2. About Ben
The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014
Introductions
● 13+ years experience in Health Care
Information Systems
● Vice President & Security Officer
● Developer (Builder)
● Security Consultant, Trainer
3. About Ben
The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014
Introductions
● It's hard being an executive when
you look like you are a teenager.
● For serious!
● Thanks to @jaysonstreet
4. Disclaimer
Our thanks to all of
the websites we
ripped off to use
images for this deck.
Full attribution on last
slide!
The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014
5. Why Us?
● We are geeks
● We are gamers
● We love this community
● We both wanted to be like
our gaming heroes!
The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014
6. Why Us?
The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014
7. Why Us?
The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014
8. The Call of Community
What is this call?
The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014
9. The Call of Community
Our hopes & dreams
The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014
10. The Call of Community
Strategic Defense Execution Standard
The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014
11. What is PoshSec?
• PoshSec is a framework to enable information security pros, system
administrators, analysts and others to effectively help manage a systems or
a networks security.
• PoshSec consists of
• PoshSec PowerShell Module
• PoshSec Framework
PoshSec
The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014
12. How PoshSec Got Started
•Started by Matt Johnson and Will Steele
•Originally saw a lack of Security Related PowerShell modules
•Planned out the project as Will was battling cancer.
PoshSec
The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014
13. Assembling the team
•Need a team of ninja’s to help make PoshSec grow
•Partnered with Wolfgang Goerlich, Nick Jacob and Rich Cassara and
Michael Ortega
•All seasoned infosec pros and brilliant minds.
PoshSec
The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014
15. PoshSec Goals
• The initial PoshSec release focused on the Top 20 controls.
• While maintaining our expertise in the area Top20 controls, we are
branching out to cover:
• Server Hardening
• Forensics
• Many more areas
PoshSec
The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014
16. Account Management
• Created to satisfy Top Twenty Control #16 for the Account Monitoring and
Control section.
• Allows people to verify:
• User accounts
• Accounts that don’t expire
• Admin accounts
• Accounts that expire
• Accounts pass expiration date
PoshSec
The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014
18. Log Management
• Allows for querying of a few log types
• DNS
• IIS
• Allows you to set all of your Security Event logs to PoshSec recommended
settings.
PoshSec
The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014
20. Network Baselining
•Several Baselining Scripts
•Open Ports
•Wireless Networks
•Configure Windows Firewall
PoshSec
The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014
21. PoshSec 1.0
•PoshSec is officially releasing 1.0 of the PowerShell module
today.
•Cleaner code base, a few new additions
•First of many regular releases.
•Currently twice a year
•Download:http://github.com/poshsec/
PoshSec
The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014
22. PoshSec Framework
My original plan....
● Create an open source SIEM
● Bake everything inside
● Release it to the community
● Profit... wait... it's free
● Continue my day job!
The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014
28. PoshSec Framework
It's not the sum of it's code!
Select your player...
The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014
29. PoshSec Framework
Green Ninja
● System Administration
● Basic Networking Functions
● Scan / Audit Domains
● Use Information in Scripts
● Patch Management
The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014
31. PoshSec Framework
Blue Ninja
● Defensive Team
● Live Port Monitoring
● Application Integrity
● Live File Monitoring
● Log Analysis
The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014
39. PoshSec Framework
The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014
@obscuresec
Own a box, now you need to
download a 3rd
party tool like
python/rube.
PowerShell is already there!!!
40. PoshSec Framework
Black Ninja
● Penetration Testing
● Vulnerability Analysis
● Posh-Sec Modules
● Export Systems to Assets
The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014
42. PoshSec Framework
White Ninja
● Forensics
● Incident Response
● The limit is only based on us
The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014
43. PoshSec Framework
Features:
● Exposed Interface Elements
● Github Integration
● Custom Error Reporting
● Create Tabs for Individual Objects
● Seamless Integration with Scripts
The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014
47. PoshSec Developers
● @mwjcomputing
● @jwgoerlich
● @securitymoey
● @mortprime
● @rjcassara
● @sukotto_san
● @PoshSec
The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014
PoshSec Framework
48. The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014
PoshSec Framework
49. I Am The Cavalry
The Cavalry is a global
grassroots organization that
is focused on issues where
computer security intersects
public safety and human life.
The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014
50. I Am The Cavalry
Our areas of focus are
medical devices, automobiles,
home electronics and public
infrastructure.
The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014
51. I Am The Cavalry
● Content Management
● Project Management
● Administrative Assistance
● Technical Systems Assistance
● Sponsorship
Needs
The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014
52. I Am The Cavalry
http://www.iamthecavalry.org/
@iamthecavalry
I haz stickerz!
The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014
53. I Am The Cavalry
The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014
54. I Am The Cavalry
The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014
55. Strategic Defense Execution Standard
Simple method for planning
cyber defenses based on
straightforward step-by-step
instructions.
The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014
56. Strategic Defense Execution Standard
Help you identify where attacks
are likely to come from, where
they are likely to go to, how
they are likely to get there, and
what the impact on your
organization will be.
The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014
57. Strategic Defense Execution Standard
The final goal is to implement a
defense that will allow you to
maintain an acceptable
information security posture.
The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014
58. ● Organization Risk Tolerance
● IT Basics
● Critical Asset Planning
● Threat Scoping
● Strategic Network Mapping
● Attack Vector Identification
Focus
Strategic Defense Execution Standard
The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014
59. ● Attack Path Identification
● Defense Planning
● Defense Testing
● Attack Detection and Response
Focus (continued)
Strategic Defense Execution Standard
The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014
60. Strategic Defense Execution Standard
Current Contributors
James Arlen (@Myrcurial)
Iftach Ian Amit (@Iamit)
Zate (@Zate)
Gabe Bassett (@gdbassett)
Ben Ten (@Ben0xA)
The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014
62. Strategic Defense Execution Standard
http://wiki.doinginfosecright.com/index.php?title=SDES
help@doinginfosecright.com
The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014
63. The Call of Community
Where do you fit in?
The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014
64. The Call of Community
I'm answering the call....
what do you need?
● Contribute Ideas
● Contribute Powershell Modules
● Share your scripts with the
community
● Use the tools... give us feedback!
The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014
65. The Call of Community
I'm answering the call....
what do you need?
● Join a Project
● Support a project
(skills/financially)
● Discourage Negativity
The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014
66. The Call of Community
This idea is only as strong as
this community. It's time to
stand together as a team!
The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014
67. The Call of Community
The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014
68. The Call of Community
The more we work as a team
the stronger this community
will become.
The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014
69. The Call of Community
Conclusion
The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014
70. Conclusion
Contact Information
● @Ben0xA
● Ben0xA on Freenode (IRC)
● bsideschicago@ben0xa.com
● http://ben0xa.com
● http://github.com/Ben0xA
● http://github.com/PoshSec
The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014