HoneyPy Honeypot (OWASP Triangle Chapter)
•
1 like•210 views
Presented on May 19, 2016 at the OWASP Triangle Chapter (https://www.meetup.com/owasptriangle/events/230531768/). Honeypots can be a valuable resource in detecting malicious actors on a network. The discussion will cover a brief intro on honeypots and then turns to HoneyPy, which is an open source honeypot that is extensible and simple to deploy. In addition, the talk will explore HoneyPy's integration with several other tools to increase visibility of malicious hosts on the Internet.
Report
Share
Report
Share
Download to read offline
Recommended
HoneyPy & HoneyDB (LASCON 2016)
Presented on November 4, 2016 at LASCON (https://lascon2016.sched.com/event/8W7h/honeypy-amp-honeydb). This talk will provide a light intro to honeypots and their benefits, and highlight two projects HoneyPy and HoneyDB. Operating honeypot sensors on your internal network is a simple way to make your network “noisy” and can trip up malicious actors that have already penetrated your network. Also, leveraging data from honeypot sensors on the Internet can be a useful source of threat information.
Introduction To ICT Security Audit OWASP Day Malaysia 2011
This document outlines an agenda for an IT audit and assessment event. It discusses identifying risks like outdated patches, weak passwords, open ports, and phishing. It provides resources for monitoring vulnerabilities and cracking passwords. Labs are suggested to practice tasks like patching, password cracking, port scanning, and network monitoring. The objective is to harden systems against common threats by finding vulnerabilities and ensuring regular security reviews are performed. Participants are encouraged to get involved to improve the security of their organization.
Honeypots, Deception, and Frankenstein
Presented on April 14, 2018 at CarolinaCon (https://www.carolinacon.org). This talk will provide a quick overview honeypots, an explanation of the cyber deception space, and the benefits of implementing deception as part of your cyber defense program. In addition, this talk will highlight the HoneyDB project, which enables anyone to get started with operating deception sensors and start collecting threat information. Finally, this presentation will describe how I built scalable honeypot sensor collection, employing a "Frankenstein Cloud Architecture", for minimal cost.
Introduction to Honeypots
Edgis Sharing Session – Introduction to Honeypots
at Whitehat Society, Singapore Management University
September 2012
at Computing Society, Royal Holloway, University of London
February 2013
Honey pots
The document discusses honey pots, which are computer systems that are intended to attract and monitor hackers. It provides an overview of honey pots, including their historical development, types (production vs research), levels of interaction (low vs high), tools used, and advantages and disadvantages. The document also discusses how honey pots work using intrusion detection systems like Snort, and how honey pots have evolved over time and may continue to develop in the future.
Silent web app testing by example - BerlinSides 2011
A practical OWASP Testing Guide walk-through focused on passive and semi passive web app testing techniques
NOTE: Use the "Download" option at the top to see the presentation as a PDF properly
HoneyPy & HoneyDB (CarolinaCon 13)
Presented on May 21, 2017 at CarolinaCon (https://www.carolinacon.org). This talk will provide a light intro to honeypots and their benefits, and highlight two projects HoneyPy and HoneyDB. Operating honeypot sensors on your internal network is a simple way to make your network “noisy” and can trip up malicious actors that have already penetrated your network. Also, leveraging data from honeypot sensors on the Internet can be a useful source of threat information.
Honeypots, Deception, and Frankenstein
Presented on May 9, 2018 at SOURCE Conference Boston
(https://sourceconference.com/events/bos18/).
This version contains minor updates from previous presentations.
This talk will provide a quick overview honeypots, an explanation of the cyber deception space, and the benefits of implementing deception as part of your cyber defense program. In addition, this talk will highlight the HoneyDB project, which enables anyone to get started with operating deception sensors and start collecting threat information. Finally, this presentation will describe how I built scalable honeypot sensor collection, employing a "Frankenstein Cloud Architecture", for minimal cost.
Recommended
HoneyPy & HoneyDB (LASCON 2016)
Presented on November 4, 2016 at LASCON (https://lascon2016.sched.com/event/8W7h/honeypy-amp-honeydb). This talk will provide a light intro to honeypots and their benefits, and highlight two projects HoneyPy and HoneyDB. Operating honeypot sensors on your internal network is a simple way to make your network “noisy” and can trip up malicious actors that have already penetrated your network. Also, leveraging data from honeypot sensors on the Internet can be a useful source of threat information.
Introduction To ICT Security Audit OWASP Day Malaysia 2011
This document outlines an agenda for an IT audit and assessment event. It discusses identifying risks like outdated patches, weak passwords, open ports, and phishing. It provides resources for monitoring vulnerabilities and cracking passwords. Labs are suggested to practice tasks like patching, password cracking, port scanning, and network monitoring. The objective is to harden systems against common threats by finding vulnerabilities and ensuring regular security reviews are performed. Participants are encouraged to get involved to improve the security of their organization.
