Submit Search
Upload
Establishment of Threat Intel into Incident Response
•
1 like
•
854 views
APNIC
Follow
Presentation by Farah Ramlee at APRICOT 2019 on Wednesday, 27 February 2019.
Read less
Read more
Internet
Report
Share
Report
Share
1 of 31
Recommended
gkkSecurity essentials domain 1
gkkSecurity essentials domain 1
Anne Starr
Cybersecurity in ME April 25 slides
Cybersecurity in ME April 25 slides
American Chamber of Commerce in Bahrain
Meeting The Cyber Insurgency Threats From Neighbouring Countires01
Meeting The Cyber Insurgency Threats From Neighbouring Countires01
guest446b00
The Proactive Approach to Cyber Security
The Proactive Approach to Cyber Security
Nathan Desfontaines
The Security Circle- Services Offered
The Security Circle- Services Offered
Rachel Anne Carter
Cyberfort syllabus & career
Cyberfort syllabus & career
Amit Kumar
Cybersecurity: Protection strategies from Cisco and Next Dimension
Cybersecurity: Protection strategies from Cisco and Next Dimension
Next Dimension Inc.
Role of Forensic Triage In Cyber Security Trends 2021
Role of Forensic Triage In Cyber Security Trends 2021
Amrit Chhetri
Recommended
gkkSecurity essentials domain 1
gkkSecurity essentials domain 1
Anne Starr
Cybersecurity in ME April 25 slides
Cybersecurity in ME April 25 slides
American Chamber of Commerce in Bahrain
Meeting The Cyber Insurgency Threats From Neighbouring Countires01
Meeting The Cyber Insurgency Threats From Neighbouring Countires01
guest446b00
The Proactive Approach to Cyber Security
The Proactive Approach to Cyber Security
Nathan Desfontaines
The Security Circle- Services Offered
The Security Circle- Services Offered
Rachel Anne Carter
Cyberfort syllabus & career
Cyberfort syllabus & career
Amit Kumar
Cybersecurity: Protection strategies from Cisco and Next Dimension
Cybersecurity: Protection strategies from Cisco and Next Dimension
Next Dimension Inc.
Role of Forensic Triage In Cyber Security Trends 2021
Role of Forensic Triage In Cyber Security Trends 2021
Amrit Chhetri
Overview of national cybercrime strategies
Overview of national cybercrime strategies
Benjamin Ang
Hacking3e ppt ch11
Hacking3e ppt ch11
Skillspire LLC
106 Threat defense and information security development trends
106 Threat defense and information security development trends
SsendiSamuel
Taking the offensive Security Leaders V9.1
Taking the offensive Security Leaders V9.1
Fernando Romero
Practical approach to combating cyber crimes
Practical approach to combating cyber crimes
Chinatu Uzuegbu
Understanding Identity Management and Security.
Understanding Identity Management and Security.
Chinatu Uzuegbu
Cyber Threat Intelligence
Cyber Threat Intelligence
seadeloitte
101 Basic concepts of information security
101 Basic concepts of information security
SsendiSamuel
Log Management for PCI Compliance [OLD]
Log Management for PCI Compliance [OLD]
Anton Chuvakin
What's new with Cybersecurity in Singapore?
What's new with Cybersecurity in Singapore?
Abraham Vergis
Singapore Cybersecurity Strategy and Legislation (for SMU Law School 2019)
Singapore Cybersecurity Strategy and Legislation (for SMU Law School 2019)
Benjamin Ang
12 ai-digital-finance-overview
12 ai-digital-finance-overview
innov-acts-ltd
Overview of Artificial Intelligence in Cybersecurity
Overview of Artificial Intelligence in Cybersecurity
Olivier Busolini
Cybersecurity: What does Cyber Insurance Cover?
Cybersecurity: What does Cyber Insurance Cover?
Next Dimension Inc.
