SlideShare a Scribd company logo

Opsec for security researchers

V
vicenteDiaz_KL

Opsec for security researchers - VB 2014

Internet
1 of 39
Download to read offline
OPSEC FOR SECURITY RESEARCHERS Vicente Díaz Principal Security Analyst
WHAT IS THIS TALK ABOUT “Operational security identifies critical information to determine if friendly actions can be observed by adversary intelligence systems” • How does this apply to our industry? • No counter-intel. • Not only identify – apply best practices for good opsec.
YOU ALL HAVE HEARD OF OPSEC FAILURES We won´t talk about them again. Golden rule: Silence as a defensive discipline aka STFU. Warning: discipline level 80 needed
THE RULE IS PRETTY SIMPLE But we fail miserably. It´s in human nature to IMPRESS. Golden rule2: OPSEC does not work retrospectively.
I HAVE NO ENEMIES! Let´s put some context: _We work on cool stuff _We stumble upon “strange” things _The environment is sometimes poorly regulated _Hypocrisy vs red lines _Sense of invulnerability: we are the good guys, right? Not here to define the ethics of the industry!
BUT Could our work be interesting for someone else? Might it be perceived as dangerous for other´s interests? Are all our actions, as researchers, impeccable? We might be the weakest link, in terms of OPSEC, when collaborating with LE.
UNDER SCRUTINY We might be in a group of interest Objective: not become an individual of interest! Silence, but not complete. Avoid the escalation of surveillance: that means Game Over.
ADVERSARIES Broadly speaking: _Common cybercriminals _Non-common cybercriminals _Agencies _The future (or massive surveillance) Important: choose the OPSEC level you can adopt Otherwise – worse than not applying OPSEC at all.
Meet our adversaries MEET OUR ADVERSARIES
COMMON CYBERCRIMINALS
COMMON CYBERCRIMINALS
NON-COMMON CYBERCRIMINALS Let´s say, cybercrime is non their primary purpose. Organized, dangerous, have resources. Not directly the result of a direct investigation, stumble upon them. So what if our OPSEC was not good?
AGENCIES They have all the resources. Non technical approach, that we tend to forget exists. Usual approach: Recruitment.
MASSIVE SURVEILLANCE – AGENCIES? NOT ONLY Trail of data and metadata – insane levels. What today looks secure, it might not be in the future. Companies getting huge amounts of data too. When leaks happen – fest.
MASSIVE SURVEILLANCE – AGENCIES? NOT ONLY Trail of data and metadata – insane levels. What today looks secure, it might not be in the future. Companies getting huge amounts of data too. When leaks happen – fest.
MASSIVE SURVEILLANCE – AGENCIES? NOT ONLY Trail of data and metadata – insane levels. What today looks secure, it might not be in the future. Companies getting huge amounts of data too. When leaks happen – fest. Important: avoid being an anomaly!
IMPLEMENTATION Remember: be meticulous!
IMPLEMENTATION PROCESS - APPROACH Situational awareness Understand your position Threat actors (reduced) Threat environment Identify valuable data Unintentional metadata Analyze threats and vulnerabilities Asses risks Decide OPSEC measures to implement
IMPLEMENTATION PROCESS - APPROACH Situational awareness Understand your position Threat actors (reduced) Threat environment Identify valuable data Unintentional metadata “There are a variety of different risk perspectives you can use to design a threat model: adversary-centric, asset-centric, or software-centric. … The reason that a small, agile startup can devise elegant OPSEC measures, is the same reason that compartmentalizing your OPSEC procedures in an operation-centric point-of-view is effective.” Analyze threats and vulnerabilities Asses risks Decide OPSEC measures to implement
HOW TO IMPLEMENT IN A GROUP As security, strongest as weakest link, somehow. Externally: who to trust, how to communicate with them command chain, protocols for events à Opsec officer ? Internally: ProTip: be careful with your language even internally. compartmentation training and shaming tag sensitiveness of information
HOW TO IMPLEMENT IN A GROUP As security, strongest as weakest link, somehow. Externally: who to trust, how to communicate with them command chain, protocols for events à Opsec officer ? Internally: ProTip: be careful with your language even internally. compartmentation training and shaming tag sensitiveness of information
IDENTITIES Usual Opsec recommendation. Necessary sometimes, but extremely difficult to do right. An error means an advantage for the adversaries. Advice: avoid if possible. But if you cannot, Golden rule: avoid cross-contamination
TOOLS – QUICK REVIEW
MINIMUM TOOLSET NEEDED Encryption Mail IM Phone Internet Minimum real world skillz
ENCRYPTION Inherent flaws – once broken all your past data is compromised. This possibility increases with time. Obviously the recommendation is to encrypt everything by default. Anti-coercion credible partition is nice too.
ENCRYPTION Inherent flaws – once broken all your past data is compromised. This possibility increases with time. Obviously the recommendation is to encrypt everything by default. Anti-coercion credible partition is nice too.
ENCRYPTION Inherent flaws – once broken all your past data is compromised. This possibility increases with time. Obviously the recommendation is to encrypt everything by default. Anti-coercion credible partition is nice too.
ENCRYPTION Inherent flaws – once broken all your past data is compromised. This possibility increases with time. Obviously the recommendation is to encrypt everything by default. Anti-coercion credible partition is nice too.
E-MAIL Try to avoid it: metadata and the ID-ten-T problem. Avoid external providers: ProtonMail, LavaMail, Gmail PGP. If you use PGP, get a key bigger than 2048. IM with OTP is a much better option.
IM Adium and Pidgin: crypto seems to be ok. Some issues such as storing logs. Cryptocat: young, minor issues like people joining your chat if they know the name. Metadata, correlation and non-tech attacks still there!
IM Adium and Pidgin: crypto seems to be ok. Some issues such as storing logs. Cryptocat: young, minor issues like people joining your chat if they know the name. Metadata, correlation and non-tech attacks still there!
TOR Correlation everywhere. Output nodes à For critical operations we are providing our logs for free! Still, might be enough for avoiding most of the adversaries.
TOR Correlation everywhere. Output nodes à For critical operations we are providing our logs for free! Still, might be enough for avoiding most of the adversaries.
PHONE Look, better not to use it – but it´s a lost war. Burner phones, change often, don´t have anything important there. Be coherent with what you have in your computer and in your phone.
PHONE Look, better not to use it – but it´s a lost war. Burner phones, change often, don´t have anything important there. Be coherent with what you have in your computer and in your phone.
REAL WORLD Don´t try to impress people – don´t be impressed when approached by an stranger. What if we are required by LE? Have a travel laptop, travel phone, and lots of pennies in your pocket.
IN SUMMARY
CONCLUSIONS Opsec is hard – good news, no spy level is required. Let´s start educating ourselves and applying it by default. Over tools – meticulousness. Good Opsec is the one we can apply.
QUESTIONS? Vicente Díaz Principal Security Analyst vicente.diaz@kaspersky.com @trompi

