presentation
byThe Conley Group, Inc.
 
PPTX
OPSEC for OMBUDSMEN
byNaval OPSEC
 
PDF
Cyber opsec protecting_yourself_online
byFtlwood Families
 
PDF
VoIP Wars: Destroying Jar Jar Lync (Unfiltered version)
byFatih Ozavci
 
PDF
ICS/SCADA/PLC Google/Shodanhq Cheat Sheet
byqqlan
 
PDF
VoIP Wars: Attack of the Cisco Phones
byFatih Ozavci
 
PDF
VoIP Wars : Return of the SIP
byFatih Ozavci
 
PPTX
Try harder or go home
byjaredhaight
 
PDF
The Art of VoIP Hacking - Defcon 23 Workshop
byFatih Ozavci
 
OPSEC for hackers
bygrugq
 
Smr week 23 opsec and safe social networking
byFort Rucker FRSA
 
Conley Group Opsec Presentation
byThe Conley Group, Inc.
 
OPSEC for OMBUDSMEN
byNaval OPSEC
 
Cyber opsec protecting_yourself_online
byFtlwood Families
 
VoIP Wars: Destroying Jar Jar Lync (Unfiltered version)
byFatih Ozavci
 
ICS/SCADA/PLC Google/Shodanhq Cheat Sheet
byqqlan
 
VoIP Wars: Attack of the Cisco Phones
byFatih Ozavci
 
VoIP Wars : Return of the SIP
byFatih Ozavci
 
Try harder or go home
byjaredhaight
 
The Art of VoIP Hacking - Defcon 23 Workshop
byFatih Ozavci
 

Similar to Analogic Opsec 101

PPT
OPSEC Vulnerabilities And Indicators
byDepartment of Defense
 
PDF
London oil and gas security summit 2013 neah ges
byKW Miller
 
PDF
DEF CON 27 - workshop - KRISTY WESTPHAL - analysis 101
byFelipe Prado
 
PPTX
Operational Security For All OPSEC_for_ALL_221026.pptx
bypoeja84
 
PPT
Conley Group Operational Security Presentation
byguest019923
 
PPTX
Thiago Pinto - Forming a Safety Features Personal Security Briefing Version ...
byThiago Pinto
 
PPTX
SAL-DR-01-ELC 10 Understanding the SOC Audience.pptx
byhforhassan101
 
PPT
Security Overview - Updates and Trends In Detail
byMohanArumugam24
 
PDF
Web Application Security.pdf
byBriskinfosec Technology and Consulting
 
PPTX
ATAGTR2017 Security Testing for Healthcare applications
byAgile Testing Alliance
 
PPTX
2015: The year-ahead-in-cyber-security
byStephen Cobb
 
PPTX
Infosec is Broken “did you bring a knife to a gun fight?"
byJorge Sebastiao
 
PDF
[cb22] Keynote: Underwhelmed: Making Sense of the Overwhelming Challenge of C...
byCODE BLUE
 
OPSEC Vulnerabilities And Indicators
byDepartment of Defense
 
London oil and gas security summit 2013 neah ges
byKW Miller
 
DEF CON 27 - workshop - KRISTY WESTPHAL - analysis 101
byFelipe Prado
 
Operational Security For All OPSEC_for_ALL_221026.pptx
bypoeja84
 
Conley Group Operational Security Presentation
byguest019923
 
Thiago Pinto - Forming a Safety Features Personal Security Briefing Version ...
byThiago Pinto
 
SAL-DR-01-ELC 10 Understanding the SOC Audience.pptx
byhforhassan101
 
Security Overview - Updates and Trends In Detail
byMohanArumugam24
 
Web Application Security.pdf
byBriskinfosec Technology and Consulting
 
ATAGTR2017 Security Testing for Healthcare applications
byAgile Testing Alliance
 
2015: The year-ahead-in-cyber-security
byStephen Cobb
 
Infosec is Broken “did you bring a knife to a gun fight?"
byJorge Sebastiao
 
[cb22] Keynote: Underwhelmed: Making Sense of the Overwhelming Challenge of C...
byCODE BLUE
 

Recently uploaded

PDF
Structure-of-the-Atom PPT.pdf/CBSE CLASS 11 CHEMISTRY/ PREPARED BY K SANDEEP ...
bySandeep Swamy
 
PPTX
Fluorimetric Analysis- Theory, Instrumentation and Application
bySayali Powar
 
PDF
Conservation of Earthen Structures in India Preserving Traditional and Sustai...
byAman Kumar Singh
 
PPTX
Greengnorance Toolkit Module 4 Active Mobility and Transport
byKarl Donert
 
PPTX
How to Track & Manage My Time Section in Odoo 18 Time Off
byCeline George
 
PPTX
WEEK 2 (2).pptx TLE COOKERY 10 QUARTER 4
byResynFayeCortez2
 
PDF
Pratishta Educational Society., Courses & Opportunities
byGanapathiVankudoth
 
PDF
BP502T Industrial Pharmacy I (Theory) UNIT– I (Part 1)
byRushi Mandali
 
PDF
Orlando by Virginia Woolf: The Granite and The Rainbow
byAdityarajsinh Gohil
 
PPTX
Math 8 Quarter 4 Week 4-SECONDARY DATA.pptx
byshahanieabbat3
 
PDF
Judgement Regarding Land Acquisition Act not Applicable to Encroachers.pdf
byssuser9d8e4e
 
PDF
The Sheep and the Goat: Beckett’s Subversion of Divine Justice in Waiting for...
bysejadchokiya
 
PPTX
Greengnorance Toolkit Module 3 Shopping and Food
byKarl Donert
 
PPTX
How to Create_Generate Engineering Change Orders ECOs in Odoo 18
byCeline George
 