Honeypots, Deception, and Frankenstein
Presented on April 14, 2018 at CarolinaCon (https://www.carolinacon.org). This talk will provide a quick overview honeypots, an explanation of the cyber deception space, and the benefits of implementing deception as part of your cyber defense program. In addition, this talk will highlight the HoneyDB project, which enables anyone to get started with operating deception sensors and start collecting threat information. Finally, this presentation will describe how I built scalable honeypot sensor collection, employing a "Frankenstein Cloud Architecture", for minimal cost.
Introduction to Honeypots
Edgis Sharing Session – Introduction to Honeypots
at Whitehat Society, Singapore Management University
September 2012
at Computing Society, Royal Holloway, University of London
February 2013
Honey pots
The document discusses honey pots, which are computer systems that are intended to attract and monitor hackers. It provides an overview of honey pots, including their historical development, types (production vs research), levels of interaction (low vs high), tools used, and advantages and disadvantages. The document also discusses how honey pots work using intrusion detection systems like Snort, and how honey pots have evolved over time and may continue to develop in the future.
Silent web app testing by example - BerlinSides 2011
A practical OWASP Testing Guide walk-through focused on passive and semi passive web app testing techniques
NOTE: Use the "Download" option at the top to see the presentation as a PDF properly
HoneyPy & HoneyDB (CarolinaCon 13)
Presented on May 21, 2017 at CarolinaCon (https://www.carolinacon.org). This talk will provide a light intro to honeypots and their benefits, and highlight two projects HoneyPy and HoneyDB. Operating honeypot sensors on your internal network is a simple way to make your network “noisy” and can trip up malicious actors that have already penetrated your network. Also, leveraging data from honeypot sensors on the Internet can be a useful source of threat information.
Honeypots, Deception, and Frankenstein
Presented on May 9, 2018 at SOURCE Conference Boston
(https://sourceconference.com/events/bos18/).
This version contains minor updates from previous presentations.
This talk will provide a quick overview honeypots, an explanation of the cyber deception space, and the benefits of implementing deception as part of your cyber defense program. In addition, this talk will highlight the HoneyDB project, which enables anyone to get started with operating deception sensors and start collecting threat information. Finally, this presentation will describe how I built scalable honeypot sensor collection, employing a "Frankenstein Cloud Architecture", for minimal cost.
Deception in Cyber Security (League of Women in Cyber Security)
Presented on August 23, 2017 at the League of Women in Cyber Security meetup (https://www.meetup.com/League-of-Women-in-Cybersecurity/events/242071337/). his talk will provide an intro to honeypots and their benefits, an intro to deception in cyber security, and an overview of HoneyPy and HoneyDB.
Protección web con ESAPI y AppSensor [GuadalajaraCON 2013]
The document discusses how to protect web applications using the OWASP ESAPI and AppSensor tools. It provides an overview of ESAPI, describing how it can help prevent common vulnerabilities like SQL injection and cross-site scripting. It also summarizes AppSensor, describing it as a framework that implements intrusion detection and automated response directly within applications. The document demonstrates how both tools can help developers build more secure applications with less effort.
CSA Raleigh application security and deception in the cloud
Phillip Maddux gave a presentation on application security and deception in the cloud. He discussed the modern web landscape of microservices, APIs, and cloud platforms. He noted challenges with legacy security solutions like limited visibility, false positives, and lack of scalability. Maddux advocated for solutions that provide strategic and tactical visibility, dynamic detection without tuning, and leveraging cloud platform security features. He also discussed deception techniques like honeypots, lures, and automation to detect threats and collect intelligence on attackers in cloud environments. The goal is to make networks and clouds dangerous for attackers through deception.
Automated Security Testing
This document discusses automated security testing using the Zed Attack Proxy (ZAP) tool. It describes how ZAP can be used to passively and actively scan web applications for security vulnerabilities by intercepting HTTP traffic. It also provides examples of integrating ZAP into continuous integration builds using its REST API and tasks for Ant and Maven. While automated testing finds many issues, some vulnerabilities still require human intelligence to identify false positives and negatives.
Honeypots for Active Defense
InfoSec analysts are all somewhat familiar with Honeypots. When they are given the proper attention, care and feeding, they produce invaluable information and can be a critical asset when it comes to defending the network. This intel has been primarily used by security researchers and organizations with advanced defensive capabilities to study their adversaries and learn from their actions. But what about the rest of us? Honeypots are a lot of work to configure, maintain, and monitor, right? Not exactly; when deployed and monitored properly, Honeypots and Honey Tokens are a simple way to alert on anomalous activity inside the network. But how can an organization that is not focused on research gain valuable threat intelligence using Honeypots and actively defend their network using indicators generated from an internal Honeynet?
The answer is Honeypots for Active Defense. There are currently many open source security tool distributions that come pre-loaded with Honeypots among other useful tools, however the Honeypot software is often not deployed in an effective manner. This session will discuss techniques to leverage Honeypots in ways that will not overburden the security team with massive logs to sift through and focuses efforts on correlating active threat data observed in the Honeypots with the production environment. When deploying Honeypots effectively, this can give security analysts one additional mechanism to tip them off to nefarious activity within their network before they become the next headline.
