SlideShare uma empresa Scribd logo

Collaboration Between Infosec Community and CERT Teams

Transferir como ODP, PDF
Valdes Nzalli
Valdes Nzalli

Along with their day-to-day duties, CERT/CSIRT teams need to be aware about the security state of their subscribers/clients. My goal here is to present this initiative named "Project Sonar", started by many members of the Infosec Community. Also, i would like to present an use case in which the collaboration between the CERT/CSIRT team and the Infosec Community can be more profitable for all of us. This use case will be based on an analysis of some data provided by Project Sonar.

Tecnologia
1 de 13
Collaboration Between Infosec Community and CERT Teams : Project Sonar case 1
Summary 1- Intro 2- A little Flashback 3- Who is the Infosec Community ? 3- What is Project Sonar ? 4- How can it be useful for CERT/CSIRT ? 5- What can be done ? 6- Conclusion 2
INTRO ● ● /me { Valdes T. Nzalli | @valdesjo77 Co-Founder & Security Evangelist at Cameroon Cyber Security } Cameroon Cyber Security : { NGO Association, Infosec Workshops, Trainings, Awareness and Share ! | @camcybersec www.camcybersec.cm « Be Secure, Be Safe ! » } 3
A LITTLE FLASHBACK Internet Census Map (Carna Botnet) 4
Who is the Infosec Community ? ● Infosec Researchers ● Infosec Products Builders / Vendors ● Security Analysts worldwide 5
What is Project Sonar ? ● Scanning Public Internet-facing Systems ● Analyse datasets provided by Scans ● Share result and datasets with IT Security Community Datasets Availables : IPv4 TCP banners & UDP probe replies IPv4 Reverse DNS PTR records IPv4 SSL Certificates 6
What is Project Sonar ? ● Public Vulnerabilities on UpnP device reveled 7
What is Project Sonar ? Serial Console Port Services exposed worldwide 8
What is Project Sonar ? OpenSSH servers usage and vulnerabilities frequency in Africa 9
How can it be useful for CERT/CSIRT ? 10
How can it be useful for CERT/CSIRT ? ● Workforce reduced ● More Specific Awareness Campaign ● ● Improvement of the Global Cybersecurity State Pro-active Incident Response 11
What can be done ? ● ● ● ● ● Working together with Infosec Researchers/Products Builders Define standard of communication with Infosec Community Grab Datasets available for « internal » usage Analyse and use this Informations for their customers Also, share their information with Infosec Community to improve global Cybersecurity 12
Conclusion Useful Ressources : ● ● ● ● Project Sonar free Datasets https://scans.io/ Internet Census Project http://internetcensus2012.bitbucket.org/ Rapid7 Community : Welcome to Project Sonar https://community.rapid7.com/community/infosec/sonar/blog/2 Additional : Shodan HQ : www.shodanhq.com 13

Recomendados

Rise of software supply chain attack
Rise of software supply chain attackRise of software supply chain attack
Rise of software supply chain attackYadnyawalkya Tale
 
Thailand Threat Telemetry 2016 by Fortinet Thailand
Thailand Threat Telemetry 2016 by Fortinet ThailandThailand Threat Telemetry 2016 by Fortinet Thailand
Thailand Threat Telemetry 2016 by Fortinet ThailandAruj Thirawat
 
Leveraging Black Duck Hub to Maximize Focus - Entersekt's approach to automat...
Leveraging Black Duck Hub to Maximize Focus - Entersekt's approach to automat...Leveraging Black Duck Hub to Maximize Focus - Entersekt's approach to automat...
Leveraging Black Duck Hub to Maximize Focus - Entersekt's approach to automat...Jerika Phelps
 
Open Source in Application Security
Open Source in Application SecurityOpen Source in Application Security
Open Source in Application SecurityBlack Duck by Synopsys
 
Application Security in the Age of Open Source
Application Security in the Age of Open SourceApplication Security in the Age of Open Source
Application Security in the Age of Open SourceBlack Duck by Synopsys
 
T3 conference talk nov 2014
T3 conference talk nov 2014T3 conference talk nov 2014
T3 conference talk nov 2014Sid Yenamandra
 
Security in the Age of Open Source
Security in the Age of Open SourceSecurity in the Age of Open Source
Security in the Age of Open SourceBlack Duck by Synopsys
 
CV | Michele Spagnuolo
CV | Michele SpagnuoloCV | Michele Spagnuolo
CV | Michele SpagnuoloMichele Spagnuolo
 

Recomendados

Rise of software supply chain attack
Rise of software supply chain attackRise of software supply chain attack
Rise of software supply chain attackYadnyawalkya Tale
 