Recommended

Click and Dragger: Denial and Deception on Android mobile
Click and Dragger: Denial and Deception on Android mobileClick and Dragger: Denial and Deception on Android mobile
Click and Dragger: Denial and Deception on Android mobilegrugq
 
Analogic Opsec 101
Analogic Opsec 101Analogic Opsec 101
Analogic Opsec 101vicenteDiaz_KL
 
An Underground education
An Underground educationAn Underground education
An Underground educationgrugq
 
An Underground education
An Underground educationAn Underground education
An Underground educationgrugq
 
Cloud Proxy Technology – Hacker Halted 2019 – Jeff Silver
Cloud Proxy Technology – Hacker Halted 2019 – Jeff SilverCloud Proxy Technology – Hacker Halted 2019 – Jeff Silver
Cloud Proxy Technology – Hacker Halted 2019 – Jeff SilverEC-Council
 
The Inmates Are Running the Asylum: Why Some Multi-Factor Authentication Tech...
The Inmates Are Running the Asylum: Why Some Multi-Factor Authentication Tech...The Inmates Are Running the Asylum: Why Some Multi-Factor Authentication Tech...
The Inmates Are Running the Asylum: Why Some Multi-Factor Authentication Tech...Clare Nelson, CISSP, CIPP-E
 
Three Considerations To Amplify Your Detection and Response Program
Three Considerations To Amplify Your Detection and Response ProgramThree Considerations To Amplify Your Detection and Response Program
Three Considerations To Amplify Your Detection and Response ProgramMorphick
 
Crowd-Sourced Threat Intelligence
Crowd-Sourced Threat IntelligenceCrowd-Sourced Threat Intelligence
Crowd-Sourced Threat IntelligenceAlienVault
 

Recommended

Click and Dragger: Denial and Deception on Android mobile
Click and Dragger: Denial and Deception on Android mobileClick and Dragger: Denial and Deception on Android mobile
Click and Dragger: Denial and Deception on Android mobilegrugq
 
Analogic Opsec 101
Analogic Opsec 101Analogic Opsec 101
Analogic Opsec 101vicenteDiaz_KL
 
An Underground education
An Underground educationAn Underground education
An Underground educationgrugq
 
An Underground education
An Underground educationAn Underground education
An Underground educationgrugq
 
Cloud Proxy Technology – Hacker Halted 2019 – Jeff Silver
Cloud Proxy Technology – Hacker Halted 2019 – Jeff SilverCloud Proxy Technology – Hacker Halted 2019 – Jeff Silver
Cloud Proxy Technology – Hacker Halted 2019 – Jeff SilverEC-Council
 
The Inmates Are Running the Asylum: Why Some Multi-Factor Authentication Tech...
The Inmates Are Running the Asylum: Why Some Multi-Factor Authentication Tech...The Inmates Are Running the Asylum: Why Some Multi-Factor Authentication Tech...
The Inmates Are Running the Asylum: Why Some Multi-Factor Authentication Tech...Clare Nelson, CISSP, CIPP-E
 
Three Considerations To Amplify Your Detection and Response Program
Three Considerations To Amplify Your Detection and Response ProgramThree Considerations To Amplify Your Detection and Response Program
Three Considerations To Amplify Your Detection and Response ProgramMorphick
 
Crowd-Sourced Threat Intelligence
Crowd-Sourced Threat IntelligenceCrowd-Sourced Threat Intelligence
Crowd-Sourced Threat IntelligenceAlienVault
 
SACON - Deception Technology (Sahir Hidayatullah)
SACON - Deception Technology (Sahir Hidayatullah)SACON - Deception Technology (Sahir Hidayatullah)
SACON - Deception Technology (Sahir Hidayatullah)Priyanka Aash
 
Weaponizing OSINT – Hacker Halted 2019 – Michael James
Weaponizing OSINT – Hacker Halted 2019 – Michael James Weaponizing OSINT – Hacker Halted 2019 – Michael James
Weaponizing OSINT – Hacker Halted 2019 – Michael James EC-Council
 
The Cyber Threat Intelligence Matrix: Taking the attacker eviction red pill
The Cyber Threat Intelligence Matrix: Taking the attacker eviction red pillThe Cyber Threat Intelligence Matrix: Taking the attacker eviction red pill
The Cyber Threat Intelligence Matrix: Taking the attacker eviction red pillFrode Hommedal
 
Hacking Diversity – Hacker Halted . 2019 – Marcelle Lee
Hacking Diversity – Hacker Halted . 2019 – Marcelle LeeHacking Diversity – Hacker Halted . 2019 – Marcelle Lee
Hacking Diversity – Hacker Halted . 2019 – Marcelle LeeEC-Council
 