Bug Bounty #Defconlucknow2016
The document discusses bug bounty hunting. It introduces Shubham Gupta and Yash Pandya who are security consultants and top bug hunters. It outlines the agenda which includes an introduction to bug bounty programs, reasons for bug hunting, how to find bugs, quick tips, proofs of concept, pros and cons, and a Q&A. It provides a brief history of bug bounty programs and notes that now anyone can participate from home. It discusses types of bugs and tools used for hunting. Quick tips include using Google dorks, testing for information disclosure vulnerabilities, and completing challenges to improve skills. Examples are provided of unique bugs found like SVG XSS and an IDOR issue found in Google.
H@dfex 2015 malware analysis
Charles Lim presented on malware analysis at a conference in Yogyakarta, Indonesia. He discussed various techniques for analyzing malware, including static analysis of program code and files, dynamic analysis by executing programs in sandboxes or virtual machines, and memory analysis of running processes. He also provided a case study of analyzing a malware infection that caused a denial of service attack through traffic flooding. Future challenges in malware analysis include dealing with packed or encrypted malware, evasive malware that uses anti-analysis techniques, and continuing to improve analysis through machine learning.
Recent Trends in Cyber Security
The document discusses recent trends in cyber security. It begins with threat statistics showing a rapid expansion of the cyber security landscape, with the number of data breaches and records exposed increasing significantly each year. It then provides a technical overview of the top threats such as mobile application vulnerabilities, XML entity expansion attacks, SQL injection, and improper use of HTTP headers. The document also covers education and certification opportunities in cyber security, individual research areas, the local job market, and communities like Colombo White Hat Security.
Malware analysis _ Threat Intelligence Morocco
The document discusses two cyber threats that existed in Morocco:
1. A password info stealer malware that was responsible for 90% of attacks. Intelligence tracking detected around 180GB of leaked data related to Moroccan domains and personal information, and over 320 spammers were identified from the data with connections to Morocco.
2. An ATM dispense malware that was gathered from Moroccan internet service providers. Technical details about the ATM malware were presented, but not summarized.
The document ends by stating that preparations are being made for the "next war", but does not clarify the purpose of the two threats.
Wordpress security
cumartesi günü düzenlenen PHP Meetup 011'de konu Wordpress'ti. Bizde Doruk Fişek ile birlikte bir joint sunum gerçekleştirdik. Ben işin Wordpress Security tarafını o ise Wordpress Sunucu Güvenliği tarafını ele aldı. Benim sunumuma aşağıdaki slideshare bağlantısı üzerinden ulaşabilirsiniz.
Owasp Mobile Top 10 - M7 & M8
M7 discusses client side injection vulnerabilities like SQL injection, XSS, and local file injection. M8 discusses security decisions made via untrusted inputs like cookies, URLs, and intents. These can allow privilege escalation, data exfiltration, and consuming paid resources. Prevention includes input validation, prepared statements, and disabling unnecessary capabilities. Abusing URL schemes on iOS and intents on Android can launch apps or actions without permission by spoofing requests. Checking permissions and user authorization at input boundaries helps prevent these attacks.
Jerod Brennen - What You Need to Know About OSINT
Open Source Intelligence Gathering (OSINT) is growing in popularity among attackers and defenders alike. When an attacker comes knocking on your network's front door, the warning lights go off in multiple systems (IDS, IPS, SIEM, WAF). More sophisticated attackers, however, spend considerable time gathering information using tools and techniques that never touch any of your systems. As a result, these attackers are able to execute their attacks and make off with proprietary data before you even know they are there. This presentation provides an introduction to many OSINT tools and techniques, as well as methods you can use to minimize your exposure.
What you need to know about OSINT
Open Source Intelligence Gathering (OSINT) is growing in popularity among attackers and defenders alike. When an attacker comes knocking on your network's front door, the warning lights go off in multiple systems (IDS, IPS, SIEM, WAF). More sophisticated attackers, however, spend considerable time gathering information using tools and techniques that never touch any of your systems. As a result, these attackers are able to execute their attacks and make off with proprietary data before you even know they are there. This presentation provides an introduction to many OSINT tools and techniques, as well as methods you can use to minimize your exposure.
Chirita ionel owasp europe tour
The document discusses an upcoming OWASP EU Tour event in Bucharest, Romania in 2013. It provides an agenda for the event that includes several presentations on topics like security investments, penetration testing, Android application security, password security, and SQL injection vulnerabilities. It also summarizes what OWASP is and provides information about its global reach, projects, tools and resources to help improve software security.
Malware in the Wild: Evolving to Evade Detection
Lastline co-founder and chief architect Engin Kirda presents new insights into malware in the wild including new research coming out of Lastline Labs on high resolution dynamic analysis of Windows kernel root kits at SXSW Interactive.
Malware Analysis
This document provides an overview of methodologies for handling security incidents, including threat hunting, malware analysis, incident response, and threat intelligence. It discusses the skills, tools, and techniques involved in each methodology. For malware analysis, it describes skills like reverse engineering and static/dynamic analysis. It also lists resources for malware analysis like tools for static analysis, reverse engineering, and reporting.
