SlideShare uma empresa Scribd logo

It's Okay To Touch Yourself - DerbyCon 2013

B
Ben Ten (0xA)

It takes a company an average of 35 days to detect when they have been compromised. For some, it can take years. As fast as software changes and new vulnerabilities are discovered, waiting for an annual penetration test is just not enough. In this talk, I will show you how we perform self-audits on our own network on a continual basis. You will learn about the tools that we use so that you can audit your own network to determine if your technical and physical controls will detect a security incident. I will show you how our self-audits and 'fire drills' engage our IT team, allowing us to learn both how to detect when an incident is occurring and how to react. I will also share some mistakes I've made and give you tips on performing a self-assessment without disrupting your business. You will see how this has strengthened our awareness education and our overall security posture. If you've never performed a self-audit this talk will be a great introduction. It's okay to touch your...network.

Tecnologia
1 de 57
Baixar para ler offline
It's Okay To Touch Yourself! DerbyCon 2013 Ben Ten (@Ben0xA)
About Me ● 12+ years experience in Health Care Information Systems ● Vice President & Security Officer ● Developer (Builder) ● Security Consultant, Trainer It's Okay To Touch Yourself Ben0xA - DerbyCon 2013
About Me ● Federal Regulation Compliance Oversight (HIPAA, HITECH, PCI, Meaningful Use, Red Flag) ● Manager ● Gamer ● Love Science Fiction It's Okay To Touch Yourself Ben0xA - DerbyCon 2013
Overview It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 This talk is SFW!
Overview ● State of Breach Detection ● What is a Self Assessment ● Performing Fire Drills ● Pitfalls to Avoid ● Tools ● Acknowledgments ● Q&A It's Okay To Touch Yourself Ben0xA - DerbyCon 2013
DerbyConTest It's Okay To Touch Yourself Ben0xA - DerbyCon 2013
DerbyConTest It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 #10
DerbyConTest It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 #9
DerbyConTest It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 #8
DerbyConTest It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 #7
DerbyConTest It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 #6
DerbyConTest It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 #5
DerbyConTest It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 #4
DerbyConTest It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 #3
DerbyConTest It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 #2
DerbyConTest It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 #1
Why This Talk? Why Me? It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 A @dave_rel1k story...
Why This Talk? Why Me? It's Okay To Touch Yourself Ben0xA - DerbyCon 2013
State of Breach Detection It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 64% of businesses did not detect they had a breach until after 90 days! Source: 2013 Global Security Report ~ Trustwave https://www2.trustwave.com/2013GSR.html
State of Breach Detection It's Okay To Touch Yourself Ben0xA - DerbyCon 2013
State of Breach Detection It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 Approximately 70% of breaches were discovered by external parties who then notified the victim. Source: 2013 Data Breach Investigations Report ~ Verizon http://www.verizonenterprise.com/DBIR/2013/
State of Breach Detection It's Okay To Touch Yourself Ben0xA - DerbyCon 2013
State of Breach Detection It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 Source: 2013 Data Breach Investigations Report ~ Verizon http://www.verizonenterprise.com/DBIR/2013/
State of Breach Detection It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 But we have these tools!!!11!!!two ● SIEM ● DLP ● IDS/IPS ● Logs
State of Breach Detection It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 So, what's the problem?
State of Breach Detection It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 ● Poorly implemented tools ● Lack of implemented tools ● Or maybe it's a perception issue...
State of Breach Detection It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 Security by Obscurity
State of Breach Detection It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 Security by Vicinity
State of Breach Detection It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 Security by Divinity
Self Assessment It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 It's time to get intimate with your...network!
Self Assessment It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 At the very least, the critical parts of your network!
Self Assessment It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 PTES – An Intro ● Pre-engagement Interactions ● Intelligence Gathering ● Threat Modeling ● Vulnerability Analysis ● Exploitation ● Post Exploitation ● Reporting
Self Assessment It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 ● Pre-engagement Interactions ● Intelligence Gathering ● Threat Modeling ● Vulnerability Analysis ● Exploitation ● Post Exploitation ● Reporting PTES – An Intro
Self Assessment It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 http://www.pentest-standard.org/index.php/Vulnerability_Analysis
Self Assessment It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 http://www.pentest-standard.org/index.php/Vulnerability_Analysis
Self Assessment It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 http://www.pentest-standard.org/index.php/Vulnerability_Analysis
DISCLAIMER It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 ● I am not a professional penetration tester. But, I am staying at the Hyatt. ● Do not attempt anything on any network unless you have written permission! ● Do not do this on production first. Use a test environment!
DISCLAIMER It's Okay To Touch Yourself Ben0xA - DerbyCon 2013
DISCLAIMER It's Okay To Touch Yourself Ben0xA - DerbyCon 2013
Self Assessment It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 Getting Intimate Know your Ports!
Self Assessment It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 Getting Intimate Know your Logs!
Self Assessment It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 Getting Intimate Know your Software!
It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 https://www2.trustwave.com/cpn-hackers-playbook-2013-sm.html Self Assessment
Self Assessment It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 Tools ● NeXpose (Rapid7) ● Nessus (Tenable) ● BurpSuite ● Health Monitor ● nmap/zenmap ● ninite
Fire Drills It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 Why?
Fire Drills It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 ● Are your tools working? ● Does your team react appropriately? ● What is happening during that nmap, nexpose, nessus, scan? ● What's the Incident Response plan and is it working?
Pitfalls to Avoid It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 ● Verify Scope! ● Start Small / Focused ● Be wary of untested tools! ● Secure your results ● Don't DoS yourself
It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 “[T]he ultimate goal should be to develop an environment in which security events are discovered innately—by both responsible security professionals or others in the organization.” Source: 2013 Global Security Report ~ Trustwave https://www2.trustwave.com/2013GSR.html New Tool
It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 My Big Security Idea! New Tool
It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 New Tool Will Steele @pen_test
It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 New Tool
Conclusion It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 In Conclusion
Acknowledgments It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 ● @securitymoey ● @jwgoerlich ● @jaysonstreet ● @elizmmartin ● @rogueclown ● @dualcoremusic ● @derbycon Conclusion
PoshSec Developers It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 ● @mwjohnson ● @jwgoerlich ● @securitymoey ● @mortprime ● @rjcassara ● @PoshSec Conclusion
PoshSec Framework - Beta It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 http://github.com/poshsec/poshsecframework Conclusion View the ReadMe!
Contact Information It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 ● @Ben0xA ● Ben0xA on Freenode (IRC) ● derbycon@ben0xa.com ● http://ben0xa.com ● http://github.com/Ben0xA ● http://github.com/PoshSec Questions? Conclusion
Thank You! It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 Conclusion

