Enviar pesquisa
Carregar
Cyber Threat Intelligence Collection and Analysis
•
5 gostaram
•
1,645 visualizações
Título melhorado com IA
UISGCON
Seguir
Tecnologia
Denunciar
Compartilhar
Denunciar
Compartilhar
1 de 22
Recomendados
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
UISGCON
Cyber Threat Intelligence
Cyber Threat Intelligence
Prachi Mishra
Cyber threat Intelligence and Incident Response by:-Sandeep Singh
Cyber threat Intelligence and Incident Response by:-Sandeep Singh
OWASP Delhi
Cyber threat intelligence: maturity and metrics
Cyber threat intelligence: maturity and metrics
Mark Arena
Global Cyber Threat Intelligence
Global Cyber Threat Intelligence
NTT Innovation Institute Inc.
Threat intelligence in security
Threat intelligence in security
Osama Ellahi
Cyber Threat Intelligence - It's not just about the feeds
Cyber Threat Intelligence - It's not just about the feeds
Iain Dickson
Cyber Threat Intelligence
Cyber Threat Intelligence
mohamed nasri
Recomendados
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
UISGCON
Cyber Threat Intelligence
Cyber Threat Intelligence
Prachi Mishra
Cyber threat Intelligence and Incident Response by:-Sandeep Singh
Cyber threat Intelligence and Incident Response by:-Sandeep Singh
OWASP Delhi
Cyber threat intelligence: maturity and metrics
Cyber threat intelligence: maturity and metrics
Mark Arena
Global Cyber Threat Intelligence
Global Cyber Threat Intelligence
NTT Innovation Institute Inc.
Threat intelligence in security
Threat intelligence in security
Osama Ellahi
Cyber Threat Intelligence - It's not just about the feeds
Cyber Threat Intelligence - It's not just about the feeds
Iain Dickson
Cyber Threat Intelligence
Cyber Threat Intelligence
mohamed nasri
Security Strategy and Tactic with Cyber Threat Intelligence (CTI)
Security Strategy and Tactic with Cyber Threat Intelligence (CTI)
Priyanka Aash
6 Steps for Operationalizing Threat Intelligence
6 Steps for Operationalizing Threat Intelligence
Sirius
2016 ISSA Conference Threat Intelligence Keynote philA
2016 ISSA Conference Threat Intelligence Keynote philA
Phil Agcaoili
Cyber Threat Hunting Workshop
Cyber Threat Hunting Workshop
Digit Oktavianto
Cyber Threat Intelligence | Information to Insight
Cyber Threat Intelligence | Information to Insight
Deep Shankar Yadav
Actionable Threat Intelligence
Actionable Threat Intelligence
OWASP Delhi
Welcome to the world of Cyber Threat Intelligence
Welcome to the world of Cyber Threat Intelligence
Andreas Sfakianakis
Threat Intelligence in Cyber Risk Programs
Threat Intelligence in Cyber Risk Programs
Rahul Neel Mani
Threat Intelligence 101 - Steve Lodin - Submitted
Threat Intelligence 101 - Steve Lodin - Submitted
Steve Lodin
Cyber Threat Intelligence
Cyber Threat Intelligence
Marlabs
Threat Intelligence Workshop
Threat Intelligence Workshop
Priyanka Aash
Threat Intelligence Data Collection & Acquisition
Threat Intelligence Data Collection & Acquisition
EC-Council
The Cyber Threat Intelligence Matrix
The Cyber Threat Intelligence Matrix
Frode Hommedal
Threat Intelligence
Threat Intelligence
Deepak Kumar (D3)
How to build a cyber threat intelligence program
How to build a cyber threat intelligence program
Mark Arena
Cyber Threat Intelligence
Cyber Threat Intelligence
Syed Peer
Cyber Threat Intelligence
Cyber Threat Intelligence
ZaiffiEhsan
The Making of a simple Cyber Threat Intelligence Gathering System
The Making of a simple Cyber Threat Intelligence Gathering System
Niran Seriki, CCISO, CISM
Sans cyber-threat-intelligence-survey-2015
Sans cyber-threat-intelligence-survey-2015
Roy Ramkrishna
Cyber Threat Intelligence: What do we Want? The Incident Response and Technol...