Jason Samide - State of Security & 2016 Predictions
Jason Samide - State of Security & 2016 PredictionsJason Samide - State of Security & 2016 Predictions
Jason Samide - State of Security & 2016 Predictionscentralohioissa
 
The Internet is on fire – don't just stand there, grab a bucket!
The Internet is on fire – don't just stand there, grab a bucket!The Internet is on fire – don't just stand there, grab a bucket!
The Internet is on fire – don't just stand there, grab a bucket!Frode Hommedal
 
Taking the Attacker Eviction Red Pill (v2.0)
Taking the Attacker Eviction Red Pill (v2.0)Taking the Attacker Eviction Red Pill (v2.0)
Taking the Attacker Eviction Red Pill (v2.0)Frode Hommedal
 
MITRE ATT&CKcon 2018: From Red VS Blue to Red ♥ Blue, Olaf Hartong and Vincen...
MITRE ATT&CKcon 2018: From Red VS Blue to Red ♥ Blue, Olaf Hartong and Vincen...MITRE ATT&CKcon 2018: From Red VS Blue to Red ♥ Blue, Olaf Hartong and Vincen...
MITRE ATT&CKcon 2018: From Red VS Blue to Red ♥ Blue, Olaf Hartong and Vincen...MITRE - ATT&CKcon
 
Pen-testing is Dead?
Pen-testing is Dead?Pen-testing is Dead?
Pen-testing is Dead?Ammar WK
 
La Quadrature Du Cercle - The APTs That Weren't
La Quadrature Du Cercle - The APTs That Weren'tLa Quadrature Du Cercle - The APTs That Weren't
La Quadrature Du Cercle - The APTs That Weren'tpinkflawd
 
A Journey Into Pen-tester land: Myths or Facts!
A Journey Into Pen-tester land: Myths or Facts!A Journey Into Pen-tester land: Myths or Facts!
A Journey Into Pen-tester land: Myths or Facts!Ammar WK
 
Deception technology for advanced detection
Deception technology for advanced detectionDeception technology for advanced detection
Deception technology for advanced detectionJisc
 
Defender economics
Defender economicsDefender economics
Defender economicsaddelindh
 
Internet security lessons for IoT
Internet security lessons for IoTInternet security lessons for IoT
Internet security lessons for IoTDirk Zittersteyn
 
Vulnerability Assessment, Physical Security, and Nuclear Safeguards
Vulnerability Assessment, Physical Security, and Nuclear SafeguardsVulnerability Assessment, Physical Security, and Nuclear Safeguards
Vulnerability Assessment, Physical Security, and Nuclear SafeguardsRoger Johnston
 
#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm
#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm
#CyberAvengers - Artificial Intelligence in the Legal and Regulatory RealmShawn Tuma
 
2018 CISSP Mentor Program Session 1
2018 CISSP Mentor Program Session 12018 CISSP Mentor Program Session 1
2018 CISSP Mentor Program Session 1FRSecure
 
2019 FRecure CISSP Mentor Program: Session Two
2019 FRecure CISSP Mentor Program: Session Two2019 FRecure CISSP Mentor Program: Session Two
2019 FRecure CISSP Mentor Program: Session TwoFRSecure
 
Getting Started With Hacking Android & iOS Apps? Tools, Techniques and resources
Getting Started With Hacking Android & iOS Apps? Tools, Techniques and resourcesGetting Started With Hacking Android & iOS Apps? Tools, Techniques and resources
Getting Started With Hacking Android & iOS Apps? Tools, Techniques and resourcesOWASP Delhi
 
Securing the “Weakest Link”
Securing the “Weakest Link”Securing the “Weakest Link”
Securing the “Weakest Link”Priyanka Aash
 
OPSEC for hackers
OPSEC for hackersOPSEC for hackers
OPSEC for hackersgrugq
 
Cyber opsec protecting_yourself_online
Cyber opsec protecting_yourself_onlineCyber opsec protecting_yourself_online
Cyber opsec protecting_yourself_onlineFtlwood Families
 

More Related Content

What's hot

SACON - Deception Technology (Sahir Hidayatullah)
SACON - Deception Technology (Sahir Hidayatullah)SACON - Deception Technology (Sahir Hidayatullah)
SACON - Deception Technology (Sahir Hidayatullah)Priyanka Aash
 
Weaponizing OSINT – Hacker Halted 2019 – Michael James
Weaponizing OSINT – Hacker Halted 2019 – Michael James Weaponizing OSINT – Hacker Halted 2019 – Michael James
Weaponizing OSINT – Hacker Halted 2019 – Michael James EC-Council
 
The Cyber Threat Intelligence Matrix: Taking the attacker eviction red pill
The Cyber Threat Intelligence Matrix: Taking the attacker eviction red pillThe Cyber Threat Intelligence Matrix: Taking the attacker eviction red pill
The Cyber Threat Intelligence Matrix: Taking the attacker eviction red pillFrode Hommedal
 
Hacking Diversity – Hacker Halted . 2019 – Marcelle Lee
Hacking Diversity – Hacker Halted . 2019 – Marcelle LeeHacking Diversity – Hacker Halted . 2019 – Marcelle Lee
Hacking Diversity – Hacker Halted . 2019 – Marcelle LeeEC-Council
 
Jason Samide - State of Security & 2016 Predictions
Jason Samide - State of Security & 2016 PredictionsJason Samide - State of Security & 2016 Predictions
Jason Samide - State of Security & 2016 Predictionscentralohioissa
 
The Internet is on fire – don't just stand there, grab a bucket!
The Internet is on fire – don't just stand there, grab a bucket!The Internet is on fire – don't just stand there, grab a bucket!
The Internet is on fire – don't just stand there, grab a bucket!Frode Hommedal
 