Recomendados

A Journey Into Pen-tester land: Myths or Facts!
A Journey Into Pen-tester land: Myths or Facts!A Journey Into Pen-tester land: Myths or Facts!
A Journey Into Pen-tester land: Myths or Facts!
Ammar WK
 
Pen-testing is Dead?
Pen-testing is Dead?Pen-testing is Dead?
Pen-testing is Dead?
Ammar WK
 
BSides San Diego 2017 - Sophisticuffs: The rumble over adversary sophistication
BSides San Diego 2017 - Sophisticuffs: The rumble over adversary sophisticationBSides San Diego 2017 - Sophisticuffs: The rumble over adversary sophistication
BSides San Diego 2017 - Sophisticuffs: The rumble over adversary sophistication
Paül Jaramillo
 
Mobile analysis-kung-fu-santoku-style-viaforensics-rsa-conference-2014
Mobile analysis-kung-fu-santoku-style-viaforensics-rsa-conference-2014Mobile analysis-kung-fu-santoku-style-viaforensics-rsa-conference-2014
Mobile analysis-kung-fu-santoku-style-viaforensics-rsa-conference-2014
viaForensics
 
You Can't Stop The Breach Without Prevention And Detection
You Can't Stop The Breach Without Prevention And DetectionYou Can't Stop The Breach Without Prevention And Detection
You Can't Stop The Breach Without Prevention And Detection
CrowdStrike
 
Via forensics thotcon-2013-mobile-security-with-santoku-linux
Via forensics thotcon-2013-mobile-security-with-santoku-linuxVia forensics thotcon-2013-mobile-security-with-santoku-linux
Via forensics thotcon-2013-mobile-security-with-santoku-linux
viaForensics
 
CrowdCast Monthly: Operationalizing Intelligence
CrowdCast Monthly: Operationalizing IntelligenceCrowdCast Monthly: Operationalizing Intelligence
CrowdCast Monthly: Operationalizing Intelligence
CrowdStrike
 
Cyber Security Extortion: Defending Against Digital Shakedowns
Cyber Security Extortion: Defending Against Digital Shakedowns Cyber Security Extortion: Defending Against Digital Shakedowns
Cyber Security Extortion: Defending Against Digital Shakedowns
CrowdStrike
 

Recomendados

A Journey Into Pen-tester land: Myths or Facts!
A Journey Into Pen-tester land: Myths or Facts!A Journey Into Pen-tester land: Myths or Facts!
A Journey Into Pen-tester land: Myths or Facts!
Ammar WK
 