How to Manage the Risk of your Polyglot Environments
In this webinar, we’ll explore how to navigate the tension between speed and security when it comes to open source languages.
Enterprises are challenged by conflicting interests:
Engineering teams want more time to focus on code quality, but product managers want to ship faster.
Developers want the best tool for the job, but companies resist adding more technology stacks to their growing tech debt.
Retrofitting for security and vulnerabilities after the fact becomes a big blocker for Development and Engineering teams. Enterprises are challenged with resolving new threats and vulnerabilities at the pace at which they crop up. And yet, speed wins over security because faster time-to-market takes a greater priority over fixing vulnerabilities.
Our expert panel will cover how to resolve the tension between speed and security by practices which:
Minimize DevOps overhead from retrofitting programming languages with new versions, dependencies, security patches, etc.
Enable Continuous Builds to keep up with your continuous deployments
Use Build Validation to vet your continuous builds against smoke tests
Bug Bounty Hunting for Companies & Researchers: Bounty Hunting in Sudan and A...
Bug Bounty Hunting for Companies & Researchers: Bounty Hunting in Sudan and Abroad
http://blog.mazinahmed.net/2016/10/bug-bounty-hunting-swiss-cyber-storm.html
DMA - Stupid Cyber Criminal Tricks
Dayton Microcomputer Association (DMA):
April 2020 - Online Meeting
Date: April 28, 2020
Topic: Stupid Cyber Criminal Tricks and How to Combat Them
Speaker: Matt Scheurer
This talk covers various techniques used by cyber criminals, and how to spot them. This is the accompanying slide deck for a presentation that covers live demos. Who does not love a good cyber-crime story?
OWASP: iOS Spelunking
iOS holds some of our most important data. So, it is important to understand how it works and hopefully get a better sense of how to protect it. In this talk we will start with some relatively high level attacker perspectives. Then, we will dive deep into some of the tools and techniques we can use to analyze most sensitive phone apps.
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
A Mix Chart displays historical data of numbers in a graphical or tabular form. The Kalyan Rajdhani Mix Chart specifically shows the results of a sequence of numbers over different periods.
More Related Content
Similar to HoneyPy Honeypot (OWASP Triangle Chapter)
Deception in Cyber Security (League of Women in Cyber Security)
Presented on August 23, 2017 at the League of Women in Cyber Security meetup (https://www.meetup.com/League-of-Women-in-Cybersecurity/events/242071337/). his talk will provide an intro to honeypots and their benefits, an intro to deception in cyber security, and an overview of HoneyPy and HoneyDB.
Protección web con ESAPI y AppSensor [GuadalajaraCON 2013]
The document discusses how to protect web applications using the OWASP ESAPI and AppSensor tools. It provides an overview of ESAPI, describing how it can help prevent common vulnerabilities like SQL injection and cross-site scripting. It also summarizes AppSensor, describing it as a framework that implements intrusion detection and automated response directly within applications. The document demonstrates how both tools can help developers build more secure applications with less effort.
CSA Raleigh application security and deception in the cloud
Phillip Maddux gave a presentation on application security and deception in the cloud. He discussed the modern web landscape of microservices, APIs, and cloud platforms. He noted challenges with legacy security solutions like limited visibility, false positives, and lack of scalability. Maddux advocated for solutions that provide strategic and tactical visibility, dynamic detection without tuning, and leveraging cloud platform security features. He also discussed deception techniques like honeypots, lures, and automation to detect threats and collect intelligence on attackers in cloud environments. The goal is to make networks and clouds dangerous for attackers through deception.
Automated Security Testing
This document discusses automated security testing using the Zed Attack Proxy (ZAP) tool. It describes how ZAP can be used to passively and actively scan web applications for security vulnerabilities by intercepting HTTP traffic. It also provides examples of integrating ZAP into continuous integration builds using its REST API and tasks for Ant and Maven. While automated testing finds many issues, some vulnerabilities still require human intelligence to identify false positives and negatives.
Honeypots for Active Defense
InfoSec analysts are all somewhat familiar with Honeypots. When they are given the proper attention, care and feeding, they produce invaluable information and can be a critical asset when it comes to defending the network. This intel has been primarily used by security researchers and organizations with advanced defensive capabilities to study their adversaries and learn from their actions. But what about the rest of us? Honeypots are a lot of work to configure, maintain, and monitor, right? Not exactly; when deployed and monitored properly, Honeypots and Honey Tokens are a simple way to alert on anomalous activity inside the network. But how can an organization that is not focused on research gain valuable threat intelligence using Honeypots and actively defend their network using indicators generated from an internal Honeynet?
The answer is Honeypots for Active Defense. There are currently many open source security tool distributions that come pre-loaded with Honeypots among other useful tools, however the Honeypot software is often not deployed in an effective manner. This session will discuss techniques to leverage Honeypots in ways that will not overburden the security team with massive logs to sift through and focuses efforts on correlating active threat data observed in the Honeypots with the production environment. When deploying Honeypots effectively, this can give security analysts one additional mechanism to tip them off to nefarious activity within their network before they become the next headline.