PPTX
Q4_PPT MUSIC & ARTS 7 week 1-2, matatag curriculum
byZEN
 
PPTX
How to Change Shipping Label Size in Odoo 18 Inventory
byCeline George
 
PPTX
Types of counselling Directive, Non Directive, Eclectic Counselling
byPriya Sush
 
PPTX
PRE TERM LABOR ( PREMATURE LABOUR IN PREGNANCY)
byMuthu Kumar
 
PDF
Workshop 29 Crystal Review All Students by YogiGoddess
by©LDMMIA, ©Reiki Yoga
 
PPTX
MEMORY &FORGETTING. Shilpa Hotakar.Psychology pptx
bySHILPA HOTAKAR
 
Structure-of-the-Atom PPT.pdf/CBSE CLASS 11 CHEMISTRY/ PREPARED BY K SANDEEP ...
bySandeep Swamy
 
Fluorimetric Analysis- Theory, Instrumentation and Application
bySayali Powar
 
Conservation of Earthen Structures in India Preserving Traditional and Sustai...
byAman Kumar Singh
 
Greengnorance Toolkit Module 4 Active Mobility and Transport
byKarl Donert
 
How to Track & Manage My Time Section in Odoo 18 Time Off
byCeline George
 
WEEK 2 (2).pptx TLE COOKERY 10 QUARTER 4
byResynFayeCortez2
 
Pratishta Educational Society., Courses & Opportunities
byGanapathiVankudoth
 
BP502T Industrial Pharmacy I (Theory) UNIT– I (Part 1)
byRushi Mandali
 
Orlando by Virginia Woolf: The Granite and The Rainbow
byAdityarajsinh Gohil
 
Math 8 Quarter 4 Week 4-SECONDARY DATA.pptx
byshahanieabbat3
 
Judgement Regarding Land Acquisition Act not Applicable to Encroachers.pdf
byssuser9d8e4e
 
The Sheep and the Goat: Beckett’s Subversion of Divine Justice in Waiting for...
bysejadchokiya
 
Greengnorance Toolkit Module 3 Shopping and Food
byKarl Donert
 
How to Create_Generate Engineering Change Orders ECOs in Odoo 18
byCeline George
 
Q4_PPT MUSIC & ARTS 7 week 1-2, matatag curriculum
byZEN
 
How to Change Shipping Label Size in Odoo 18 Inventory
byCeline George
 
Types of counselling Directive, Non Directive, Eclectic Counselling
byPriya Sush
 
PRE TERM LABOR ( PREMATURE LABOUR IN PREGNANCY)
byMuthu Kumar
 
Workshop 29 Crystal Review All Students by YogiGoddess
by©LDMMIA, ©Reiki Yoga
 
MEMORY &FORGETTING. Shilpa Hotakar.Psychology pptx
bySHILPA HOTAKAR
 

Analogic Opsec 101

  • 1.
    OPSEC KRAV MAGA DaniCreus, Vicente Díaz Security Analysts, Global Research and Analysis Team, Kaspersky Lab
  • 2.
    OPSEC AGAIN! WHY? 2 • Unsolved questions. •  Non technical stuff. •  Unrealistic advices. •  The “Jordan Rules” Security Analyst Summit 2015
  • 3.
    ADVERSARIES 3 •  Adversary !=Enemy Resources vs No Resources Agencies The rest *.Mil Big Bad Boys Security Analyst Summit 2015 ProTip: Don´t let your PR feed these guys for free
  • 4.
    MASS SURVEILLANCE 4 •  GoodROI for Agencies! •  They don´t like encryption •  PGP, ZRTP, OTR, TrueCrypt Security Analyst Summit 2015
  • 5.
    MASS SURVEILLANCE 5 •  Someinherent problems •  And some non-technical problems Security Analyst Summit 2015
  • 6.
    RECRUITMENT 6Security Analyst Summit2015 •  Neglected approach ? •  Approaches and interaction. •  Move to termination.
  • 7.
    TERMINATION 7Security Analyst Summit2015 •  Deterrence is your best option. •  Plan alternatives. •  Prepare an escalation strategy.
  • 8.
    SUSPICIOUS MEETINGS 8 •  Don´tgo alone. •  Go on your own, plan how to get out. •  Dead man switch. •  Tell them you are ready. •  The trap might NOT be the meeting! Security Analyst Summit 2015
  • 9.
    UNPLEASANT COMPANY 9 •  Suspiciouspatterns. •  You are not James Bond. •  Go to a safe place, protect contacts. •  Ask yourself what they want. •  Option: direct approach. •  Better: inform your people Security Analyst Summit 2015
  • 10.
    BORDERS 10 •  If youconsent a search, no warrant needed. •  Police can search your computer at the border without a warrant. •  Warrant limitations are ignored if they see something illegal while searching. •  You don´t have to help or answer questions. •  You cannot interfere or lie to an officer. Security Analyst Summit 2015
  • 11.
    BORDERS – OURADVICE 11 •  Be collaborative. •  Don´t make things worse. •  Have your story ready and back it up. •  Don´t bring anything with you. Security Analyst Summit 2015
  • 12.
    EXTENDING OPSEC 12 Your companyshould provide you: •  Single POC for when in trouble. •  International legal support. •  Small briefing on the country you are going to. Security Analyst Summit 2015
  • 13.
    13Security Analyst Summit2015 Do your homework.
  • 14.
    CONCLUSION 14 •  STFU. •  Disciplineover tools. •  Preparation and alternatives. •  Don´t forget your role. Security Analyst Summit 2015
  • 15.
    THANK YOU Dani CreusVicente Díaz @them0ux @trompi