This document appears to be a slide presentation about fostering security maturity through a security lifecycle. Some key points made in the slides include that compliance does not equal security, gaining insight is important for security, and that open source tools can help organizations gain insight into their systems in a cost effective way without disrupting business. The presentation discusses doing an inventory of all systems and assets as the first step to develop a baseline understanding of normal activity to detect any suspicious activity.

1. @roobixx#POSSCON
Fostering Maturity Through a
Security Lifecycle:
An OSS Case Study
Slide 1 of 412

2. @roobixx#POSSCON

3. @roobixx#POSSCON
Info:
● Tim Fowler - OSWP
● Security Consultant, mountainsec, LLC
● Asheville, NC
● Open Source Developer & Practitioner
● @roobixx

4. @roobixx#POSSCON
Before we get ramped up let's
get a few things straight...

5. @roobixx#POSSCON
COMPLIENCE != SECURITY

6. @roobixx#POSSCON
IT != SECURITY

7. @roobixx#POSSCON
IT != SECURITY
But IT is part of Security

8. @roobixx#POSSCON
State of Security 2015

9. @roobixx#POSSCON
Security is hard*

10. @roobixx#POSSCON
THIS IS PART OF REASONTHIS IS PART OF REASON
SECURITY IS HARD!SECURITY IS HARD!

11. @roobixx#POSSCON
Many of us are failing epically
Doesn't matter because it isDoesn't matter because it is
already opened...already opened...

12. @roobixx#POSSCON

13. @roobixx#POSSCON

14. @roobixx#POSSCON
RESULTS…

15. @roobixx#POSSCON

16. @roobixx#POSSCON
It doesn't have to be this way

17. @roobixx#POSSCON
Time to ask some questions
● How are “they” doing security?
● What do “they” have that we don't?
● What do “they” know that we really should?
● How can we reduce the gap?

18. @roobixx#POSSCON
The #1 difference we found
between enterprise security
operations and everyone else
was INSIGHT

19. @roobixx#POSSCON
Open Source can help you and your
organization gain the INSIGHT you
are lacking

20. @roobixx#POSSCON
Insight starts with knowing what you have.
Do an inventory of everything. Machines,
software ...and people.

21. @roobixx#POSSCON
You can't protect that which you
do not you are charged with
protecting.

22. @roobixx#POSSCON
Security starts at Layer 0. Not the physical
layer but it starts with your people.
People > Things

23. @roobixx#POSSCON
Insight
● Inventory (Everything)
● Know how it all fits together
● Know your business
● Know your risk
● Know the impact
● Determine your baseline

24. @roobixx#POSSCON
What is suspicious on your
network?

25. @roobixx#POSSCON
You can't
determine
what is
suspicious
until you
know what
normal is.

26. @roobixx#POSSCON
Security is never done. Once you
start, you never will stop. You just
need to get started

27. @roobixx#POSSCON
Security Lifecycle

28. @roobixx#POSSCON

29. @roobixx#POSSCON

30. @roobixx#POSSCON
It will take time to make it through a
cycle.

31. @roobixx#POSSCON
We did not make it past Insight.

32. @roobixx#POSSCON

33. @roobixx#POSSCON
These Open Source tools and
platforms allows organizations to
go from ZERO to INSIGHT
without breaking the bank or
disrupting business

34. @roobixx#POSSCON
Utilizing the power of open
source, you can finally answer
the question...”What is normal?”