Cyber Threat Intelligence: What do we Want? The Incident Response and Technol...
Albert Hui
Kimberly Zenz - Financial Options for Cyber Criminals #uisgcon9
Kimberly Zenz - Financial Options for Cyber Criminals #uisgcon9
UISGCON
Dubai - The Capital Club in Dubai (Cointalks)
Dubai - The Capital Club in Dubai (Cointalks)
Juan Llanos
Mais conteúdo relacionado
Mais procurados
Security Strategy and Tactic with Cyber Threat Intelligence (CTI)
Security Strategy and Tactic with Cyber Threat Intelligence (CTI)
Priyanka Aash
6 Steps for Operationalizing Threat Intelligence
6 Steps for Operationalizing Threat Intelligence
Sirius
2016 ISSA Conference Threat Intelligence Keynote philA
2016 ISSA Conference Threat Intelligence Keynote philA
Phil Agcaoili
Cyber Threat Hunting Workshop
Cyber Threat Hunting Workshop
Digit Oktavianto
Cyber Threat Intelligence | Information to Insight
Cyber Threat Intelligence | Information to Insight
Deep Shankar Yadav
Actionable Threat Intelligence
Actionable Threat Intelligence
OWASP Delhi
Welcome to the world of Cyber Threat Intelligence
Welcome to the world of Cyber Threat Intelligence
Andreas Sfakianakis
Threat Intelligence in Cyber Risk Programs
Threat Intelligence in Cyber Risk Programs
Rahul Neel Mani
Threat Intelligence 101 - Steve Lodin - Submitted
Threat Intelligence 101 - Steve Lodin - Submitted
Steve Lodin
Cyber Threat Intelligence
Cyber Threat Intelligence
Marlabs
Threat Intelligence Workshop
Threat Intelligence Workshop
Priyanka Aash
Threat Intelligence Data Collection & Acquisition
Threat Intelligence Data Collection & Acquisition
EC-Council
The Cyber Threat Intelligence Matrix
The Cyber Threat Intelligence Matrix
Frode Hommedal
Threat Intelligence
Threat Intelligence
Deepak Kumar (D3)
How to build a cyber threat intelligence program
How to build a cyber threat intelligence program
Mark Arena
Cyber Threat Intelligence
Cyber Threat Intelligence
Syed Peer
Cyber Threat Intelligence
Cyber Threat Intelligence
ZaiffiEhsan
The Making of a simple Cyber Threat Intelligence Gathering System
The Making of a simple Cyber Threat Intelligence Gathering System
Niran Seriki, CCISO, CISM
Sans cyber-threat-intelligence-survey-2015
Sans cyber-threat-intelligence-survey-2015
Roy Ramkrishna
Cyber Threat Intelligence: What do we Want? The Incident Response and Technol...
Cyber Threat Intelligence: What do we Want? The Incident Response and Technol...
Albert Hui
Mais procurados
(20)
Security Strategy and Tactic with Cyber Threat Intelligence (CTI)
Security Strategy and Tactic with Cyber Threat Intelligence (CTI)
6 Steps for Operationalizing Threat Intelligence
6 Steps for Operationalizing Threat Intelligence
2016 ISSA Conference Threat Intelligence Keynote philA
2016 ISSA Conference Threat Intelligence Keynote philA
Cyber Threat Hunting Workshop
Cyber Threat Hunting Workshop
Cyber Threat Intelligence | Information to Insight
Cyber Threat Intelligence | Information to Insight
Actionable Threat Intelligence
Actionable Threat Intelligence
Welcome to the world of Cyber Threat Intelligence
Welcome to the world of Cyber Threat Intelligence
Threat Intelligence in Cyber Risk Programs
Threat Intelligence in Cyber Risk Programs
Threat Intelligence 101 - Steve Lodin - Submitted
Threat Intelligence 101 - Steve Lodin - Submitted
Cyber Threat Intelligence
Cyber Threat Intelligence
Threat Intelligence Workshop
Threat Intelligence Workshop
Threat Intelligence Data Collection & Acquisition
Threat Intelligence Data Collection & Acquisition
The Cyber Threat Intelligence Matrix
The Cyber Threat Intelligence Matrix
Threat Intelligence
Threat Intelligence
How to build a cyber threat intelligence program
How to build a cyber threat intelligence program
Cyber Threat Intelligence
Cyber Threat Intelligence
Cyber Threat Intelligence
Cyber Threat Intelligence
The Making of a simple Cyber Threat Intelligence Gathering System
The Making of a simple Cyber Threat Intelligence Gathering System
Sans cyber-threat-intelligence-survey-2015
Sans cyber-threat-intelligence-survey-2015
Cyber Threat Intelligence: What do we Want? The Incident Response and Technol...