Bug Bounty #Defconlucknow2016
The document discusses bug bounty hunting. It introduces Shubham Gupta and Yash Pandya who are security consultants and top bug hunters. It outlines the agenda which includes an introduction to bug bounty programs, reasons for bug hunting, how to find bugs, quick tips, proofs of concept, pros and cons, and a Q&A. It provides a brief history of bug bounty programs and notes that now anyone can participate from home. It discusses types of bugs and tools used for hunting. Quick tips include using Google dorks, testing for information disclosure vulnerabilities, and completing challenges to improve skills. Examples are provided of unique bugs found like SVG XSS and an IDOR issue found in Google.
H@dfex 2015 malware analysis
Charles Lim presented on malware analysis at a conference in Yogyakarta, Indonesia. He discussed various techniques for analyzing malware, including static analysis of program code and files, dynamic analysis by executing programs in sandboxes or virtual machines, and memory analysis of running processes. He also provided a case study of analyzing a malware infection that caused a denial of service attack through traffic flooding. Future challenges in malware analysis include dealing with packed or encrypted malware, evasive malware that uses anti-analysis techniques, and continuing to improve analysis through machine learning.
Recent Trends in Cyber Security
The document discusses recent trends in cyber security. It begins with threat statistics showing a rapid expansion of the cyber security landscape, with the number of data breaches and records exposed increasing significantly each year. It then provides a technical overview of the top threats such as mobile application vulnerabilities, XML entity expansion attacks, SQL injection, and improper use of HTTP headers. The document also covers education and certification opportunities in cyber security, individual research areas, the local job market, and communities like Colombo White Hat Security.
Malware analysis _ Threat Intelligence Morocco
The document discusses two cyber threats that existed in Morocco:
1. A password info stealer malware that was responsible for 90% of attacks. Intelligence tracking detected around 180GB of leaked data related to Moroccan domains and personal information, and over 320 spammers were identified from the data with connections to Morocco.
2. An ATM dispense malware that was gathered from Moroccan internet service providers. Technical details about the ATM malware were presented, but not summarized.
The document ends by stating that preparations are being made for the "next war", but does not clarify the purpose of the two threats.
Wordpress security
cumartesi günü düzenlenen PHP Meetup 011'de konu Wordpress'ti. Bizde Doruk Fişek ile birlikte bir joint sunum gerçekleştirdik. Ben işin Wordpress Security tarafını o ise Wordpress Sunucu Güvenliği tarafını ele aldı. Benim sunumuma aşağıdaki slideshare bağlantısı üzerinden ulaşabilirsiniz.
Owasp Mobile Top 10 - M7 & M8
M7 discusses client side injection vulnerabilities like SQL injection, XSS, and local file injection. M8 discusses security decisions made via untrusted inputs like cookies, URLs, and intents. These can allow privilege escalation, data exfiltration, and consuming paid resources. Prevention includes input validation, prepared statements, and disabling unnecessary capabilities. Abusing URL schemes on iOS and intents on Android can launch apps or actions without permission by spoofing requests. Checking permissions and user authorization at input boundaries helps prevent these attacks.
Jerod Brennen - What You Need to Know About OSINT
Open Source Intelligence Gathering (OSINT) is growing in popularity among attackers and defenders alike. When an attacker comes knocking on your network's front door, the warning lights go off in multiple systems (IDS, IPS, SIEM, WAF). More sophisticated attackers, however, spend considerable time gathering information using tools and techniques that never touch any of your systems. As a result, these attackers are able to execute their attacks and make off with proprietary data before you even know they are there. This presentation provides an introduction to many OSINT tools and techniques, as well as methods you can use to minimize your exposure.
What you need to know about OSINT
Open Source Intelligence Gathering (OSINT) is growing in popularity among attackers and defenders alike. When an attacker comes knocking on your network's front door, the warning lights go off in multiple systems (IDS, IPS, SIEM, WAF). More sophisticated attackers, however, spend considerable time gathering information using tools and techniques that never touch any of your systems. As a result, these attackers are able to execute their attacks and make off with proprietary data before you even know they are there. This presentation provides an introduction to many OSINT tools and techniques, as well as methods you can use to minimize your exposure.
Chirita ionel owasp europe tour
The document discusses an upcoming OWASP EU Tour event in Bucharest, Romania in 2013. It provides an agenda for the event that includes several presentations on topics like security investments, penetration testing, Android application security, password security, and SQL injection vulnerabilities. It also summarizes what OWASP is and provides information about its global reach, projects, tools and resources to help improve software security.
Malware in the Wild: Evolving to Evade Detection
Lastline co-founder and chief architect Engin Kirda presents new insights into malware in the wild including new research coming out of Lastline Labs on high resolution dynamic analysis of Windows kernel root kits at SXSW Interactive.
Malware Analysis
This document provides an overview of methodologies for handling security incidents, including threat hunting, malware analysis, incident response, and threat intelligence. It discusses the skills, tools, and techniques involved in each methodology. For malware analysis, it describes skills like reverse engineering and static/dynamic analysis. It also lists resources for malware analysis like tools for static analysis, reverse engineering, and reporting.