Pen-testing is Dead?
Pen-testing is Dead?Pen-testing is Dead?
Pen-testing is Dead?
Ammar WK
 
BSides San Diego 2017 - Sophisticuffs: The rumble over adversary sophistication
BSides San Diego 2017 - Sophisticuffs: The rumble over adversary sophisticationBSides San Diego 2017 - Sophisticuffs: The rumble over adversary sophistication
BSides San Diego 2017 - Sophisticuffs: The rumble over adversary sophistication
Paül Jaramillo
 
Mobile analysis-kung-fu-santoku-style-viaforensics-rsa-conference-2014
Mobile analysis-kung-fu-santoku-style-viaforensics-rsa-conference-2014Mobile analysis-kung-fu-santoku-style-viaforensics-rsa-conference-2014
Mobile analysis-kung-fu-santoku-style-viaforensics-rsa-conference-2014
viaForensics
 
You Can't Stop The Breach Without Prevention And Detection
You Can't Stop The Breach Without Prevention And DetectionYou Can't Stop The Breach Without Prevention And Detection
You Can't Stop The Breach Without Prevention And Detection
CrowdStrike
 
Via forensics thotcon-2013-mobile-security-with-santoku-linux
Via forensics thotcon-2013-mobile-security-with-santoku-linuxVia forensics thotcon-2013-mobile-security-with-santoku-linux
Via forensics thotcon-2013-mobile-security-with-santoku-linux
viaForensics
 
CrowdCast Monthly: Operationalizing Intelligence
CrowdCast Monthly: Operationalizing IntelligenceCrowdCast Monthly: Operationalizing Intelligence
CrowdCast Monthly: Operationalizing Intelligence
CrowdStrike
 
Cyber Security Extortion: Defending Against Digital Shakedowns
Cyber Security Extortion: Defending Against Digital Shakedowns Cyber Security Extortion: Defending Against Digital Shakedowns
Cyber Security Extortion: Defending Against Digital Shakedowns
CrowdStrike
 
Webinar: Insights from Cyren's 2016 cyberthreat report
Webinar: Insights from Cyren's 2016 cyberthreat reportWebinar: Insights from Cyren's 2016 cyberthreat report
Webinar: Insights from Cyren's 2016 cyberthreat report
Cyren, Inc
 
CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...
CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...
CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...
CrowdStrike
 
Cybersecurity 5 road_blocks
Cybersecurity 5 road_blocksCybersecurity 5 road_blocks
Cybersecurity 5 road_blocks
Cyphort
 
[CB19] Cyber Threat Landscape in Japan – Revealing Threat in the Shadow by C...
[CB19] Cyber Threat Landscape in Japan – Revealing Threat in the Shadow by C...[CB19] Cyber Threat Landscape in Japan – Revealing Threat in the Shadow by C...
[CB19] Cyber Threat Landscape in Japan – Revealing Threat in the Shadow by C...
CODE BLUE
 
Bug Bounty - Play For Money
Bug Bounty - Play For MoneyBug Bounty - Play For Money
Bug Bounty - Play For Money
Shubham Gupta
 
CrowdCasts Monthly: When Pandas Attack
CrowdCasts Monthly: When Pandas AttackCrowdCasts Monthly: When Pandas Attack
CrowdCasts Monthly: When Pandas Attack
CrowdStrike
 
CrowdCasts Monthly: Going Beyond the Indicator
CrowdCasts Monthly: Going Beyond the IndicatorCrowdCasts Monthly: Going Beyond the Indicator
CrowdCasts Monthly: Going Beyond the Indicator
CrowdStrike
 
Understanding Information Security Assessment Types
Understanding Information Security Assessment TypesUnderstanding Information Security Assessment Types
Understanding Information Security Assessment Types
HackerOne
 
[HITCON 2020 CTI Village] Threat Hunting and Campaign Tracking Workshop.pptx
[HITCON 2020 CTI Village] Threat Hunting and Campaign Tracking Workshop.pptx[HITCON 2020 CTI Village] Threat Hunting and Campaign Tracking Workshop.pptx
[HITCON 2020 CTI Village] Threat Hunting and Campaign Tracking Workshop.pptx
Chi En (Ashley) Shen
 
An Inside Look At The WannaCry Ransomware Outbreak
An Inside Look At The WannaCry Ransomware OutbreakAn Inside Look At The WannaCry Ransomware Outbreak
An Inside Look At The WannaCry Ransomware Outbreak
CrowdStrike
 
Cloud-Enabled: The Future of Endpoint Security
Cloud-Enabled: The Future of Endpoint SecurityCloud-Enabled: The Future of Endpoint Security
Cloud-Enabled: The Future of Endpoint Security
CrowdStrike
 