Cyber Threat Intelligence: What do we Want? The Incident Response and Technol...
Destaque
Kimberly Zenz - Financial Options for Cyber Criminals #uisgcon9
Kimberly Zenz - Financial Options for Cyber Criminals #uisgcon9
UISGCON
Dubai - The Capital Club in Dubai (Cointalks)
Dubai - The Capital Club in Dubai (Cointalks)
Juan Llanos
Money Services Businesses: Past, Present & Future
Money Services Businesses: Past, Present & Future
Jay Postma
Cyber Threat Taxonomy Matrix APR 2014
Cyber Threat Taxonomy Matrix APR 2014
Bill Hagestad II
Building an Effective Cyber Intelligence Program
Building an Effective Cyber Intelligence Program
London School of Cyber Security
eMarketer Webinar: Cashing In on Mobile Shopping
eMarketer Webinar: Cashing In on Mobile Shopping
eMarketer
Advanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real World
Cisco Canada
Destaque
(7)
Kimberly Zenz - Financial Options for Cyber Criminals #uisgcon9
Kimberly Zenz - Financial Options for Cyber Criminals #uisgcon9
Dubai - The Capital Club in Dubai (Cointalks)
Dubai - The Capital Club in Dubai (Cointalks)
Money Services Businesses: Past, Present & Future
Money Services Businesses: Past, Present & Future
Cyber Threat Taxonomy Matrix APR 2014
Cyber Threat Taxonomy Matrix APR 2014
Building an Effective Cyber Intelligence Program
Building an Effective Cyber Intelligence Program
eMarketer Webinar: Cashing In on Mobile Shopping
eMarketer Webinar: Cashing In on Mobile Shopping
Advanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real World
Semelhante a Cyber Threat Intelligence Collection and Analysis
Computer Security
Computer Security
Greater Noida Institute Of Technology
How to hack or what is ethical hacking
How to hack or what is ethical hacking
baabtra.com - No. 1 supplier of quality freshers
CYBERSECURITY | Why it is important?
CYBERSECURITY | Why it is important?
RONIKMEHRA
Web hacking 1.0
Web hacking 1.0
Q Fadlan
Lecture 7---Security (1).pdf
Lecture 7---Security (1).pdf
ZeeshanMajeed15
Ethical Hacking by Krutarth Vasavada
Ethical Hacking by Krutarth Vasavada
Krutarth Vasavada
001.itsecurity bcp v1
001.itsecurity bcp v1
Mohammad Ashfaqur Rahman
Cyber security with ai
Cyber security with ai
Burhan Ahmed
Janitor vs cleaner
Janitor vs cleaner
John Stauffacher
Security in the enterprise - Why You Need It
Security in the enterprise - Why You Need It
Slick Cyber Systems
Internet security powerpoint
Internet security powerpoint
Arifa Ali
Ethical Hacking Overview
Ethical Hacking Overview
Subhoneel Datta
Materi Keamanan Siber Prinsip Keamanan Jaringan.pptx
Materi Keamanan Siber Prinsip Keamanan Jaringan.pptx
Bernad Bear
Internet security powerpoint
Internet security powerpoint
Arifa Ali
Internetsecuritypowerpoint 130404101055-phpapp02
Internetsecuritypowerpoint 130404101055-phpapp02
sanjay kumar
APT in the Financial Sector
APT in the Financial Sector
LIFARS
Network security
Network security
mena kaheel
Topic 5.0 basic security part 1
Topic 5.0 basic security part 1
Atika Zaimi
[Bucharest] Catching up with today's malicious actors
[Bucharest] Catching up with today's malicious actors
OWASP EEE
NETWORK SECURITY
NETWORK SECURITY
afaque jaya
Semelhante a Cyber Threat Intelligence Collection and Analysis
(20)
Computer Security
Computer Security
How to hack or what is ethical hacking
How to hack or what is ethical hacking
CYBERSECURITY | Why it is important?