Thailand Threat Telemetry 2016 by Fortinet Thailand
Thailand Threat Telemetry 2016 by Fortinet ThailandThailand Threat Telemetry 2016 by Fortinet Thailand
Thailand Threat Telemetry 2016 by Fortinet ThailandAruj Thirawat
 
Leveraging Black Duck Hub to Maximize Focus - Entersekt's approach to automat...
Leveraging Black Duck Hub to Maximize Focus - Entersekt's approach to automat...Leveraging Black Duck Hub to Maximize Focus - Entersekt's approach to automat...
Leveraging Black Duck Hub to Maximize Focus - Entersekt's approach to automat...Jerika Phelps
 
Open Source in Application Security
Open Source in Application SecurityOpen Source in Application Security
Open Source in Application SecurityBlack Duck by Synopsys
 
Application Security in the Age of Open Source
Application Security in the Age of Open SourceApplication Security in the Age of Open Source
Application Security in the Age of Open SourceBlack Duck by Synopsys
 
T3 conference talk nov 2014
T3 conference talk nov 2014T3 conference talk nov 2014
T3 conference talk nov 2014Sid Yenamandra
 
Security in the Age of Open Source
Security in the Age of Open SourceSecurity in the Age of Open Source
Security in the Age of Open SourceBlack Duck by Synopsys
 
CV | Michele Spagnuolo
CV | Michele SpagnuoloCV | Michele Spagnuolo
CV | Michele SpagnuoloMichele Spagnuolo
 
Charles Lim - Honeynet Indonesia Chapter
Charles Lim - Honeynet Indonesia Chapter Charles Lim - Honeynet Indonesia Chapter
Charles Lim - Honeynet Indonesia Chapter Indonesia Honeynet Chapter
 
ION Belfast - Opening Slides - Chris Grundemann
ION Belfast - Opening Slides - Chris GrundemannION Belfast - Opening Slides - Chris Grundemann
ION Belfast - Opening Slides - Chris GrundemannDeploy360 Programme (Internet Society)
 
2 s tic-rina-2020-presentatie
2 s tic-rina-2020-presentatie2 s tic-rina-2020-presentatie
2 s tic-rina-2020-presentatieEduard Grasa
 
Umesh nfc login application for mobile devices29th nov
Umesh nfc login application for mobile devices29th novUmesh nfc login application for mobile devices29th nov
Umesh nfc login application for mobile devices29th novUmeshjamce
 
TFI2014 Conference Opening - ISOC Deployment & Operationalization
TFI2014 Conference Opening - ISOC Deployment & OperationalizationTFI2014 Conference Opening - ISOC Deployment & Operationalization
TFI2014 Conference Opening - ISOC Deployment & OperationalizationColorado Internet Society (CO ISOC)
 
Pistoia Alliance Sequence Services Phase 2 Overview
Pistoia Alliance Sequence Services Phase 2 OverviewPistoia Alliance Sequence Services Phase 2 Overview
Pistoia Alliance Sequence Services Phase 2 OverviewPistoia Alliance
 
PITA Working Group Meeting on Cybersecurity: Empowering the community to enha...
PITA Working Group Meeting on Cybersecurity: Empowering the community to enha...PITA Working Group Meeting on Cybersecurity: Empowering the community to enha...
PITA Working Group Meeting on Cybersecurity: Empowering the community to enha...APNIC
 
Solar winds supply chain breach - Insights from the trenches
Solar winds supply chain breach - Insights from the trenchesSolar winds supply chain breach - Insights from the trenches
Solar winds supply chain breach - Insights from the trenchesInfosec
 
The Honeynet Project Introduction
The Honeynet Project IntroductionThe Honeynet Project Introduction
The Honeynet Project IntroductionJulia Yu-Chin Cheng
 
AARC Assurance Profiles for Kantara Initiative
AARC Assurance Profiles for Kantara InitiativeAARC Assurance Profiles for Kantara Initiative
AARC Assurance Profiles for Kantara Initiativekantarainitiative
 
Matteo meucci Software Security - Napoli 10112016
Matteo meucci Software Security - Napoli 10112016Matteo meucci Software Security - Napoli 10112016
Matteo meucci Software Security - Napoli 10112016Minded Security
 
ScadaLab Project
ScadaLab Project ScadaLab Project
ScadaLab Project JMBALBOA
 
stackconf 2021 | First hand experience: How Nextcloud stayed productive durin...
stackconf 2021 | First hand experience: How Nextcloud stayed productive durin...stackconf 2021 | First hand experience: How Nextcloud stayed productive durin...
stackconf 2021 | First hand experience: How Nextcloud stayed productive durin...NETWAYS
 
Getting Started with Splunk Breakout Session
Getting Started with Splunk Breakout SessionGetting Started with Splunk Breakout Session
Getting Started with Splunk Breakout SessionSplunk
 