Battling Unknown Malware with Machine Learning
Battling Unknown Malware with Machine Learning Battling Unknown Malware with Machine Learning
Battling Unknown Malware with Machine Learning
CrowdStrike
 
From Theory to Practice: How My ATTACK Perspectives Have Changed
From Theory to Practice: How My ATTACK Perspectives Have ChangedFrom Theory to Practice: How My ATTACK Perspectives Have Changed
From Theory to Practice: How My ATTACK Perspectives Have Changed
MITRE - ATT&CKcon
 
Navigating the Security Landscape
Navigating the Security LandscapeNavigating the Security Landscape
Navigating the Security Landscape
Sucuri
 
Understanding Fileless (or Non-Malware) Attacks and How to Stop Them
Understanding Fileless (or Non-Malware) Attacks and How to Stop ThemUnderstanding Fileless (or Non-Malware) Attacks and How to Stop Them
Understanding Fileless (or Non-Malware) Attacks and How to Stop Them
CrowdStrike
 
Mobile Penetration Testing: Episode III - Attack of the Code
Mobile Penetration Testing: Episode III - Attack of the CodeMobile Penetration Testing: Episode III - Attack of the Code
Mobile Penetration Testing: Episode III - Attack of the Code
NowSecure
 
Modlishka - Is a Mantis Eating 2FA's Lunch?
Modlishka - Is a Mantis Eating 2FA's Lunch?Modlishka - Is a Mantis Eating 2FA's Lunch?
Modlishka - Is a Mantis Eating 2FA's Lunch?
Lance Peterman
 
Mobile Penetration Testing: Episode II - Attack of the Code
Mobile Penetration Testing: Episode II - Attack of the CodeMobile Penetration Testing: Episode II - Attack of the Code
Mobile Penetration Testing: Episode II - Attack of the Code
NowSecure
 
Leveraging Static Analysis to Secure Software
Leveraging Static Analysis to Secure SoftwareLeveraging Static Analysis to Secure Software
Leveraging Static Analysis to Secure Software
Parasoft
 
Wireless crime and forensic investigation g. kipper (auerbach, 2007) ww
Wireless crime and forensic investigation g. kipper (auerbach, 2007) wwWireless crime and forensic investigation g. kipper (auerbach, 2007) ww
Wireless crime and forensic investigation g. kipper (auerbach, 2007) ww
yesumanitvr
 
Dave Lewis | Zero Trust & The Flaming Sword of Justice | Codemotion Madrid 2018
Dave Lewis | Zero Trust & The Flaming Sword of Justice | Codemotion Madrid 2018 Dave Lewis | Zero Trust & The Flaming Sword of Justice | Codemotion Madrid 2018
Dave Lewis | Zero Trust & The Flaming Sword of Justice | Codemotion Madrid 2018
Codemotion
 
BSides LA/PDX
BSides LA/PDXBSides LA/PDX
BSides LA/PDX
leifdreizler
 

Mais conteúdo relacionado

Mais procurados

CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...
CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...
CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...
CrowdStrike
 
[CB19] Cyber Threat Landscape in Japan – Revealing Threat in the Shadow by C...
[CB19] Cyber Threat Landscape in Japan – Revealing Threat in the Shadow by C...[CB19] Cyber Threat Landscape in Japan – Revealing Threat in the Shadow by C...
[CB19] Cyber Threat Landscape in Japan – Revealing Threat in the Shadow by C...
CODE BLUE
 
Understanding Information Security Assessment Types
Understanding Information Security Assessment TypesUnderstanding Information Security Assessment Types
Understanding Information Security Assessment Types
HackerOne
 
An Inside Look At The WannaCry Ransomware Outbreak
An Inside Look At The WannaCry Ransomware OutbreakAn Inside Look At The WannaCry Ransomware Outbreak
An Inside Look At The WannaCry Ransomware Outbreak
CrowdStrike
 
Cloud-Enabled: The Future of Endpoint Security
Cloud-Enabled: The Future of Endpoint SecurityCloud-Enabled: The Future of Endpoint Security
Cloud-Enabled: The Future of Endpoint Security
CrowdStrike
 
Battling Unknown Malware with Machine Learning
Battling Unknown Malware with Machine Learning Battling Unknown Malware with Machine Learning
Battling Unknown Malware with Machine Learning
CrowdStrike
 
From Theory to Practice: How My ATTACK Perspectives Have Changed
From Theory to Practice: How My ATTACK Perspectives Have ChangedFrom Theory to Practice: How My ATTACK Perspectives Have Changed
From Theory to Practice: How My ATTACK Perspectives Have Changed
MITRE - ATT&CKcon
 