CYBERSECURITY | Why it is important?
Web hacking 1.0
Web hacking 1.0
Lecture 7---Security (1).pdf
Lecture 7---Security (1).pdf
Ethical Hacking by Krutarth Vasavada
Ethical Hacking by Krutarth Vasavada
001.itsecurity bcp v1
001.itsecurity bcp v1
Cyber security with ai
Cyber security with ai
Janitor vs cleaner
Janitor vs cleaner
Security in the enterprise - Why You Need It
Security in the enterprise - Why You Need It
Internet security powerpoint
Internet security powerpoint
Ethical Hacking Overview
Ethical Hacking Overview
Materi Keamanan Siber Prinsip Keamanan Jaringan.pptx
Materi Keamanan Siber Prinsip Keamanan Jaringan.pptx
Internet security powerpoint
Internet security powerpoint
Internetsecuritypowerpoint 130404101055-phpapp02
Internetsecuritypowerpoint 130404101055-phpapp02
APT in the Financial Sector
APT in the Financial Sector
Network security
Network security
Topic 5.0 basic security part 1
Topic 5.0 basic security part 1
[Bucharest] Catching up with today's malicious actors
[Bucharest] Catching up with today's malicious actors
NETWORK SECURITY
NETWORK SECURITY
Mais de UISGCON
Vladimir Kozak - Информационная безопасность и защита персональных данных в к...
Vladimir Kozak - Информационная безопасность и защита персональных данных в к...
UISGCON
Vladimir Bezmaly - Расследование инцидентов в ОС Windows #uisgcon9
Vladimir Bezmaly - Расследование инцидентов в ОС Windows #uisgcon9
UISGCON
Mikhail Kader - Можно ли обеспечить безопасность облачных вычислений? #uisgcon9
Mikhail Kader - Можно ли обеспечить безопасность облачных вычислений? #uisgcon9
UISGCON
Mikhail Emelyannikov - А Вы готовы обменять свою приватность на безопасность ...
Mikhail Emelyannikov - А Вы готовы обменять свою приватность на безопасность ...
UISGCON
Dmitriy Ponomarev - Thinking outside the box #uisgcon9
Dmitriy Ponomarev - Thinking outside the box #uisgcon9
UISGCON
Alexander Dmitriev - Практика построения ключевых процессов менеджмента инфор...
Alexander Dmitriev - Практика построения ключевых процессов менеджмента инфор...
UISGCON
Alex Eden - Не доверяй и проверяй
Alex Eden - Не доверяй и проверяй
UISGCON
Владимир Гнинюк - Управление Риском: Почему не работает?
Владимир Гнинюк - Управление Риском: Почему не работает?
UISGCON
Владимир Илибман - Межсетевые экраны следующего поколения. Определение и мето...
Владимир Илибман - Межсетевые экраны следующего поколения. Определение и мето...
UISGCON
Брудский Кузьма Ефимович - Несанкционированный доступ к персональным данным: ...
Брудский Кузьма Ефимович - Несанкционированный доступ к персональным данным: ...
UISGCON
Безмалый Владимир Федорович - Сервисы репутации в информационной безопасности
Безмалый Владимир Федорович - Сервисы репутации в информационной безопасности
UISGCON
Медведев Вячеслав Владимирович - Беззащитность участников систем дистанционно...
Медведев Вячеслав Владимирович - Беззащитность участников систем дистанционно...
UISGCON
Александр Дмитриев - Практические аспекты внедрения системы менеджмента инфор...
Александр Дмитриев - Практические аспекты внедрения системы менеджмента инфор...