How to Manage the Risk of your Polyglot Environments
In this webinar, we’ll explore how to navigate the tension between speed and security when it comes to open source languages.
Enterprises are challenged by conflicting interests:
Engineering teams want more time to focus on code quality, but product managers want to ship faster.
Developers want the best tool for the job, but companies resist adding more technology stacks to their growing tech debt.
Retrofitting for security and vulnerabilities after the fact becomes a big blocker for Development and Engineering teams. Enterprises are challenged with resolving new threats and vulnerabilities at the pace at which they crop up. And yet, speed wins over security because faster time-to-market takes a greater priority over fixing vulnerabilities.
Our expert panel will cover how to resolve the tension between speed and security by practices which:
Minimize DevOps overhead from retrofitting programming languages with new versions, dependencies, security patches, etc.
Enable Continuous Builds to keep up with your continuous deployments
Use Build Validation to vet your continuous builds against smoke tests
Bug Bounty Hunting for Companies & Researchers: Bounty Hunting in Sudan and A...
Bug Bounty Hunting for Companies & Researchers: Bounty Hunting in Sudan and Abroad
http://blog.mazinahmed.net/2016/10/bug-bounty-hunting-swiss-cyber-storm.html
DMA - Stupid Cyber Criminal Tricks
Dayton Microcomputer Association (DMA):
April 2020 - Online Meeting
Date: April 28, 2020
Topic: Stupid Cyber Criminal Tricks and How to Combat Them
Speaker: Matt Scheurer
This talk covers various techniques used by cyber criminals, and how to spot them. This is the accompanying slide deck for a presentation that covers live demos. Who does not love a good cyber-crime story?
OWASP: iOS Spelunking
iOS holds some of our most important data. So, it is important to understand how it works and hopefully get a better sense of how to protect it. In this talk we will start with some relatively high level attacker perspectives. Then, we will dive deep into some of the tools and techniques we can use to analyze most sensitive phone apps.
Similar to HoneyPy Honeypot (OWASP Triangle Chapter) (20)
Deception in Cyber Security (League of Women in Cyber Security)
Deception in Cyber Security (League of Women in Cyber Security)
Protección web con ESAPI y AppSensor [GuadalajaraCON 2013]
Protección web con ESAPI y AppSensor [GuadalajaraCON 2013]
CSA Raleigh application security and deception in the cloud
CSA Raleigh application security and deception in the cloud
How to Manage the Risk of your Polyglot Environments
How to Manage the Risk of your Polyglot Environments
Bug Bounty Hunting for Companies & Researchers: Bounty Hunting in Sudan and A...
Bug Bounty Hunting for Companies & Researchers: Bounty Hunting in Sudan and A...
Recently uploaded
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
A Mix Chart displays historical data of numbers in a graphical or tabular form. The Kalyan Rajdhani Mix Chart specifically shows the results of a sequence of numbers over different periods.
Main news related to the CCS TSI 2023 (2023/1695)
An English 🇬🇧 translation of a presentation to the speech I gave about the main changes brought by CCS TSI 2023 at the biggest Czech conference on Communications and signalling systems on Railways, which was held in Clarion Hotel Olomouc from 7th to 9th November 2023 (konferenceszt.cz). Attended by around 500 participants and 200 on-line followers.
The original Czech 🇨🇿 version of the presentation can be found here: https://www.slideshare.net/slideshow/hlavni-novinky-souvisejici-s-ccs-tsi-2023-2023-1695/269688092 .
The videorecording (in Czech) from the presentation is available here: https://youtu.be/WzjJWm4IyPk?si=SImb06tuXGb30BEH .
ScyllaDB Tablets: Rethinking Replication
ScyllaDB is making a major architecture shift. We’re moving from vNode replication to tablets – fragments of tables that are distributed independently, enabling dynamic data distribution and extreme elasticity. In this keynote, ScyllaDB co-founder and CTO Avi Kivity explains the reason for this shift, provides a look at the implementation and roadmap, and shares how this shift benefits ScyllaDB users.
Harnessing the Power of NLP and Knowledge Graphs for Opioid Research
Gursev Pirge, PhD
Senior Data Scientist - JohnSnowLabs
Northern Engraving | Modern Metal Trim, Nameplates and Appliance Panels
What began over 115 years ago as a supplier of precision gauges to the automotive industry has evolved into being an industry leader in the manufacture of product branding, automotive cockpit trim and decorative appliance trim. Value-added services include in-house Design, Engineering, Program Management, Test Lab and Tool Shops.
Mutation Testing for Task-Oriented Chatbots
Conversational agents, or chatbots, are increasingly used to access all sorts of services using natural language. While open-domain chatbots - like ChatGPT - can converse on any topic, task-oriented chatbots - the focus of this paper - are designed for specific tasks, like booking a flight, obtaining customer support, or setting an appointment. Like any other software, task-oriented chatbots need to be properly tested, usually by defining and executing test scenarios (i.e., sequences of user-chatbot interactions). However, there is currently a lack of methods to quantify the completeness and strength of such test scenarios, which can lead to low-quality tests, and hence to buggy chatbots.