Yugo Neumorni - prezentare - Cyber Security Trends 2020
Yugo Neumorni - prezentare - Cyber Security Trends 2020
Business Days
Global Perspective Cyberlaw, Regulations and Compliance
Global Perspective Cyberlaw, Regulations and Compliance
ijtsrd
Policies and Law in IT
Policies and Law in IT
Anushka Perera
November 2017: Part 6
November 2017: Part 6
seadeloitte
Singapore Cybersecurity Strategy and Legislation (2018)
Singapore Cybersecurity Strategy and Legislation (2018)
Benjamin Ang
Reducing-Cyber-Risk-Whitepaper-Email (UK)
Reducing-Cyber-Risk-Whitepaper-Email (UK)
Mark Baker
Approaches to Cyber Resilience and Supply Chain Assurance
Approaches to Cyber Resilience and Supply Chain Assurance
Leonardo
Get Ahead of Cyber Security by Tiffy Issac, Partner EY India
Get Ahead of Cyber Security by Tiffy Issac, Partner EY India
Rahul Neel Mani
More Related Content
What's hot
Overview of national cybercrime strategies
Overview of national cybercrime strategies
Benjamin Ang
Hacking3e ppt ch11
Hacking3e ppt ch11
Skillspire LLC
106 Threat defense and information security development trends
106 Threat defense and information security development trends
SsendiSamuel
Taking the offensive Security Leaders V9.1
Taking the offensive Security Leaders V9.1
Fernando Romero
Practical approach to combating cyber crimes
Practical approach to combating cyber crimes
Chinatu Uzuegbu
Understanding Identity Management and Security.
Understanding Identity Management and Security.
Chinatu Uzuegbu
Cyber Threat Intelligence
Cyber Threat Intelligence
seadeloitte
101 Basic concepts of information security
101 Basic concepts of information security
SsendiSamuel
Log Management for PCI Compliance [OLD]
Log Management for PCI Compliance [OLD]
Anton Chuvakin
What's new with Cybersecurity in Singapore?
What's new with Cybersecurity in Singapore?
Abraham Vergis
Singapore Cybersecurity Strategy and Legislation (for SMU Law School 2019)
Singapore Cybersecurity Strategy and Legislation (for SMU Law School 2019)
Benjamin Ang
12 ai-digital-finance-overview
12 ai-digital-finance-overview
innov-acts-ltd
Overview of Artificial Intelligence in Cybersecurity
Overview of Artificial Intelligence in Cybersecurity
Olivier Busolini
Cybersecurity: What does Cyber Insurance Cover?
Cybersecurity: What does Cyber Insurance Cover?
Next Dimension Inc.
Yugo Neumorni - prezentare - Cyber Security Trends 2020
Yugo Neumorni - prezentare - Cyber Security Trends 2020
Business Days
Global Perspective Cyberlaw, Regulations and Compliance
Global Perspective Cyberlaw, Regulations and Compliance
ijtsrd
Policies and Law in IT
Policies and Law in IT
Anushka Perera
November 2017: Part 6
November 2017: Part 6
seadeloitte
Singapore Cybersecurity Strategy and Legislation (2018)
Singapore Cybersecurity Strategy and Legislation (2018)
Benjamin Ang
Reducing-Cyber-Risk-Whitepaper-Email (UK)
Reducing-Cyber-Risk-Whitepaper-Email (UK)
Mark Baker
What's hot
(20)
Overview of national cybercrime strategies
Overview of national cybercrime strategies
Hacking3e ppt ch11
Hacking3e ppt ch11
106 Threat defense and information security development trends
106 Threat defense and information security development trends
Taking the offensive Security Leaders V9.1
Taking the offensive Security Leaders V9.1
Practical approach to combating cyber crimes
Practical approach to combating cyber crimes
Understanding Identity Management and Security.
Understanding Identity Management and Security.