The Neuroinformatics community in OpenAIRE Connect (Presentation by Sorina Po...
The Neuroinformatics community in OpenAIRE Connect (Presentation by Sorina Po...The Neuroinformatics community in OpenAIRE Connect (Presentation by Sorina Po...
The Neuroinformatics community in OpenAIRE Connect (Presentation by Sorina Po...OpenAIRE
 
ONF Snapshot
ONF SnapshotONF Snapshot
ONF SnapshotUS-Ignite
 
EasyBuild State of the Union
EasyBuild State of the UnionEasyBuild State of the Union
EasyBuild State of the Unioninside-BigData.com
 
Monitoring indonesia darknets - Revealing the unseen security intrusion
Monitoring indonesia darknets - Revealing the unseen security intrusionMonitoring indonesia darknets - Revealing the unseen security intrusion
Monitoring indonesia darknets - Revealing the unseen security intrusionCharles Lim
 
Great Open Source Compliance For Everyone (Version 3)
Great Open Source Compliance For Everyone (Version 3)Great Open Source Compliance For Everyone (Version 3)
Great Open Source Compliance For Everyone (Version 3)Shane Coughlan
 
Why Johnny Can't Blow the Whistle
Why Johnny Can't Blow the WhistleWhy Johnny Can't Blow the Whistle
Why Johnny Can't Blow the Whistlegregnorc
 
#OpenData DevFest18
#OpenData DevFest18#OpenData DevFest18
#OpenData DevFest18Valdes Nzalli
 
Pénétration de l'Internet en Afrique : Qu'en est-il des équipements ?
Pénétration de l'Internet en Afrique : Qu'en est-il des équipements ?Pénétration de l'Internet en Afrique : Qu'en est-il des équipements ?
Pénétration de l'Internet en Afrique : Qu'en est-il des équipements ?Valdes Nzalli
 

Mais conteúdo relacionado

Semelhante a Collaboration Between Infosec Community and CERT Teams

2 s tic-rina-2020-presentatie
2 s tic-rina-2020-presentatie2 s tic-rina-2020-presentatie
2 s tic-rina-2020-presentatieEduard Grasa
 
Umesh nfc login application for mobile devices29th nov
Umesh nfc login application for mobile devices29th novUmesh nfc login application for mobile devices29th nov
Umesh nfc login application for mobile devices29th novUmeshjamce
 
TFI2014 Conference Opening - ISOC Deployment & Operationalization
TFI2014 Conference Opening - ISOC Deployment & OperationalizationTFI2014 Conference Opening - ISOC Deployment & Operationalization
TFI2014 Conference Opening - ISOC Deployment & OperationalizationColorado Internet Society (CO ISOC)
 
Pistoia Alliance Sequence Services Phase 2 Overview
Pistoia Alliance Sequence Services Phase 2 OverviewPistoia Alliance Sequence Services Phase 2 Overview
Pistoia Alliance Sequence Services Phase 2 OverviewPistoia Alliance
 
PITA Working Group Meeting on Cybersecurity: Empowering the community to enha...
PITA Working Group Meeting on Cybersecurity: Empowering the community to enha...PITA Working Group Meeting on Cybersecurity: Empowering the community to enha...
PITA Working Group Meeting on Cybersecurity: Empowering the community to enha...APNIC
 
Solar winds supply chain breach - Insights from the trenches
Solar winds supply chain breach - Insights from the trenchesSolar winds supply chain breach - Insights from the trenches
Solar winds supply chain breach - Insights from the trenchesInfosec
 
The Honeynet Project Introduction
The Honeynet Project IntroductionThe Honeynet Project Introduction
The Honeynet Project IntroductionJulia Yu-Chin Cheng
 
AARC Assurance Profiles for Kantara Initiative
AARC Assurance Profiles for Kantara InitiativeAARC Assurance Profiles for Kantara Initiative
AARC Assurance Profiles for Kantara Initiativekantarainitiative
 
Matteo meucci Software Security - Napoli 10112016
Matteo meucci Software Security - Napoli 10112016Matteo meucci Software Security - Napoli 10112016
Matteo meucci Software Security - Napoli 10112016Minded Security
 
ScadaLab Project
ScadaLab Project ScadaLab Project
ScadaLab Project JMBALBOA
 
stackconf 2021 | First hand experience: How Nextcloud stayed productive durin...
stackconf 2021 | First hand experience: How Nextcloud stayed productive durin...stackconf 2021 | First hand experience: How Nextcloud stayed productive durin...
stackconf 2021 | First hand experience: How Nextcloud stayed productive durin...NETWAYS
 
Getting Started with Splunk Breakout Session
Getting Started with Splunk Breakout SessionGetting Started with Splunk Breakout Session
Getting Started with Splunk Breakout SessionSplunk
 