Understanding Fileless (or Non-Malware) Attacks and How to Stop Them
Understanding Fileless (or Non-Malware) Attacks and How to Stop ThemUnderstanding Fileless (or Non-Malware) Attacks and How to Stop Them
Understanding Fileless (or Non-Malware) Attacks and How to Stop Them
CrowdStrike
 
Modlishka - Is a Mantis Eating 2FA's Lunch?
Modlishka - Is a Mantis Eating 2FA's Lunch?Modlishka - Is a Mantis Eating 2FA's Lunch?
Modlishka - Is a Mantis Eating 2FA's Lunch?
Lance Peterman
 
Wireless crime and forensic investigation g. kipper (auerbach, 2007) ww
Wireless crime and forensic investigation g. kipper (auerbach, 2007) wwWireless crime and forensic investigation g. kipper (auerbach, 2007) ww
Wireless crime and forensic investigation g. kipper (auerbach, 2007) ww
yesumanitvr
 

Mais procurados (20)

Webinar: Insights from Cyren's 2016 cyberthreat report
Webinar: Insights from Cyren's 2016 cyberthreat reportWebinar: Insights from Cyren's 2016 cyberthreat report
Webinar: Insights from Cyren's 2016 cyberthreat report
 
CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...
CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...
CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...
 
Cybersecurity 5 road_blocks
Cybersecurity 5 road_blocksCybersecurity 5 road_blocks
Cybersecurity 5 road_blocks
 
[CB19] Cyber Threat Landscape in Japan – Revealing Threat in the Shadow by C...
[CB19] Cyber Threat Landscape in Japan – Revealing Threat in the Shadow by C...[CB19] Cyber Threat Landscape in Japan – Revealing Threat in the Shadow by C...
[CB19] Cyber Threat Landscape in Japan – Revealing Threat in the Shadow by C...
 
Bug Bounty - Play For Money
Bug Bounty - Play For MoneyBug Bounty - Play For Money
Bug Bounty - Play For Money
 
CrowdCasts Monthly: When Pandas Attack
CrowdCasts Monthly: When Pandas AttackCrowdCasts Monthly: When Pandas Attack
CrowdCasts Monthly: When Pandas Attack
 
CrowdCasts Monthly: Going Beyond the Indicator
CrowdCasts Monthly: Going Beyond the IndicatorCrowdCasts Monthly: Going Beyond the Indicator
CrowdCasts Monthly: Going Beyond the Indicator
 
Understanding Information Security Assessment Types
Understanding Information Security Assessment TypesUnderstanding Information Security Assessment Types
Understanding Information Security Assessment Types
 
[HITCON 2020 CTI Village] Threat Hunting and Campaign Tracking Workshop.pptx
[HITCON 2020 CTI Village] Threat Hunting and Campaign Tracking Workshop.pptx[HITCON 2020 CTI Village] Threat Hunting and Campaign Tracking Workshop.pptx
[HITCON 2020 CTI Village] Threat Hunting and Campaign Tracking Workshop.pptx
 
An Inside Look At The WannaCry Ransomware Outbreak
An Inside Look At The WannaCry Ransomware OutbreakAn Inside Look At The WannaCry Ransomware Outbreak
An Inside Look At The WannaCry Ransomware Outbreak
 
Cloud-Enabled: The Future of Endpoint Security
Cloud-Enabled: The Future of Endpoint SecurityCloud-Enabled: The Future of Endpoint Security
Cloud-Enabled: The Future of Endpoint Security
 
Battling Unknown Malware with Machine Learning
Battling Unknown Malware with Machine Learning Battling Unknown Malware with Machine Learning
Battling Unknown Malware with Machine Learning
 
From Theory to Practice: How My ATTACK Perspectives Have Changed
From Theory to Practice: How My ATTACK Perspectives Have ChangedFrom Theory to Practice: How My ATTACK Perspectives Have Changed
From Theory to Practice: How My ATTACK Perspectives Have Changed
 
Navigating the Security Landscape
Navigating the Security LandscapeNavigating the Security Landscape
Navigating the Security Landscape
 
Understanding Fileless (or Non-Malware) Attacks and How to Stop Them
Understanding Fileless (or Non-Malware) Attacks and How to Stop ThemUnderstanding Fileless (or Non-Malware) Attacks and How to Stop Them
Understanding Fileless (or Non-Malware) Attacks and How to Stop Them
 
Mobile Penetration Testing: Episode III - Attack of the Code
Mobile Penetration Testing: Episode III - Attack of the CodeMobile Penetration Testing: Episode III - Attack of the Code
Mobile Penetration Testing: Episode III - Attack of the Code
 
Modlishka - Is a Mantis Eating 2FA's Lunch?
Modlishka - Is a Mantis Eating 2FA's Lunch?Modlishka - Is a Mantis Eating 2FA's Lunch?
Modlishka - Is a Mantis Eating 2FA's Lunch?
 