Cyber Threat Intelligence
Cyber Threat Intelligence
101 Basic concepts of information security
101 Basic concepts of information security
Log Management for PCI Compliance [OLD]
Log Management for PCI Compliance [OLD]
What's new with Cybersecurity in Singapore?
What's new with Cybersecurity in Singapore?
Singapore Cybersecurity Strategy and Legislation (for SMU Law School 2019)
Singapore Cybersecurity Strategy and Legislation (for SMU Law School 2019)
12 ai-digital-finance-overview
12 ai-digital-finance-overview
Overview of Artificial Intelligence in Cybersecurity
Overview of Artificial Intelligence in Cybersecurity
Cybersecurity: What does Cyber Insurance Cover?
Cybersecurity: What does Cyber Insurance Cover?
Yugo Neumorni - prezentare - Cyber Security Trends 2020
Yugo Neumorni - prezentare - Cyber Security Trends 2020
Global Perspective Cyberlaw, Regulations and Compliance
Global Perspective Cyberlaw, Regulations and Compliance
Policies and Law in IT
Policies and Law in IT
November 2017: Part 6
November 2017: Part 6
Singapore Cybersecurity Strategy and Legislation (2018)
Singapore Cybersecurity Strategy and Legislation (2018)
Reducing-Cyber-Risk-Whitepaper-Email (UK)
Reducing-Cyber-Risk-Whitepaper-Email (UK)
Similar to Establishment of Threat Intel into Incident Response
Approaches to Cyber Resilience and Supply Chain Assurance
Approaches to Cyber Resilience and Supply Chain Assurance
Leonardo
Get Ahead of Cyber Security by Tiffy Issac, Partner EY India
Get Ahead of Cyber Security by Tiffy Issac, Partner EY India
Rahul Neel Mani
7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...
7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...
TraintechTde
Endpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEye
Prime Infoserv
Cyber crime liability report
Cyber crime liability report
Sayali Sawant
Cyber Security Transformation - A New Approach for 2015 & Beyond - Daryl Pereira
Cyber Security Transformation - A New Approach for 2015 & Beyond - Daryl Pereira
Knowledge Group
Understanding Cyber Security Risks in Asia
Understanding Cyber Security Risks in Asia
Team Finland Future Watch
NY State's cybersecurity legislation requirements for risk management, securi...
NY State's cybersecurity legislation requirements for risk management, securi...
IT Governance Ltd
Networkers cyber security market intelligence report
Networkers cyber security market intelligence report
Simon Clements FIRP DipRP
This domain reviews the diverse areas of knowledge needed to develop and man...
This domain reviews the diverse areas of knowledge needed to develop and man...
bikheet
Addressing cyber risk managment from SME perspective
Addressing cyber risk managment from SME perspective
Cyber Watching
How to Build a Successful Cybersecurity Program?
How to Build a Successful Cybersecurity Program?
PECB
Financier Worldwide - Cyber Security annual review
Financier Worldwide - Cyber Security annual review
Morgan Jones
How to Start a Cyber Security Business.pdf
How to Start a Cyber Security Business.pdf
Mr. Business Magazine
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
PECB
Email Security – Everyone is a Target
Email Security – Everyone is a Target
Prime Infoserv
Qatar's NIA Policy Program
Qatar's NIA Policy Program
Samir Pawaskar
Singapore's National Cyber Security Strategy
Singapore's National Cyber Security Strategy
Benjamin Ang
Cyber security brochure(1)
Cyber security brochure(1)
Aegis School Of Business
Chapter 5.pdf
Chapter 5.pdf
MehediHasan875455
Similar to Establishment of Threat Intel into Incident Response
(20)
Approaches to Cyber Resilience and Supply Chain Assurance
Approaches to Cyber Resilience and Supply Chain Assurance
Get Ahead of Cyber Security by Tiffy Issac, Partner EY India
Get Ahead of Cyber Security by Tiffy Issac, Partner EY India
7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...
7th ERM - S2 - Cyber security, Cyber Risk and Data Privacy - Kalpesh Doshi (1...
Endpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEye
Cyber crime liability report
Cyber crime liability report
Cyber Security Transformation - A New Approach for 2015 & Beyond - Daryl Pereira
Cyber Security Transformation - A New Approach for 2015 & Beyond - Daryl Pereira
Understanding Cyber Security Risks in Asia
Understanding Cyber Security Risks in Asia
NY State's cybersecurity legislation requirements for risk management, securi...
NY State's cybersecurity legislation requirements for risk management, securi...
Networkers cyber security market intelligence report
Networkers cyber security market intelligence report
This domain reviews the diverse areas of knowledge needed to develop and man...
This domain reviews the diverse areas of knowledge needed to develop and man...
Addressing cyber risk managment from SME perspective
Addressing cyber risk managment from SME perspective
How to Build a Successful Cybersecurity Program?
How to Build a Successful Cybersecurity Program?
Financier Worldwide - Cyber Security annual review
Financier Worldwide - Cyber Security annual review
How to Start a Cyber Security Business.pdf
How to Start a Cyber Security Business.pdf
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
Email Security – Everyone is a Target
Email Security – Everyone is a Target
Qatar's NIA Policy Program
Qatar's NIA Policy Program
Singapore's National Cyber Security Strategy
Singapore's National Cyber Security Strategy
Cyber security brochure(1)
Cyber security brochure(1)
Chapter 5.pdf
Chapter 5.pdf
More from APNIC
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
APNIC
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
APNIC
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024
APNIC
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOG
APNIC
IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119
APNIC
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
APNIC
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
APNIC
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
APNIC
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
APNIC
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
APNIC
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC
NANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff Huston
APNIC
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
APNIC
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APNIC
Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6
APNIC
AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!
APNIC
CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023
APNIC
AFSIG 2023: APNIC Foundation and support for Internet development
AFSIG 2023: APNIC Foundation and support for Internet development
APNIC
AFNOG 1: Afghanistan IP Deployment Status
AFNOG 1: Afghanistan IP Deployment Status
APNIC
More from APNIC
(20)
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOG
IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
NANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6
AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!
CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023
AFSIG 2023: APNIC Foundation and support for Internet development
AFSIG 2023: APNIC Foundation and support for Internet development
AFNOG 1: Afghanistan IP Deployment Status
AFNOG 1: Afghanistan IP Deployment Status
Recently uploaded
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
soniya singh
Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵
Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵
Chandigarh Call girls 9053900678 Call girls in Chandigarh
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
James Anderson
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Delhi Call girls
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
SUHANI PANDEY
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
gwenoracqe6
Trump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts Sweatshirt
rahman018755
Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
9953056974 Low Rate Call Girls In Saket, Delhi NCR
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
SUHANI PANDEY
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
EleniIlkou
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Call Girls in Nagpur High Profile
Russian Call Girls in %(+971524965298 )# Call Girls in Dubai
Russian Call Girls in %(+971524965298 )# Call Girls in Dubai
Dubai call girls 971524965298 Call girls in Bur Dubai
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
Diya Sharma
Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.
soniya singh
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Delhi Call girls
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
soniya singh
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
tanu pandey
valsad Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call Girls...
valsad Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call Girls...
Call Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
ellan12
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
SUHANI PANDEY
Recently uploaded
(20)
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵
Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
Trump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts Sweatshirt
Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Russian Call Girls in %(+971524965298 )# Call Girls in Dubai
Russian Call Girls in %(+971524965298 )# Call Girls in Dubai
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
valsad Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call Girls...
valsad Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call Girls...
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Establishment of Threat Intel into Incident Response
1.
Copyright © 2019
CyberSecurity MalaysiaCopyright © 2019 CyberSecurity Malaysia THE ESTABLISHMENT OFTI INTO IR
2.