Taking the Attacker Eviction Red Pill (v2.0)
Taking the Attacker Eviction Red Pill (v2.0)Taking the Attacker Eviction Red Pill (v2.0)
Taking the Attacker Eviction Red Pill (v2.0)Frode Hommedal
 
MITRE ATT&CKcon 2018: From Red VS Blue to Red ♥ Blue, Olaf Hartong and Vincen...
MITRE ATT&CKcon 2018: From Red VS Blue to Red ♥ Blue, Olaf Hartong and Vincen...MITRE ATT&CKcon 2018: From Red VS Blue to Red ♥ Blue, Olaf Hartong and Vincen...
MITRE ATT&CKcon 2018: From Red VS Blue to Red ♥ Blue, Olaf Hartong and Vincen...MITRE - ATT&CKcon
 
Pen-testing is Dead?
Pen-testing is Dead?Pen-testing is Dead?
Pen-testing is Dead?Ammar WK
 
La Quadrature Du Cercle - The APTs That Weren't
La Quadrature Du Cercle - The APTs That Weren'tLa Quadrature Du Cercle - The APTs That Weren't
La Quadrature Du Cercle - The APTs That Weren'tpinkflawd
 
A Journey Into Pen-tester land: Myths or Facts!
A Journey Into Pen-tester land: Myths or Facts!A Journey Into Pen-tester land: Myths or Facts!
A Journey Into Pen-tester land: Myths or Facts!Ammar WK
 
Deception technology for advanced detection
Deception technology for advanced detectionDeception technology for advanced detection
Deception technology for advanced detectionJisc
 
Defender economics
Defender economicsDefender economics
Defender economicsaddelindh
 
Internet security lessons for IoT
Internet security lessons for IoTInternet security lessons for IoT
Internet security lessons for IoTDirk Zittersteyn
 
Vulnerability Assessment, Physical Security, and Nuclear Safeguards
Vulnerability Assessment, Physical Security, and Nuclear SafeguardsVulnerability Assessment, Physical Security, and Nuclear Safeguards
Vulnerability Assessment, Physical Security, and Nuclear SafeguardsRoger Johnston
 
#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm
#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm
#CyberAvengers - Artificial Intelligence in the Legal and Regulatory RealmShawn Tuma
 
2018 CISSP Mentor Program Session 1
2018 CISSP Mentor Program Session 12018 CISSP Mentor Program Session 1
2018 CISSP Mentor Program Session 1FRSecure
 
2019 FRecure CISSP Mentor Program: Session Two
2019 FRecure CISSP Mentor Program: Session Two2019 FRecure CISSP Mentor Program: Session Two
2019 FRecure CISSP Mentor Program: Session TwoFRSecure
 
Getting Started With Hacking Android & iOS Apps? Tools, Techniques and resources
Getting Started With Hacking Android & iOS Apps? Tools, Techniques and resourcesGetting Started With Hacking Android & iOS Apps? Tools, Techniques and resources
Getting Started With Hacking Android & iOS Apps? Tools, Techniques and resourcesOWASP Delhi
 
Securing the “Weakest Link”
Securing the “Weakest Link”Securing the “Weakest Link”
Securing the “Weakest Link”Priyanka Aash
 

What's hot (20)

SACON - Deception Technology (Sahir Hidayatullah)
SACON - Deception Technology (Sahir Hidayatullah)SACON - Deception Technology (Sahir Hidayatullah)
SACON - Deception Technology (Sahir Hidayatullah)
 
Weaponizing OSINT – Hacker Halted 2019 – Michael James
Weaponizing OSINT – Hacker Halted 2019 – Michael James Weaponizing OSINT – Hacker Halted 2019 – Michael James
Weaponizing OSINT – Hacker Halted 2019 – Michael James
 
The Cyber Threat Intelligence Matrix: Taking the attacker eviction red pill
The Cyber Threat Intelligence Matrix: Taking the attacker eviction red pillThe Cyber Threat Intelligence Matrix: Taking the attacker eviction red pill
The Cyber Threat Intelligence Matrix: Taking the attacker eviction red pill
 
Hacking Diversity – Hacker Halted . 2019 – Marcelle Lee
Hacking Diversity – Hacker Halted . 2019 – Marcelle LeeHacking Diversity – Hacker Halted . 2019 – Marcelle Lee
Hacking Diversity – Hacker Halted . 2019 – Marcelle Lee
 
Jason Samide - State of Security & 2016 Predictions
Jason Samide - State of Security & 2016 PredictionsJason Samide - State of Security & 2016 Predictions
Jason Samide - State of Security & 2016 Predictions
 
The Internet is on fire – don't just stand there, grab a bucket!
The Internet is on fire – don't just stand there, grab a bucket!The Internet is on fire – don't just stand there, grab a bucket!
The Internet is on fire – don't just stand there, grab a bucket!
 
Taking the Attacker Eviction Red Pill (v2.0)
Taking the Attacker Eviction Red Pill (v2.0)Taking the Attacker Eviction Red Pill (v2.0)
Taking the Attacker Eviction Red Pill (v2.0)
 
MITRE ATT&CKcon 2018: From Red VS Blue to Red ♥ Blue, Olaf Hartong and Vincen...
MITRE ATT&CKcon 2018: From Red VS Blue to Red ♥ Blue, Olaf Hartong and Vincen...MITRE ATT&CKcon 2018: From Red VS Blue to Red ♥ Blue, Olaf Hartong and Vincen...
MITRE ATT&CKcon 2018: From Red VS Blue to Red ♥ Blue, Olaf Hartong and Vincen...
 
Pen-testing is Dead?
Pen-testing is Dead?Pen-testing is Dead?
Pen-testing is Dead?
 