To fill this gap, we propose adapting mutation testing (MuT) for task-oriented chatbots. To this end, we introduce a set of mutation operators that emulate faults in chatbot designs, an architecture that enables MuT on chatbots built using heterogeneous technologies, and a practical realisation as an Eclipse plugin. Moreover, we evaluate the applicability, effectiveness and efficiency of our approach on open-source chatbots, with promising results.
What is an RPA CoE? Session 2 – CoE Roles
In this session, we will review the players involved in the CoE and how each role impacts opportunities.
Topics covered:
• What roles are essential?
• What place in the automation journey does each role play?
Speaker:
Chris Bolin, Senior Intelligent Automation Architect Anika Systems
"Choosing proper type of scaling", Olena Syrota
Imagine an IoT processing system that is already quite mature and production-ready and for which client coverage is growing and scaling and performance aspects are life and death questions. The system has Redis, MongoDB, and stream processing based on ksqldb. In this talk, firstly, we will analyze scaling approaches and then select the proper ones for our system.
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
Folding is a recent technique for building efficient recursive SNARKs. Several elegant folding protocols have been proposed, such as Nova, Supernova, Hypernova, Protostar, and others. However, all of them rely on an additively homomorphic commitment scheme based on discrete log, and are therefore not post-quantum secure. In this work we present LatticeFold, the first lattice-based folding protocol based on the Module SIS problem. This folding protocol naturally leads to an efficient recursive lattice-based SNARK and an efficient PCD scheme. LatticeFold supports folding low-degree relations, such as R1CS, as well as high-degree relations, such as CCS. The key challenge is to construct a secure folding protocol that works with the Ajtai commitment scheme. The difficulty, is ensuring that extracted witnesses are low norm through many rounds of folding. We present a novel technique using the sumcheck protocol to ensure that extracted witnesses are always low norm no matter how many rounds of folding are used. Our evaluation of the final proof system suggests that it is as performant as Hypernova, while providing post-quantum security.
Paper Link: https://eprint.iacr.org/2024/257
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks creates AI-boosted business software that helps employees work more efficiently and effectively. Managing data across multiple RDBMS and NoSQL databases was already a challenge at their current scale. To prepare for 10X growth, they knew it was time to rethink their database strategy. Learn how they architected a solution that would simplify scaling while keeping costs under control.
A Deep Dive into ScyllaDB's Architecture
This talk will cover ScyllaDB Architecture from the cluster-level view and zoom in on data distribution and internal node architecture. In the process, we will learn the secret sauce used to get ScyllaDB's high availability and superior performance. We will also touch on the upcoming changes to ScyllaDB architecture, moving to strongly consistent metadata and tablets.
Demystifying Knowledge Management through Storytelling
The Department of Veteran Affairs (VA) invited Taylor Paschal, Knowledge & Information Management Consultant at Enterprise Knowledge, to speak at a Knowledge Management Lunch and Learn hosted on June 12, 2024. All Office of Administration staff were invited to attend and received professional development credit for participating in the voluntary event.
The objectives of the Lunch and Learn presentation were to:
- Review what KM ‘is’ and ‘isn’t’
- Understand the value of KM and the benefits of engaging
- Define and reflect on your “what’s in it for me?”
- Share actionable ways you can participate in Knowledge - - Capture & Transfer
inQuba Webinar Mastering Customer Journey Management with Dr Graham Hill
HERE IS YOUR WEBINAR CONTENT! 'Mastering Customer Journey Management with Dr. Graham Hill'. We hope you find the webinar recording both insightful and enjoyable.
In this webinar, we explored essential aspects of Customer Journey Management and personalization. Here’s a summary of the key insights and topics discussed:
Key Takeaways:
Understanding the Customer Journey: Dr. Hill emphasized the importance of mapping and understanding the complete customer journey to identify touchpoints and opportunities for improvement.
Personalization Strategies: We discussed how to leverage data and insights to create personalized experiences that resonate with customers.
Technology Integration: Insights were shared on how inQuba’s advanced technology can streamline customer interactions and drive operational efficiency.
Leveraging the Graph for Clinical Trials and Standards
Katja Glaß
OpenStudyBuilder Community Manager - Katja Glaß Consulting
Marius Conjeaud
Principal Consultant - Neo4j
What is an RPA CoE? Session 1 – CoE Vision
In the first session, we will review the organization's vision and how this has an impact on the COE Structure.
Topics covered:
• The role of a steering committee
• How do the organization’s priorities determine CoE Structure?
Speaker:
Chris Bolin, Senior Intelligent Automation Architect Anika Systems
"Scaling RAG Applications to serve millions of users", Kevin Goedecke
How we managed to grow and scale a RAG application from zero to thousands of users in 7 months. Lessons from technical challenges around managing high load for LLMs, RAGs and Vector databases.
Apps Break Data
How information systems are built or acquired puts information, which is what they should be about, in a secondary place. Our language adapted accordingly, and we no longer talk about information systems but applications. Applications evolved in a way to break data into diverse fragments, tightly coupled with applications and expensive to integrate. The result is technical debt, which is re-paid by taking even bigger "loans", resulting in an ever-increasing technical debt. Software engineering and procurement practices work in sync with market forces to maintain this trend. This talk demonstrates how natural this situation is. The question is: can something be done to reverse the trend?