UISGCON
Дмитрий Петращук - Аутсорсинг системы мониторинга событий информационной безо...
Дмитрий Петращук - Аутсорсинг системы мониторинга событий информационной безо...
UISGCON
Алексей Лукацкий - Как сформировать правильную модель сетевых угроз
Алексей Лукацкий - Как сформировать правильную модель сетевых угроз
UISGCON
Владимир Ткаченко - Эффективная программа повышения осведомленности в вопроса...
Владимир Ткаченко - Эффективная программа повышения осведомленности в вопроса...
UISGCON
Владимир Стыран - Пентест следующего поколения, который ваша компания не може...
Владимир Стыран - Пентест следующего поколения, который ваша компания не може...
UISGCON
Константин Корсун - Общественная организация UISG: что это и для чего?
Константин Корсун - Общественная организация UISG: что это и для чего?
UISGCON
Ajeet Singh - The FBI Overseas
Ajeet Singh - The FBI Overseas
UISGCON
Short 1100 Jart Armin - The Pocket Botnet
Short 1100 Jart Armin - The Pocket Botnet
UISGCON
Mais de UISGCON
(20)
Vladimir Kozak - Информационная безопасность и защита персональных данных в к...
Vladimir Kozak - Информационная безопасность и защита персональных данных в к...
Vladimir Bezmaly - Расследование инцидентов в ОС Windows #uisgcon9
Vladimir Bezmaly - Расследование инцидентов в ОС Windows #uisgcon9
Mikhail Kader - Можно ли обеспечить безопасность облачных вычислений? #uisgcon9
Mikhail Kader - Можно ли обеспечить безопасность облачных вычислений? #uisgcon9
Mikhail Emelyannikov - А Вы готовы обменять свою приватность на безопасность ...
Mikhail Emelyannikov - А Вы готовы обменять свою приватность на безопасность ...
Dmitriy Ponomarev - Thinking outside the box #uisgcon9
Dmitriy Ponomarev - Thinking outside the box #uisgcon9
Alexander Dmitriev - Практика построения ключевых процессов менеджмента инфор...
Alexander Dmitriev - Практика построения ключевых процессов менеджмента инфор...
Alex Eden - Не доверяй и проверяй
Alex Eden - Не доверяй и проверяй
Владимир Гнинюк - Управление Риском: Почему не работает?
Владимир Гнинюк - Управление Риском: Почему не работает?
Владимир Илибман - Межсетевые экраны следующего поколения. Определение и мето...
Владимир Илибман - Межсетевые экраны следующего поколения. Определение и мето...
Брудский Кузьма Ефимович - Несанкционированный доступ к персональным данным: ...
Брудский Кузьма Ефимович - Несанкционированный доступ к персональным данным: ...
Безмалый Владимир Федорович - Сервисы репутации в информационной безопасности
Безмалый Владимир Федорович - Сервисы репутации в информационной безопасности
Медведев Вячеслав Владимирович - Беззащитность участников систем дистанционно...
Медведев Вячеслав Владимирович - Беззащитность участников систем дистанционно...
Александр Дмитриев - Практические аспекты внедрения системы менеджмента инфор...
Александр Дмитриев - Практические аспекты внедрения системы менеджмента инфор...
Дмитрий Петращук - Аутсорсинг системы мониторинга событий информационной безо...
Дмитрий Петращук - Аутсорсинг системы мониторинга событий информационной безо...
Алексей Лукацкий - Как сформировать правильную модель сетевых угроз
Алексей Лукацкий - Как сформировать правильную модель сетевых угроз
Владимир Ткаченко - Эффективная программа повышения осведомленности в вопроса...
Владимир Ткаченко - Эффективная программа повышения осведомленности в вопроса...
Владимир Стыран - Пентест следующего поколения, который ваша компания не може...
Владимир Стыран - Пентест следующего поколения, который ваша компания не може...
Константин Корсун - Общественная организация UISG: что это и для чего?
Константин Корсун - Общественная организация UISG: что это и для чего?