La Quadrature Du Cercle - The APTs That Weren't
La Quadrature Du Cercle - The APTs That Weren'tLa Quadrature Du Cercle - The APTs That Weren't
La Quadrature Du Cercle - The APTs That Weren't
 
A Journey Into Pen-tester land: Myths or Facts!
A Journey Into Pen-tester land: Myths or Facts!A Journey Into Pen-tester land: Myths or Facts!
A Journey Into Pen-tester land: Myths or Facts!
 
Deception technology for advanced detection
Deception technology for advanced detectionDeception technology for advanced detection
Deception technology for advanced detection
 
Defender economics
Defender economicsDefender economics
Defender economics
 
Internet security lessons for IoT
Internet security lessons for IoTInternet security lessons for IoT
Internet security lessons for IoT
 
Vulnerability Assessment, Physical Security, and Nuclear Safeguards
Vulnerability Assessment, Physical Security, and Nuclear SafeguardsVulnerability Assessment, Physical Security, and Nuclear Safeguards
Vulnerability Assessment, Physical Security, and Nuclear Safeguards
 
#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm
#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm
#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm
 
2018 CISSP Mentor Program Session 1
2018 CISSP Mentor Program Session 12018 CISSP Mentor Program Session 1
2018 CISSP Mentor Program Session 1
 
2019 FRecure CISSP Mentor Program: Session Two
2019 FRecure CISSP Mentor Program: Session Two2019 FRecure CISSP Mentor Program: Session Two
2019 FRecure CISSP Mentor Program: Session Two
 
Getting Started With Hacking Android & iOS Apps? Tools, Techniques and resources
Getting Started With Hacking Android & iOS Apps? Tools, Techniques and resourcesGetting Started With Hacking Android & iOS Apps? Tools, Techniques and resources
Getting Started With Hacking Android & iOS Apps? Tools, Techniques and resources
 
Securing the “Weakest Link”
Securing the “Weakest Link”Securing the “Weakest Link”
Securing the “Weakest Link”
 

Viewers also liked

OPSEC for hackers
OPSEC for hackersOPSEC for hackers
OPSEC for hackersgrugq
 
Cyber opsec protecting_yourself_online
Cyber opsec protecting_yourself_onlineCyber opsec protecting_yourself_online
Cyber opsec protecting_yourself_onlineFtlwood Families
 
Smr week 23 opsec and safe social networking
Smr week 23 opsec and safe social networkingSmr week 23 opsec and safe social networking
Smr week 23 opsec and safe social networkingFort Rucker FRSA
 
OPSEC for OMBUDSMEN
OPSEC for OMBUDSMENOPSEC for OMBUDSMEN
OPSEC for OMBUDSMENNaval OPSEC
 
OPSEC / PERSEC
OPSEC / PERSECOPSEC / PERSEC
OPSEC / PERSECRmd Frg
 
PuppetConf 2016: Nice and Secure: Good OpSec Hygiene With Puppet! – Peter Sou...
PuppetConf 2016: Nice and Secure: Good OpSec Hygiene With Puppet! – Peter Sou...PuppetConf 2016: Nice and Secure: Good OpSec Hygiene With Puppet! – Peter Sou...
PuppetConf 2016: Nice and Secure: Good OpSec Hygiene With Puppet! – Peter Sou...Puppet
 
Employee Security Training[1]@
Employee Security Training[1]@Employee Security Training[1]@
Employee Security Training[1]@R_Yanus
 
Preventing and Detecting Fraud in the Workplace
Preventing and Detecting Fraud in the WorkplacePreventing and Detecting Fraud in the Workplace
Preventing and Detecting Fraud in the WorkplaceDecosimoCPAs
 
4 Operations Security
4 Operations Security4 Operations Security
4 Operations SecurityAlfred Ouyang
 

Viewers also liked (14)

OPSEC for hackers
OPSEC for hackersOPSEC for hackers
OPSEC for hackers
 
Cyber opsec protecting_yourself_online
Cyber opsec protecting_yourself_onlineCyber opsec protecting_yourself_online
Cyber opsec protecting_yourself_online
 
OPSEC for Kids
OPSEC for KidsOPSEC for Kids
OPSEC for Kids
 
Smr week 23 opsec and safe social networking
Smr week 23 opsec and safe social networkingSmr week 23 opsec and safe social networking
Smr week 23 opsec and safe social networking
 
Conley Group Opsec Presentation
Conley Group Opsec PresentationConley Group Opsec Presentation
Conley Group Opsec Presentation
 
OPSEC for OMBUDSMEN
OPSEC for OMBUDSMENOPSEC for OMBUDSMEN
OPSEC for OMBUDSMEN
 
OPSEC Case Study - Bush In Iraq
OPSEC Case Study - Bush In IraqOPSEC Case Study - Bush In Iraq
OPSEC Case Study - Bush In Iraq
 
OPSEC / PERSEC
OPSEC / PERSECOPSEC / PERSEC
OPSEC / PERSEC
 
OPSEC for Families
OPSEC for FamiliesOPSEC for Families
OPSEC for Families
 
PuppetConf 2016: Nice and Secure: Good OpSec Hygiene With Puppet! – Peter Sou...
PuppetConf 2016: Nice and Secure: Good OpSec Hygiene With Puppet! – Peter Sou...PuppetConf 2016: Nice and Secure: Good OpSec Hygiene With Puppet! – Peter Sou...
PuppetConf 2016: Nice and Secure: Good OpSec Hygiene With Puppet! – Peter Sou...
 