Copyright © 2019
CyberSecurity Malaysia Agenda • Introduction to CyberSecurity Malaysia • Cyber999 Service • Technical Threat Intelligence (TTI) vs Incident Response • Case Study • Challenges and Gap Findings • Lesson Learnt • Way Forward 2
3.
Copyright © 2019
CyberSecurity Malaysia 333 About CyberSecurity Malaysia 1997 2001 2005 2007 2017 19 Oct 2018 Cabinet Meeting chaired by the YAB Prime Minister Tun Dr. Mahathir Mohamad have decided CyberSecurity Malaysia will report to Ministry of Communication and Multimedia (KKMM) under Compliance and Control sector 22 Oct 2018 Officially CSM is reporting to KKMM 2018 NATIONAL SECURITY COUNCIL • A technical cyber security agency under the Ministry of Science, Technology & Innovation • Started operation as the Malaysia Computer Emergency Response Team (MyCERT) in year 1997 and later rebranded as CYBERSECURITY MALAYSIA in 2007 30 Mar 2007 NISER was officially registered as CyberSecurity Malaysia 20 Aug 2007 CyberSecurity Malaysia was launched by YAB Prime Minister
4.
Copyright © 2019
CyberSecurity Malaysia 444 CyberSecurity Malaysia - Services 4
5.
Copyright © 2019
CyberSecurity Malaysia 555 Cyber999™ Cyber Early Warning Services 5 Cyber Early Warning Technical Coordination Centre Malware Research Center REFERENCE CENTRE FOR CYBER SECURITY ASSISTANCE Email us at: cyber999@cybersecurity.my for all internet users, including home users and organizations Incident Handling • 72 international linkages • Produced 8 applications such as Malware Sandbox, PDF Analyzer, AntiPhishing Plugin • Established Cyber999 Integrated System • Established Malware Research Center
6.
Copyright © 2019
CyberSecurity Malaysia Incidents Reported to Cyber999 (1997 – 2019) 6 115 342 728 503 920 739 911 915 835 1732 1038 2123 3564 8090 15218 9986 10636 11918 9915 8334 7962 10699 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018
7.
Copyright © 2019
CyberSecurity Malaysia Incident Response Life Cycle 7 Reference:https://www.experts-exchange.com/articles/28821/What's-in-an-Incident-Response-Plan.html
8.
Copyright © 2019
CyberSecurity Malaysia Threat Intelligence Life Cycle 8 Planning and Direction Collection Processing and Exploitation Analysis and Production Dissemination
9.
Copyright © 2019
CyberSecurity Malaysia IR VS TI 9 Preparation Identification Containtment Eradication Recovery Lessons Learnt Planning and Direction Collection Processing and Exploitation Analysis and Production Dissemination
10.
Copyright © 2019
CyberSecurity Malaysia • Threat Modelling • Identify Stakeholders • Intelligence Collection Plan • Service catalog / Service Offering 10 Planning and Direction
11.
Copyright © 2019
CyberSecurity Malaysia • Threat modeling – what threats do we need to worry about? 11 Planning and Direction Threats targeting Malaysia geographically Threats targeting Malaysia geopolitically Threats targeting CNII sectors Threats targeting our organization Threats targeting technologies widely used in Malaysia
12.
Copyright © 2019
CyberSecurity Malaysia • Identify stakeholders Ø Executives/Management in our organization Ø Internal technical operation stakeholders Ø CNII sectors/sector lead Ø Other global CERTs, external collaboration and private companies that subscribes to us. 12 Planning and Direction
13.
Copyright © 2019
CyberSecurity Malaysia • Intelligence collection plan – how do we collect our data? 13 Planning and Direction (cont…) Interview our stakeholders periodically to get the idea of what they really want to see in the intelligence we share as it tend to change Malware Analyst requested some background of the campaign and necessary hashes, binaries or samples of the malware that is related to the campaign for them to directly do analysis IR Analyst requires the overview of the campaign andTTP to understand the incident better and IOCs for quicker escalation process. Management would request weekly threat landscape
14.