Ajeet Singh - The FBI Overseas
Ajeet Singh - The FBI Overseas
Short 1100 Jart Armin - The Pocket Botnet
Short 1100 Jart Armin - The Pocket Botnet
Último
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
Pixlogix Infotech
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
apidays
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
Maria Levchenko
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
The Digital Insurer
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
Martijn de Jong
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
Slack Application Development 101 Slides
Slack Application Development 101 Slides
praypatel2
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
Gabriella Davis
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Katpro Technologies
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
Malak Abu Hammad
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
Anna Loughnan Colquhoun
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
Khem
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
hans926745
How to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
naman860154
Último
(20)
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Slack Application Development 101 Slides
Slack Application Development 101 Slides
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
How to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
Cyber Threat Intelligence Collection and Analysis
1.
Cyber Threat Intelligence What
is it and how can we collect and produce it? By Mark Arena Menya zavut Mark Proprietary and Confidential Information – Copyright© 2013 – All Rights Reserved
2.
What is intelligence? •
NOT James Bond (it would be cool though… wouldn’t it?) • NOT secret data, espionage or spying Proprietary and Confidential Information – Copyright© 2013 – All Rights Reserved
3.
Intelligence is… • Intelligence
is taking what you have (data) and using your knowledge, skills and experience to characterize what is: – Fact – Probable/not probable • In both the past and the future • Communicating the output of this process to decision makers (people who decide where the $money get spent) in your organization. • Some examples! Proprietary and Confidential Information – Copyright© 2013 – All Rights Reserved
4.
FACT: Microsoft has
reported a vulnerability in Internet Explorer that is currently being used in targeted attacks. PROBABLITY: It is likely that as Microsoft has released a Microsoft Fix it solution, that other attackers will attempt to discover the specifics of the vulnerability and seek to create exploits for it. Proprietary and Confidential Information – Copyright© 2013 – All Rights Reserved
5.
FACT: iDefense reported
a vulnerability to Microsoft that an anonymous researcher found (i.e. it was not discovered being exploited in the wild by bad guys). PROBABILITY: Microsoft has released an update for Internet Explorer that fixes this and other vulnerabilities. It is not likely that attackers will attempt to exploit this vulnerability given an official new version of Internet Explorer has been released. Proprietary and Confidential Information – Copyright© 2013 – All Rights Reserved
6.
What does this
mean to us as IT security professionals? • I should focus my efforts to patch vulnerabilities that are being actively exploited in the wild. • What more information can I find about the first mentioned Microsoft vulnerability? Proprietary and Confidential Information – Copyright© 2013 – All Rights Reserved
7.
Proprietary and Confidential
Information – Copyright© 2013 – All Rights Reserved
8.
What does this
tell us? • CVE-2013-3893 was being used in targeted attacks against Japanese targets. • According to open source reports, the same hacker group who was behind these attacks was linked to previous attacks against the Bit9 security company that was used to target the US financial sector. • The hacker group is highly likely motivated by cyber espionage. Proprietary and Confidential Information – Copyright© 2013 – All Rights Reserved
9.
So I’m a
possible target, now what? • What data do you have access to in your organization that could inform you whether you had been compromised by this group or not? • What data should you proactively collect to be able to see if you were a target or not? Proprietary and Confidential Information – Copyright© 2013 – All Rights Reserved
10.
What do you
need to do? • The ability to see from both the network perspective and end point (computer) perspective what has happened in the past. • To be able to use this information proactively to identify abnormalities and attack upon them. • It’s unlikely as a security professional that you’ll be able to block everything malicious that happens in your organization but you may be able to reduce the amount of time it takes to detect an intrusion thereby reducing the damage. Proprietary and Confidential Information – Copyright© 2013 – All Rights Reserved
11.
Data collection • Passive
DNS – Packet capture on port 53 to collect DNS requests and answers – Python script to mine DNS requests and answers from a PCAP: http://mmishou.wordpress.com/2010/04/13/passive-dnsmining-from-pcap-with-dpkt-python/ • Netflow • HTTP GET/POST requests • End point monitoring – http://www.immunityinc.com/products-eljefe.shtml • IDS Sensors • Other logs Proprietary and Confidential Information – Copyright© 2013 – All Rights Reserved
12.