Invasive species commanders_guide
Invasive species commanders_guideInvasive species commanders_guide
Invasive species commanders_guide
 
Employee Security Training[1]@
Employee Security Training[1]@Employee Security Training[1]@
Employee Security Training[1]@
 
Preventing and Detecting Fraud in the Workplace
Preventing and Detecting Fraud in the WorkplacePreventing and Detecting Fraud in the Workplace
Preventing and Detecting Fraud in the Workplace
 
4 Operations Security
4 Operations Security4 Operations Security
4 Operations Security
 

Similar to Opsec for security researchers

Data Privacy for Activists
Data Privacy for ActivistsData Privacy for Activists
Data Privacy for ActivistsGreg Stromire
 
Why isn't infosec working? Did you turn it off and back on again?
Why isn't infosec working? Did you turn it off and back on again?Why isn't infosec working? Did you turn it off and back on again?
Why isn't infosec working? Did you turn it off and back on again?Rob Fuller
 
NTXISSACSC3 - 7 Security Mindsets to Adopt Today by Ted Gruenloh
NTXISSACSC3 - 7 Security Mindsets to Adopt Today by Ted GruenlohNTXISSACSC3 - 7 Security Mindsets to Adopt Today by Ted Gruenloh
NTXISSACSC3 - 7 Security Mindsets to Adopt Today by Ted GruenlohNorth Texas Chapter of the ISSA
 
[cb22] Keynote: Underwhelmed: Making Sense of the Overwhelming Challenge of C...
[cb22] Keynote: Underwhelmed: Making Sense of the Overwhelming Challenge of C...[cb22] Keynote: Underwhelmed: Making Sense of the Overwhelming Challenge of C...
[cb22] Keynote: Underwhelmed: Making Sense of the Overwhelming Challenge of C...CODE BLUE
 
10 Tips to Strengthen Your Insider Threat Program
10 Tips to Strengthen Your Insider Threat Program 10 Tips to Strengthen Your Insider Threat Program
10 Tips to Strengthen Your Insider Threat Program Dtex Systems
 
Human is an amateur; the monkey is an expert. How to stop trying to secure yo...
Human is an amateur; the monkey is an expert. How to stop trying to secure yo...Human is an amateur; the monkey is an expert. How to stop trying to secure yo...
Human is an amateur; the monkey is an expert. How to stop trying to secure yo...Vlad Styran
 
Intro to INFOSEC
Intro to INFOSECIntro to INFOSEC
Intro to INFOSECSean Whalen
 
State of Cyber: Views from an Industry Insider
State of Cyber: Views from an Industry InsiderState of Cyber: Views from an Industry Insider
State of Cyber: Views from an Industry InsiderBen Johnson
 
Stackfield Cloud Security 101
Stackfield Cloud Security 101Stackfield Cloud Security 101
Stackfield Cloud Security 101Stackfield
 
Cybersecurity in 2016
Cybersecurity in 2016Cybersecurity in 2016
Cybersecurity in 2016Ben Finke
 
The Role of Threat Intelligence and Layered Securiy for Intrusion Prevention ...
The Role of Threat Intelligence and Layered Securiy for Intrusion Prevention ...The Role of Threat Intelligence and Layered Securiy for Intrusion Prevention ...
The Role of Threat Intelligence and Layered Securiy for Intrusion Prevention ...JoAnna Cheshire
 
Building a Security culture at Skyscanner 2016
Building a Security culture at Skyscanner 2016Building a Security culture at Skyscanner 2016
Building a Security culture at Skyscanner 2016Stu Hirst
 
Security Opportunities A Silicon Valley VC Perspective
Security Opportunities A Silicon Valley VC PerspectiveSecurity Opportunities A Silicon Valley VC Perspective
Security Opportunities A Silicon Valley VC PerspectivePositive Hack Days
 
You Give Us The Fire We'll Give'em Hell!
You Give Us The Fire We'll Give'em Hell!You Give Us The Fire We'll Give'em Hell!
You Give Us The Fire We'll Give'em Hell!wmetcalf
 
How Data Loss Prevention End-Point Agents Use HPE IDOL’s Comprehensive Data C...
How Data Loss Prevention End-Point Agents Use HPE IDOL’s Comprehensive Data C...How Data Loss Prevention End-Point Agents Use HPE IDOL’s Comprehensive Data C...
How Data Loss Prevention End-Point Agents Use HPE IDOL’s Comprehensive Data C...Dana Gardner
 
Simulating Real World Attack
Simulating Real World AttackSimulating Real World Attack
Simulating Real World Attacktmacuk
 
Purple Teaming - The Collaborative Future of Penetration Testing
Purple Teaming - The Collaborative Future of Penetration TestingPurple Teaming - The Collaborative Future of Penetration Testing
Purple Teaming - The Collaborative Future of Penetration TestingFRSecure
 
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...Rishi Singh
 

Similar to Opsec for security researchers (20)

Data Privacy for Activists
Data Privacy for ActivistsData Privacy for Activists
Data Privacy for Activists
 
Why isn't infosec working? Did you turn it off and back on again?
Why isn't infosec working? Did you turn it off and back on again?Why isn't infosec working? Did you turn it off and back on again?
Why isn't infosec working? Did you turn it off and back on again?
 
NTXISSACSC3 - 7 Security Mindsets to Adopt Today by Ted Gruenloh
NTXISSACSC3 - 7 Security Mindsets to Adopt Today by Ted GruenlohNTXISSACSC3 - 7 Security Mindsets to Adopt Today by Ted Gruenloh
NTXISSACSC3 - 7 Security Mindsets to Adopt Today by Ted Gruenloh
 
sanfranAIG3
sanfranAIG3sanfranAIG3
sanfranAIG3
 
[cb22] Keynote: Underwhelmed: Making Sense of the Overwhelming Challenge of C...
[cb22] Keynote: Underwhelmed: Making Sense of the Overwhelming Challenge of C...[cb22] Keynote: Underwhelmed: Making Sense of the Overwhelming Challenge of C...
[cb22] Keynote: Underwhelmed: Making Sense of the Overwhelming Challenge of C...
 