Mobile Penetration Testing: Episode II - Attack of the Code
Mobile Penetration Testing: Episode II - Attack of the CodeMobile Penetration Testing: Episode II - Attack of the Code
Mobile Penetration Testing: Episode II - Attack of the Code
 
Leveraging Static Analysis to Secure Software
Leveraging Static Analysis to Secure SoftwareLeveraging Static Analysis to Secure Software
Leveraging Static Analysis to Secure Software
 
Wireless crime and forensic investigation g. kipper (auerbach, 2007) ww
Wireless crime and forensic investigation g. kipper (auerbach, 2007) wwWireless crime and forensic investigation g. kipper (auerbach, 2007) ww
Wireless crime and forensic investigation g. kipper (auerbach, 2007) ww
 

Semelhante a It's Okay To Touch Yourself - DerbyCon 2013

Dave Lewis | Zero Trust & The Flaming Sword of Justice | Codemotion Madrid 2018
Dave Lewis | Zero Trust & The Flaming Sword of Justice | Codemotion Madrid 2018 Dave Lewis | Zero Trust & The Flaming Sword of Justice | Codemotion Madrid 2018
Dave Lewis | Zero Trust & The Flaming Sword of Justice | Codemotion Madrid 2018
Codemotion
 
The Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
The Cloud 9 - Threat & Solutions 2016 by Bobby DominguezThe Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
The Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
EC-Council
 
Cutting out the middleman: Man-in-the-middle attacks and prevention for mobil...
Cutting out the middleman: Man-in-the-middle attacks and prevention for mobil...Cutting out the middleman: Man-in-the-middle attacks and prevention for mobil...
Cutting out the middleman: Man-in-the-middle attacks and prevention for mobil...
NowSecure
 
So... you want to be a security consultant
So... you want to be a security consultant So... you want to be a security consultant
So... you want to be a security consultant
abnmi
 
New Era of Software with modern Application Security (v0.6)
New Era of Software with modern Application Security (v0.6)New Era of Software with modern Application Security (v0.6)
New Era of Software with modern Application Security (v0.6)
Dinis Cruz
 
Combating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside OutCombating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside Out
Lancope, Inc.
 
Cyber security basics for law firms
Cyber security basics for law firmsCyber security basics for law firms
Cyber security basics for law firms
Robert Westmacott
 
Are you ready for the next attack? reviewing the sp security checklist (apnic...
Are you ready for the next attack? reviewing the sp security checklist (apnic...Are you ready for the next attack? reviewing the sp security checklist (apnic...
Are you ready for the next attack? reviewing the sp security checklist (apnic...
Barry Greene
 
Os Nightingale
Os NightingaleOs Nightingale
Os Nightingale
oscon2007
 

Semelhante a It's Okay To Touch Yourself - DerbyCon 2013 (20)

Dave Lewis | Zero Trust & The Flaming Sword of Justice | Codemotion Madrid 2018
Dave Lewis | Zero Trust & The Flaming Sword of Justice | Codemotion Madrid 2018 Dave Lewis | Zero Trust & The Flaming Sword of Justice | Codemotion Madrid 2018
Dave Lewis | Zero Trust & The Flaming Sword of Justice | Codemotion Madrid 2018
 
BSides LA/PDX
BSides LA/PDXBSides LA/PDX
BSides LA/PDX
 
The Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
The Cloud 9 - Threat & Solutions 2016 by Bobby DominguezThe Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
The Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
 
Cutting out the middleman: Man-in-the-middle attacks and prevention for mobil...
Cutting out the middleman: Man-in-the-middle attacks and prevention for mobil...Cutting out the middleman: Man-in-the-middle attacks and prevention for mobil...
Cutting out the middleman: Man-in-the-middle attacks and prevention for mobil...
 
Why isn't infosec working? Did you turn it off and back on again?
Why isn't infosec working? Did you turn it off and back on again?Why isn't infosec working? Did you turn it off and back on again?
Why isn't infosec working? Did you turn it off and back on again?
 