Copyright © 2019
CyberSecurity Malaysia 14 Planning and Direction (cont…) Service catalog / offering Catalog/Offerings Description Threat review and readiness Daily review of the data collections and extraction actionable information. IOCs and TTP sharing From the actionable information, enriched IOCs and TTP will be detected and shared concurrently with analysis Support of incident that is reported to our SOC Assist incident responders to gain more knowledge and continue to report the additional information to respective party Alert and Advisories To inform stakeholders regarding threats Intelligence reports A structured form of report Gap analysis and capability development Findings from analysis that can help to built up rules in IDS, IPS or WAF
15.
Copyright © 2019
CyberSecurity Malaysia Catalog / Offerings Output Threat review and readiness Push into our ticketing system IOCs and TTP sharing Pushed into centralized repository (MISP) Support for SOC New incidents finding = new ticket Related to old incidents = merge or create new ticket (ie different target using same TTP) Alert and Advisories Published in our website Intelligence reports Report format in docx or pdf Gap analysis and capability development Notify and alert internal team for actions like blocking IDS, IPS or gateway 15 Service catalog / offering Planning and Direction (cont…)
16.
Copyright © 2019
CyberSecurity Malaysia Collection – Use case IR 16 Feeds ISAC and Special Interest Groups Reported Incidents OSINT LebahNet Foreign Cert Format: Ticketing CSV Json Stix and taxi RSS feeds Unstructured Content Related Intrusion Malicious Code C L A S I F I C A T I O N Phishing
17.
Copyright © 2019
CyberSecurity Malaysia Processing & Exploitation 17 Content Related Phishing Intrusion Malicious Code C L A S I F I C A T I O N • Task: 1. Check and validate feeds/ high profile reported incident for false positives 2. Categorize intel received whether it is for information or needs to be taken action 3. Tagging according to incident classification 1. Credential leaked 2. PII information 3. Online Scam 1. Compromised Email Accounts 2. Web Intrusions 1. Ransomware 2. Android application .apk 3. Javascripts 1. Phishing URL 2. Phishing IP 3. Phishkit
18.
Copyright © 2019
CyberSecurity Malaysia Analysis and Production • The IOCs accepted would then be analyze by respective analysts. • Enrichment of the IOCs and extraction will be done at this point. • Compile the information (IOC & TTP) according to Kill Chain • If the TTP is new/changes, then need to renew advisory and alert • Results would be stored in centralized repository and ticketing system 18 Content Related Phishing Intrusion Malicious Code 1. Credential leaked 2. PII information 3. Online Scam 1. Compromised Email Accounts 2. Web Intrusions 1. Ransomware 2. Android application .apk 3. Javascripts 1. Phishing URL 2. Phishing IP 3. Phishkit
19.
Copyright © 2019
CyberSecurity Malaysia Dissemination 19 https://www.mycert.org.my/en/services/advisories/mycert/2019/main/index.html IOCs and TTP sharing platform Sample report
20.
Copyright © 2019
CyberSecurity Malaysia Background of incident: • Received a number of similar incidents, reported to our ticketing system that rise attention. • The incident was classified as malicious as the victim reported an application was installed and money was lost. • IR analyst request a complete information regarding the campaign. (TTP, C2, IOC and etc) 20 Case Study: Fake Malaysia National Bank App Money laundering Personal loan scam
21.
Copyright © 2019
CyberSecurity Malaysia Case Study: Fake Malaysia National Bank App 23 Reconnaissance: Adversary pretends to be a law enforcement agency officer and claimed the victim is involve in unlawful activity such as money laundering and threaten to arrest victim if they do not cooperate. Adversary offering personal loans. Weaponization: Malware downloaded from the link purportedly from National Bank of Malaysia with ext .apk Delivery: Whatsapp message with phishing /malware hosted link Exploitation: Social engineering exploitation Installation: From the link, victim is instructed to download and application that instructed victim to replace the default SMS app Command and Control: C2 servers are from these IPs receives victims information Actions: Unauthorized money transferred from victim’s account to adversary’s account File name: bnm_h_signed.apk nm_m_psigned.apk MaintainV3.apk ga.apk https://67.229.128.74:88/BNM.HTML https://144.217.88.38 http://www.bnm- gov.org/index.php/w/page/a http://www.bnm- gov.com/index.php/w/page/a Adversary’s Kill Chain
22.