10 Tips to Strengthen Your Insider Threat Program
10 Tips to Strengthen Your Insider Threat Program 10 Tips to Strengthen Your Insider Threat Program
10 Tips to Strengthen Your Insider Threat Program
 
Human is an amateur; the monkey is an expert. How to stop trying to secure yo...
Human is an amateur; the monkey is an expert. How to stop trying to secure yo...Human is an amateur; the monkey is an expert. How to stop trying to secure yo...
Human is an amateur; the monkey is an expert. How to stop trying to secure yo...
 
Robust Software Solutions.pptx
Robust Software Solutions.pptxRobust Software Solutions.pptx
Robust Software Solutions.pptx
 
Intro to INFOSEC
Intro to INFOSECIntro to INFOSEC
Intro to INFOSEC
 
State of Cyber: Views from an Industry Insider
State of Cyber: Views from an Industry InsiderState of Cyber: Views from an Industry Insider
State of Cyber: Views from an Industry Insider
 
Stackfield Cloud Security 101
Stackfield Cloud Security 101Stackfield Cloud Security 101
Stackfield Cloud Security 101
 
Cybersecurity in 2016
Cybersecurity in 2016Cybersecurity in 2016
Cybersecurity in 2016
 
The Role of Threat Intelligence and Layered Securiy for Intrusion Prevention ...
The Role of Threat Intelligence and Layered Securiy for Intrusion Prevention ...The Role of Threat Intelligence and Layered Securiy for Intrusion Prevention ...
The Role of Threat Intelligence and Layered Securiy for Intrusion Prevention ...
 
Building a Security culture at Skyscanner 2016
Building a Security culture at Skyscanner 2016Building a Security culture at Skyscanner 2016
Building a Security culture at Skyscanner 2016
 
Security Opportunities A Silicon Valley VC Perspective
Security Opportunities A Silicon Valley VC PerspectiveSecurity Opportunities A Silicon Valley VC Perspective
Security Opportunities A Silicon Valley VC Perspective
 
You Give Us The Fire We'll Give'em Hell!
You Give Us The Fire We'll Give'em Hell!You Give Us The Fire We'll Give'em Hell!
You Give Us The Fire We'll Give'em Hell!
 
How Data Loss Prevention End-Point Agents Use HPE IDOL’s Comprehensive Data C...
How Data Loss Prevention End-Point Agents Use HPE IDOL’s Comprehensive Data C...How Data Loss Prevention End-Point Agents Use HPE IDOL’s Comprehensive Data C...
How Data Loss Prevention End-Point Agents Use HPE IDOL’s Comprehensive Data C...
 
Simulating Real World Attack
Simulating Real World AttackSimulating Real World Attack
Simulating Real World Attack
 
Purple Teaming - The Collaborative Future of Penetration Testing
Purple Teaming - The Collaborative Future of Penetration TestingPurple Teaming - The Collaborative Future of Penetration Testing
Purple Teaming - The Collaborative Future of Penetration Testing
 
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
 

Recently uploaded

Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012rehmti665
 
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...Sheetaleventcompany
 
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024APNIC
 
Russian Call Girls Thane Swara 8617697112 Independent Escort Service Thane
Russian Call Girls Thane Swara 8617697112 Independent Escort Service ThaneRussian Call Girls Thane Swara 8617697112 Independent Escort Service Thane
Russian Call Girls Thane Swara 8617697112 Independent Escort Service ThaneCall girls in Ahmedabad High profile
 
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With RoomVIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Roomishabajaj13
 
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...aditipandeya
 
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Dana Luther
 
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls KolkataVIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$kojalkojal131
 
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024APNIC
 
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts servicesonalikaur4
 
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxAWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxellan12
 
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779Delhi Call girls
 
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...SofiyaSharma5
 

Recently uploaded (20)

Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
 
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
 
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
 
Russian Call Girls Thane Swara 8617697112 Independent Escort Service Thane
Russian Call Girls Thane Swara 8617697112 Independent Escort Service ThaneRussian Call Girls Thane Swara 8617697112 Independent Escort Service Thane
Russian Call Girls Thane Swara 8617697112 Independent Escort Service Thane
 
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With RoomVIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
 
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
 
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
 
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
 
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls KolkataVIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
 
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024
 
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
 
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICECall Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
 
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxAWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
 