So... you want to be a security consultant
So... you want to be a security consultant So... you want to be a security consultant
So... you want to be a security consultant
 
CPX 2016 Moti Sagey Security Vendor Landscape
CPX 2016 Moti Sagey Security Vendor LandscapeCPX 2016 Moti Sagey Security Vendor Landscape
CPX 2016 Moti Sagey Security Vendor Landscape
 
New Era of Software with modern Application Security (v0.6)
New Era of Software with modern Application Security (v0.6)New Era of Software with modern Application Security (v0.6)
New Era of Software with modern Application Security (v0.6)
 
Conf2013 bchristensen thebig_t
Conf2013 bchristensen thebig_tConf2013 bchristensen thebig_t
Conf2013 bchristensen thebig_t
 
Opsec for security researchers
Opsec for security researchersOpsec for security researchers
Opsec for security researchers
 
Combating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside OutCombating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside Out
 
Data Breaches - Sageworks, Inc., Webinar Series by Douglas Jambor
Data Breaches - Sageworks, Inc., Webinar Series by Douglas JamborData Breaches - Sageworks, Inc., Webinar Series by Douglas Jambor
Data Breaches - Sageworks, Inc., Webinar Series by Douglas Jambor
 
Security Monitoring (SPaaS)
Security Monitoring (SPaaS)Security Monitoring (SPaaS)
Security Monitoring (SPaaS)
 
Carbon Black: Keys to Shutting Down Attacks
Carbon Black: Keys to Shutting Down AttacksCarbon Black: Keys to Shutting Down Attacks
Carbon Black: Keys to Shutting Down Attacks
 
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced Threats
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced ThreatsGood Guys vs Bad Guys: Using Big Data to Counteract Advanced Threats
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced Threats
 
Cyber security basics for law firms
Cyber security basics for law firmsCyber security basics for law firms
Cyber security basics for law firms
 
Are you ready for the next attack? Reviewing the SP Security Checklist
Are you ready for the next attack? Reviewing the SP Security ChecklistAre you ready for the next attack? Reviewing the SP Security Checklist
Are you ready for the next attack? Reviewing the SP Security Checklist
 
Are you ready for the next attack? reviewing the sp security checklist (apnic...
Are you ready for the next attack? reviewing the sp security checklist (apnic...Are you ready for the next attack? reviewing the sp security checklist (apnic...
Are you ready for the next attack? reviewing the sp security checklist (apnic...
 
Os Nightingale
Os NightingaleOs Nightingale
Os Nightingale
 
Beyond The Padlock: New Ideas in Browser Security UI
Beyond The Padlock: New Ideas in Browser Security UIBeyond The Padlock: New Ideas in Browser Security UI
Beyond The Padlock: New Ideas in Browser Security UI
 

Último

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 

Último (20)

JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptx
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDM
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by Anitaraj
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 