Copyright © 2019
CyberSecurity Malaysia 24 Case Study: Fake Malaysia National Bank App After enrichment with these 2 domains, we found more domains targeting to our National Bank. Bnm-gov.com Bnm-gov.org Pivot email and found new domains that are still up
23.
Copyright © 2019
CyberSecurity Malaysia 25 MD5 hash for malicious .apk found: • B2bca9cf53db7237f218e73fd270bec5 • 76335eff5c7fd48c6d9e53e61c6f5dc8 • E955601b87e7a2e87f767f543600a2f1 • 19166bfcb02c59c900191e8c6570bc6f Phishing links: https://67.229.128.74:88/BNM.HTML https://144.217.88.38 http://www.bnm-gov.org/index.php/w/page/a http://www.bnm-gov.com/index.php/w/page/a http://www.m-bnmgov.com/index.php/w/page/a http://brm-bnm-gov.com/index.php/w/page/a http://www.m-bithumb.com/index.php/w/page/a Case Study: Fake Malaysia National Bank App
24.
Copyright © 2019
CyberSecurity Malaysia 26 Case Study: Fake Malaysia National Bank App C2s obtain: • 67.229.128.74 • 23.244.168.148 • 183.86.209.102 • 144.217.88.38 • 61.177.172.91 http://61.177.172.91:1013/app2/
25.
Copyright © 2019
CyberSecurity Malaysia 27 Kill Chain Process Incident Response Reconnaissance • Monitor adversary or related infra Weaponization • Perform dynamic and behavioral analysis Delivery • Phishing domain and host is reported to respective ISP and hosting company for take down Installation • Guide the victim to run antivirus or malware detection application for the phone (google play protect) • Factory reset Command and Control • Report to respective ISP regarding suspicious/malicious IP activities Actions • Guide the victim to report to respective banks and LEA for further physical investigation and actions. • Escalate to respective parties as well. Case Study: Fake Malaysia National Bank App IR’s Kill Chain
26.
Copyright © 2019
CyberSecurity Malaysia 28 IOCs and TTP sharing Case Study: Fake Malaysia National Bank App
27.
Copyright © 2019
CyberSecurity Malaysia 29 Case Study: Fake Malaysia National Bank App https://www.mycert.org.my/en/services/advisories/mycert/2018/main/detail/1305/index.html https://www.mycert.org.my/en/services/advisories/mycert/2018/main/detail/1304/index.html
28.
Copyright © 2019
CyberSecurity Malaysia Challenges • Automation tools constraint and platform since most of them need to be purchased • Competency of gathering the intel and to consolidate the information • People – Additional work load to IR – Lack of Resources (no dedicated person to segregation of daily task) – Various type of threat, huge number of threat 30
29.
Copyright © 2019
CyberSecurity Malaysia Lesson Learnt • Improve on how to enrich the IOCs and TTPs. • Improve on the maturity plan of the process flow of dissemination between stakeholders and requirements • Need to be on tip of your toes and read latest news regarding threats and emerging threats 31
30.
Copyright © 2019
CyberSecurity Malaysia Way Forward to Improve • To seek other intelligence tool that suits the daily tasks of analyst. • Established collaboration with more national and international CERTs/CSIRTs • Extend partnership with more industry players on leveraging threat intelligence as well as special interest groups. 32
31.
Copyright © 2019
CyberSecurity MalaysiaCopyright © 2019 CyberSecurity Malaysia 33