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
 
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
 
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 

Opsec for security researchers

  • 1. OPSEC FOR SECURITY RESEARCHERS Vicente Díaz Principal Security Analyst
  • 2. WHAT IS THIS TALK ABOUT “Operational security identifies critical information to determine if friendly actions can be observed by adversary intelligence systems” • How does this apply to our industry? • No counter-intel. • Not only identify – apply best practices for good opsec.
  • 3. YOU ALL HAVE HEARD OF OPSEC FAILURES We won´t talk about them again. Golden rule: Silence as a defensive discipline aka STFU. Warning: discipline level 80 needed
  • 4. THE RULE IS PRETTY SIMPLE But we fail miserably. It´s in human nature to IMPRESS. Golden rule2: OPSEC does not work retrospectively.
  • 5. I HAVE NO ENEMIES! Let´s put some context: _We work on cool stuff _We stumble upon “strange” things _The environment is sometimes poorly regulated _Hypocrisy vs red lines _Sense of invulnerability: we are the good guys, right? Not here to define the ethics of the industry!
  • 6. BUT Could our work be interesting for someone else? Might it be perceived as dangerous for other´s interests? Are all our actions, as researchers, impeccable? We might be the weakest link, in terms of OPSEC, when collaborating with LE.
  • 7. UNDER SCRUTINY We might be in a group of interest Objective: not become an individual of interest! Silence, but not complete. Avoid the escalation of surveillance: that means Game Over.
  • 8. ADVERSARIES Broadly speaking: _Common cybercriminals _Non-common cybercriminals _Agencies _The future (or massive surveillance) Important: choose the OPSEC level you can adopt Otherwise – worse than not applying OPSEC at all.
  • 9. Meet our adversaries MEET OUR ADVERSARIES
  • 12. NON-COMMON CYBERCRIMINALS Let´s say, cybercrime is non their primary purpose. Organized, dangerous, have resources. Not directly the result of a direct investigation, stumble upon them. So what if our OPSEC was not good?
  • 13. AGENCIES They have all the resources. Non technical approach, that we tend to forget exists. Usual approach: Recruitment.
  • 14. MASSIVE SURVEILLANCE – AGENCIES? NOT ONLY Trail of data and metadata – insane levels. What today looks secure, it might not be in the future. Companies getting huge amounts of data too. When leaks happen – fest.
  • 15. MASSIVE SURVEILLANCE – AGENCIES? NOT ONLY Trail of data and metadata – insane levels. What today looks secure, it might not be in the future. Companies getting huge amounts of data too. When leaks happen – fest.
  • 16. MASSIVE SURVEILLANCE – AGENCIES? NOT ONLY Trail of data and metadata – insane levels. What today looks secure, it might not be in the future. Companies getting huge amounts of data too. When leaks happen – fest. Important: avoid being an anomaly!
  • 18. IMPLEMENTATION PROCESS - APPROACH Situational awareness Understand your position Threat actors (reduced) Threat environment Identify valuable data Unintentional metadata Analyze threats and vulnerabilities Asses risks Decide OPSEC measures to implement
  • 19. IMPLEMENTATION PROCESS - APPROACH Situational awareness Understand your position Threat actors (reduced) Threat environment Identify valuable data Unintentional metadata “There are a variety of different risk perspectives you can use to design a threat model: adversary-centric, asset-centric, or software-centric. … The reason that a small, agile startup can devise elegant OPSEC measures, is the same reason that compartmentalizing your OPSEC procedures in an operation-centric point-of-view is effective.” Analyze threats and vulnerabilities Asses risks Decide OPSEC measures to implement
  • 20. HOW TO IMPLEMENT IN A GROUP As security, strongest as weakest link, somehow. Externally: who to trust, how to communicate with them command chain, protocols for events à Opsec officer ? Internally: ProTip: be careful with your language even internally. compartmentation training and shaming tag sensitiveness of information
  • 21. HOW TO IMPLEMENT IN A GROUP As security, strongest as weakest link, somehow. Externally: who to trust, how to communicate with them command chain, protocols for events à Opsec officer ? Internally: ProTip: be careful with your language even internally. compartmentation training and shaming tag sensitiveness of information
  • 22. IDENTITIES Usual Opsec recommendation. Necessary sometimes, but extremely difficult to do right. An error means an advantage for the adversaries. Advice: avoid if possible. But if you cannot, Golden rule: avoid cross-contamination
  • 23. TOOLS – QUICK REVIEW
  • 24. MINIMUM TOOLSET NEEDED Encryption Mail IM Phone Internet Minimum real world skillz
  • 25. ENCRYPTION Inherent flaws – once broken all your past data is compromised. This possibility increases with time. Obviously the recommendation is to encrypt everything by default. Anti-coercion credible partition is nice too.
  • 26. ENCRYPTION Inherent flaws – once broken all your past data is compromised. This possibility increases with time. Obviously the recommendation is to encrypt everything by default. Anti-coercion credible partition is nice too.
  • 27. ENCRYPTION Inherent flaws – once broken all your past data is compromised. This possibility increases with time. Obviously the recommendation is to encrypt everything by default. Anti-coercion credible partition is nice too.
  • 28. ENCRYPTION Inherent flaws – once broken all your past data is compromised. This possibility increases with time. Obviously the recommendation is to encrypt everything by default. Anti-coercion credible partition is nice too.
  • 29. E-MAIL Try to avoid it: metadata and the ID-ten-T problem. Avoid external providers: ProtonMail, LavaMail, Gmail PGP. If you use PGP, get a key bigger than 2048. IM with OTP is a much better option.
  • 30. IM Adium and Pidgin: crypto seems to be ok. Some issues such as storing logs. Cryptocat: young, minor issues like people joining your chat if they know the name. Metadata, correlation and non-tech attacks still there!
  • 31. IM Adium and Pidgin: crypto seems to be ok. Some issues such as storing logs. Cryptocat: young, minor issues like people joining your chat if they know the name. Metadata, correlation and non-tech attacks still there!
  • 32. TOR Correlation everywhere. Output nodes à For critical operations we are providing our logs for free! Still, might be enough for avoiding most of the adversaries.
  • 33. TOR Correlation everywhere. Output nodes à For critical operations we are providing our logs for free! Still, might be enough for avoiding most of the adversaries.
  • 34. PHONE Look, better not to use it – but it´s a lost war. Burner phones, change often, don´t have anything important there. Be coherent with what you have in your computer and in your phone.
  • 35. PHONE Look, better not to use it – but it´s a lost war. Burner phones, change often, don´t have anything important there. Be coherent with what you have in your computer and in your phone.
  • 36. REAL WORLD Don´t try to impress people – don´t be impressed when approached by an stranger. What if we are required by LE? Have a travel laptop, travel phone, and lots of pennies in your pocket.
  • 38. CONCLUSIONS Opsec is hard – good news, no spy level is required. Let´s start educating ourselves and applying it by default. Over tools – meticulousness. Good Opsec is the one we can apply.
  • 39. QUESTIONS? Vicente Díaz Principal Security Analyst vicente.diaz@kaspersky.com @trompi