Astute Business Solutions | Oracle Cloud Partner |
Your goto partner for Oracle Cloud, PeopleSoft, E-Business Suite, and Ellucian Banner. We are a firm specialized in managed services and consulting.
From Natural Language to Structured Solr Queries using LLMs
This talk draws on experimentation to enable AI applications with Solr. One important use case is to use AI for better accessibility and discoverability of the data: while User eXperience techniques, lexical search improvements, and data harmonization can take organizations to a good level of accessibility, a structural (or “cognitive” gap) remains between the data user needs and the data producer constraints.
That is where AI – and most importantly, Natural Language Processing and Large Language Model techniques – could make a difference. This natural language, conversational engine could facilitate access and usage of the data leveraging the semantics of any data source.
The objective of the presentation is to propose a technical approach and a way forward to achieve this goal.
The key concept is to enable users to express their search queries in natural language, which the LLM then enriches, interprets, and translates into structured queries based on the Solr index’s metadata.
This approach leverages the LLM’s ability to understand the nuances of natural language and the structure of documents within Apache Solr.
The LLM acts as an intermediary agent, offering a transparent experience to users automatically and potentially uncovering relevant documents that conventional search methods might overlook. The presentation will include the results of this experimental work, lessons learned, best practices, and the scope of future work that should improve the approach and make it production-ready.
Recently uploaded (20)
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
Harnessing the Power of NLP and Knowledge Graphs for Opioid Research
Harnessing the Power of NLP and Knowledge Graphs for Opioid Research
Northern Engraving | Modern Metal Trim, Nameplates and Appliance Panels
Northern Engraving | Modern Metal Trim, Nameplates and Appliance Panels
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Demystifying Knowledge Management through Storytelling
Demystifying Knowledge Management through Storytelling
inQuba Webinar Mastering Customer Journey Management with Dr Graham Hill
inQuba Webinar Mastering Customer Journey Management with Dr Graham Hill
Leveraging the Graph for Clinical Trials and Standards
Leveraging the Graph for Clinical Trials and Standards
"Scaling RAG Applications to serve millions of users", Kevin Goedecke
"Scaling RAG Applications to serve millions of users", Kevin Goedecke
Astute Business Solutions | Oracle Cloud Partner |
Astute Business Solutions | Oracle Cloud Partner |
From Natural Language to Structured Solr Queries using LLMs
From Natural Language to Structured Solr Queries using LLMs
HoneyPy Honeypot (OWASP Triangle Chapter)
- 1. HoneyPy Honeypot A low to medium interaction honeypot OWASP
- 2. BIO Previously did security stuff at ● Goldman Sachs ● Ernst & Young ● Florida International University (some IT stuff too) On the socials ● Twitter: @foospidy ● Github: http://github.com/foospidy ● LinkedIn: https://www.linkedin.com/in/phillip-maddux-60499a105 ● Blog: http://pxmx.io OWASP Senior Solutions Engineer @ Signal Sciences https://signalsciences.com
- 3. AGENDA ● Intro to honeypots ● HoneyPy ● HoneyPy Integrations ● What’s next? ● Q&A OWASP
- 5. Intro to honeypots A computer system setup to detect or lure attacks. Honeypot types: ● Production (detect) ● Research (lure) Honeypot interaction types: ● Low - emulated services, limited to no emulated login capability (low risk). ● Medium - emulated services, emulated login, emulated commands. ● High - Actual services, system logins, and commands (very risky). OWASP
- 6. Intro to honeypots A production honeypot has no legitimate business purpose and should never see any traffic, unless… ● Something is misconfigured on the network ● Someone is malicious on the network Honeypot logs are low volume and high value OWASP
- 8. HoneyPy Low to medium interaction honeypot Plugin based to implement various network protocols Written in Python OWASP
- 9. HoneyPy Why create HoneyPy? ● Wanted a simple honeypot that can be easily extended ● Wanted a project to do more Python OWASP
- 10. HoneyPy The Code: http://github.com/foospidy/HoneyPy The Demo: OWASP
- 11. HoneyPy Integrations Log files are cool, but we can do better! OWASP
- 12. @HoneyPyLog Twitter feed of honeypot activity. https://twitter.com/HoneyPyLog OWASP
- 13. HoneyDB Web site for viewing honeypot data. Activity charts, session details, and ThreatBin. https://riskdiscovery.com/honeydb OWASP
- 15. What’s Next? ● More plugins ● Enhance plugins ● More Integrations ● Docker image ● Extend HoneyDB API to accept honeypot data from anyone running a HoneyPy sensor - increased threat info! Or... you come up with what’s next! Pull requests are welcome, please contribute :-) OWASP
- 17. References Good books: Honeynet Project ● https://www.honeynet.org Example honeypot at work ● https://isc.sans.edu/forums/diary/Call+for+some+logs+andor+packets+for+requests+to+a2billingcustomertemplatesdefaultheadertpl/20861/ OWASP