It's Okay To Touch Yourself - DerbyCon 2013

  • 1. It's Okay To Touch Yourself! DerbyCon 2013 Ben Ten (@Ben0xA)
  • 2. About Me ● 12+ years experience in Health Care Information Systems ● Vice President & Security Officer ● Developer (Builder) ● Security Consultant, Trainer It's Okay To Touch Yourself Ben0xA - DerbyCon 2013
  • 3. About Me ● Federal Regulation Compliance Oversight (HIPAA, HITECH, PCI, Meaningful Use, Red Flag) ● Manager ● Gamer ● Love Science Fiction It's Okay To Touch Yourself Ben0xA - DerbyCon 2013
  • 4. Overview It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 This talk is SFW!
  • 5. Overview ● State of Breach Detection ● What is a Self Assessment ● Performing Fire Drills ● Pitfalls to Avoid ● Tools ● Acknowledgments ● Q&A It's Okay To Touch Yourself Ben0xA - DerbyCon 2013
  • 6. DerbyConTest It's Okay To Touch Yourself Ben0xA - DerbyCon 2013
  • 7. DerbyConTest It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 #10
  • 8. DerbyConTest It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 #9
  • 9. DerbyConTest It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 #8
  • 10. DerbyConTest It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 #7
  • 11. DerbyConTest It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 #6
  • 12. DerbyConTest It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 #5
  • 13. DerbyConTest It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 #4
  • 14. DerbyConTest It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 #3
  • 15. DerbyConTest It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 #2
  • 16. DerbyConTest It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 #1
  • 17. Why This Talk? Why Me? It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 A @dave_rel1k story...
  • 18. Why This Talk? Why Me? It's Okay To Touch Yourself Ben0xA - DerbyCon 2013
  • 19. State of Breach Detection It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 64% of businesses did not detect they had a breach until after 90 days! Source: 2013 Global Security Report ~ Trustwave https://www2.trustwave.com/2013GSR.html
  • 20. State of Breach Detection It's Okay To Touch Yourself Ben0xA - DerbyCon 2013
  • 21. State of Breach Detection It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 Approximately 70% of breaches were discovered by external parties who then notified the victim. Source: 2013 Data Breach Investigations Report ~ Verizon http://www.verizonenterprise.com/DBIR/2013/
  • 22. State of Breach Detection It's Okay To Touch Yourself Ben0xA - DerbyCon 2013
  • 23. State of Breach Detection It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 Source: 2013 Data Breach Investigations Report ~ Verizon http://www.verizonenterprise.com/DBIR/2013/
  • 24. State of Breach Detection It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 But we have these tools!!!11!!!two ● SIEM ● DLP ● IDS/IPS ● Logs
  • 25. State of Breach Detection It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 So, what's the problem?
  • 26. State of Breach Detection It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 ● Poorly implemented tools ● Lack of implemented tools ● Or maybe it's a perception issue...
  • 27. State of Breach Detection It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 Security by Obscurity
  • 28. State of Breach Detection It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 Security by Vicinity
  • 29. State of Breach Detection It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 Security by Divinity
  • 30. Self Assessment It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 It's time to get intimate with your...network!
  • 31. Self Assessment It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 At the very least, the critical parts of your network!
  • 32. Self Assessment It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 PTES – An Intro ● Pre-engagement Interactions ● Intelligence Gathering ● Threat Modeling ● Vulnerability Analysis ● Exploitation ● Post Exploitation ● Reporting
  • 33. Self Assessment It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 ● Pre-engagement Interactions ● Intelligence Gathering ● Threat Modeling ● Vulnerability Analysis ● Exploitation ● Post Exploitation ● Reporting PTES – An Intro
  • 34. Self Assessment It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 http://www.pentest-standard.org/index.php/Vulnerability_Analysis
  • 35. Self Assessment It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 http://www.pentest-standard.org/index.php/Vulnerability_Analysis
  • 36. Self Assessment It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 http://www.pentest-standard.org/index.php/Vulnerability_Analysis
  • 37. DISCLAIMER It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 ● I am not a professional penetration tester. But, I am staying at the Hyatt. ● Do not attempt anything on any network unless you have written permission! ● Do not do this on production first. Use a test environment!
  • 38. DISCLAIMER It's Okay To Touch Yourself Ben0xA - DerbyCon 2013
  • 39. DISCLAIMER It's Okay To Touch Yourself Ben0xA - DerbyCon 2013
  • 40. Self Assessment It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 Getting Intimate Know your Ports!
  • 41. Self Assessment It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 Getting Intimate Know your Logs!
  • 42. Self Assessment It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 Getting Intimate Know your Software!
  • 43. It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 https://www2.trustwave.com/cpn-hackers-playbook-2013-sm.html Self Assessment
  • 44. Self Assessment It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 Tools ● NeXpose (Rapid7) ● Nessus (Tenable) ● BurpSuite ● Health Monitor ● nmap/zenmap ● ninite
  • 45. Fire Drills It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 Why?
  • 46. Fire Drills It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 ● Are your tools working? ● Does your team react appropriately? ● What is happening during that nmap, nexpose, nessus, scan? ● What's the Incident Response plan and is it working?
  • 47. Pitfalls to Avoid It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 ● Verify Scope! ● Start Small / Focused ● Be wary of untested tools! ● Secure your results ● Don't DoS yourself
  • 48. It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 “[T]he ultimate goal should be to develop an environment in which security events are discovered innately—by both responsible security professionals or others in the organization.” Source: 2013 Global Security Report ~ Trustwave https://www2.trustwave.com/2013GSR.html New Tool
  • 49. It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 My Big Security Idea! New Tool
  • 50. It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 New Tool Will Steele @pen_test
  • 51. It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 New Tool
  • 52. Conclusion It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 In Conclusion
  • 53. Acknowledgments It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 ● @securitymoey ● @jwgoerlich ● @jaysonstreet ● @elizmmartin ● @rogueclown ● @dualcoremusic ● @derbycon Conclusion
  • 54. PoshSec Developers It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 ● @mwjohnson ● @jwgoerlich ● @securitymoey ● @mortprime ● @rjcassara ● @PoshSec Conclusion
  • 55. PoshSec Framework - Beta It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 http://github.com/poshsec/poshsecframework Conclusion View the ReadMe!
  • 56. Contact Information It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 ● @Ben0xA ● Ben0xA on Freenode (IRC) ● derbycon@ben0xa.com ● http://ben0xa.com ● http://github.com/Ben0xA ● http://github.com/PoshSec Questions? Conclusion
  • 57. Thank You! It's Okay To Touch Yourself Ben0xA - DerbyCon 2013 Conclusion