Data collection from
the Internet • • • • • • Google! Maltego (great visual open source intelligence gathering tool) VirusTotal ThreatExpert DomainTools Did I mention Google? Proprietary and Confidential Information – Copyright© 2013 – All Rights Reserved
13.
Data correlation • Try
to get all this data collection into a single point that you can monitor and query • I personally like to use Splunk • Logstash looks like somewhat open source alternative to Splunk although I haven’t used it Proprietary and Confidential Information – Copyright© 2013 – All Rights Reserved
14.
How do I
understand what security threats are affecting my organization? • One of the biggest resources that will help you understand the type of threats your organization is facing is looking at what has been blocked through anti-virus scanners, email filtering, etc. • Looking at the blocked items and try to ascertain whether the item blocked is linked to a cyber espionage, hacktivist or cyber crime group. • Understanding the attackers motivation is key to what measures you will need to put in replace to reduce the risk from this attacking group Proprietary and Confidential Information – Copyright© 2013 – All Rights Reserved
15.
Who are you
protecting your organization against? • You are protecting your organization NOT from malware but from the bad guys using the malware, exploits etc. • Having an effective intelligence process will give you understanding how the bad guys operate! Proprietary and Confidential Information – Copyright© 2013 – All Rights Reserved
16.
Know your enemy •
Sun Tzu was a Chinese general, military strategist, and author of The Art of War, an immensely influential ancient Chinese book on military strategy (ref: Wikipedia) • “It is said that if you know your enemies and know yourself, you will not be imperiled in a hundred battles; if you do not know your enemies but do know yourself, you will win one and lose one; if you do not know your enemies nor yourself, you will be imperiled in every single battle.” Proprietary and Confidential Information – Copyright© 2013 – All Rights Reserved
17.
Attacker motivations • Cyber
Espionage – Motivated to steal information such as executive communications, intellectual property (source code) etc. – Techniques include spear-phishing, water-holing websites. • Cyber Crime – Motivated by money! Do whatever is needed to get more money and more victims. – Techniques include mass spamming, compromises websites to host exploit kits to exploit visitors Proprietary and Confidential Information – Copyright© 2013 – All Rights Reserved
18.
Attacker motivations –
2 • Hacktivism – Politically motivated – Techniques include ‘doxing’, website defacements, denial of service attacks. Proprietary and Confidential Information – Copyright© 2013 – All Rights Reserved
19.
Final Thoughts • You
are an IT security manager for an Ukrainian Bank • What information would you prefer to hear and which one is intelligence? • Which information would give you more insight into how the bad guy works and how to defend against them? Proprietary and Confidential Information – Copyright© 2013 – All Rights Reserved
20.
Final Thoughts 1. A competitor
bank passed you a malware sample that connects to ukrainebankingupdate.com on HTTP port 80 with MD5 5f4dcc3b5aa765d61d8327deb882cf99 2. In September 2013 a competitor bank in Ukraine was targeted by a group we call “Zed group”. They typically: – – – – – – Drop files named zed.exe on compromised systems Target Ukranian banks in order to create bank accounts in order to receive and process laundered money Sending targeted email to people involved in the creation of new accounts with Microsoft Excel (.xls) attachments that contain exploits The exploit used by the group are publically known (CVE-2012-1847) and hasbeen patched already by Microsoft. Based on the use of known and patched vulnerabilities, it is highly likely that this group does not possess new and unpatched Microsoft Excel exploits (0days) The malware the group uses contains a number of different user agent strings but typically uses Afraid.org (free name server hosting) to host their malware command and control domain names. Proprietary and Confidential Information – Copyright© 2013 – All Rights Reserved
21.
Proprietary and Confidential
Information – Copyright© 2013 – All Rights Reserved
22.
Discussion and questions •
What is your organization targeted with and by whom? Proprietary and Confidential Information – Copyright© 2013 – All Rights Reserved
Notas do Editor
Talk about Microsoft Fix it solution being a temporary work around that requires a manual download to fix the issue.
Define cyber espionage as a motivation and go over other motivations briefly (covered later)