The Neuroinformatics community in OpenAIRE Connect (Presentation by Sorina Po...
The Neuroinformatics community in OpenAIRE Connect (Presentation by Sorina Po...The Neuroinformatics community in OpenAIRE Connect (Presentation by Sorina Po...
The Neuroinformatics community in OpenAIRE Connect (Presentation by Sorina Po...OpenAIRE
 
ONF Snapshot
ONF SnapshotONF Snapshot
ONF SnapshotUS-Ignite
 
Monitoring indonesia darknets - Revealing the unseen security intrusion
Monitoring indonesia darknets - Revealing the unseen security intrusionMonitoring indonesia darknets - Revealing the unseen security intrusion
Monitoring indonesia darknets - Revealing the unseen security intrusionCharles Lim
 
Great Open Source Compliance For Everyone (Version 3)
Great Open Source Compliance For Everyone (Version 3)Great Open Source Compliance For Everyone (Version 3)
Great Open Source Compliance For Everyone (Version 3)Shane Coughlan
 
Why Johnny Can't Blow the Whistle
Why Johnny Can't Blow the WhistleWhy Johnny Can't Blow the Whistle
Why Johnny Can't Blow the Whistlegregnorc
 

Semelhante a Collaboration Between Infosec Community and CERT Teams (20)

Charles Lim - Honeynet Indonesia Chapter
Charles Lim - Honeynet Indonesia Chapter Charles Lim - Honeynet Indonesia Chapter
Charles Lim - Honeynet Indonesia Chapter
 
ION Belfast - Opening Slides - Chris Grundemann
ION Belfast - Opening Slides - Chris GrundemannION Belfast - Opening Slides - Chris Grundemann
ION Belfast - Opening Slides - Chris Grundemann
 
2 s tic-rina-2020-presentatie
2 s tic-rina-2020-presentatie2 s tic-rina-2020-presentatie
2 s tic-rina-2020-presentatie
 
Umesh nfc login application for mobile devices29th nov
Umesh nfc login application for mobile devices29th novUmesh nfc login application for mobile devices29th nov
Umesh nfc login application for mobile devices29th nov
 
TFI2014 Conference Opening - ISOC Deployment & Operationalization
TFI2014 Conference Opening - ISOC Deployment & OperationalizationTFI2014 Conference Opening - ISOC Deployment & Operationalization
TFI2014 Conference Opening - ISOC Deployment & Operationalization
 
Pistoia Alliance Sequence Services Phase 2 Overview
Pistoia Alliance Sequence Services Phase 2 OverviewPistoia Alliance Sequence Services Phase 2 Overview
Pistoia Alliance Sequence Services Phase 2 Overview
 
PITA Working Group Meeting on Cybersecurity: Empowering the community to enha...
PITA Working Group Meeting on Cybersecurity: Empowering the community to enha...PITA Working Group Meeting on Cybersecurity: Empowering the community to enha...
PITA Working Group Meeting on Cybersecurity: Empowering the community to enha...
 
Solar winds supply chain breach - Insights from the trenches
Solar winds supply chain breach - Insights from the trenchesSolar winds supply chain breach - Insights from the trenches
Solar winds supply chain breach - Insights from the trenches
 
The Honeynet Project Introduction
The Honeynet Project IntroductionThe Honeynet Project Introduction
The Honeynet Project Introduction
 
AARC Assurance Profiles for Kantara Initiative
AARC Assurance Profiles for Kantara InitiativeAARC Assurance Profiles for Kantara Initiative
AARC Assurance Profiles for Kantara Initiative
 
Matteo meucci Software Security - Napoli 10112016
Matteo meucci Software Security - Napoli 10112016Matteo meucci Software Security - Napoli 10112016
Matteo meucci Software Security - Napoli 10112016
 
ScadaLab Project
ScadaLab Project ScadaLab Project
ScadaLab Project
 
stackconf 2021 | First hand experience: How Nextcloud stayed productive durin...
stackconf 2021 | First hand experience: How Nextcloud stayed productive durin...stackconf 2021 | First hand experience: How Nextcloud stayed productive durin...
stackconf 2021 | First hand experience: How Nextcloud stayed productive durin...
 
Getting Started with Splunk Breakout Session
Getting Started with Splunk Breakout SessionGetting Started with Splunk Breakout Session
Getting Started with Splunk Breakout Session
 
The Neuroinformatics community in OpenAIRE Connect (Presentation by Sorina Po...
The Neuroinformatics community in OpenAIRE Connect (Presentation by Sorina Po...The Neuroinformatics community in OpenAIRE Connect (Presentation by Sorina Po...
The Neuroinformatics community in OpenAIRE Connect (Presentation by Sorina Po...
 
ONF Snapshot
ONF SnapshotONF Snapshot
ONF Snapshot
 
EasyBuild State of the Union
EasyBuild State of the UnionEasyBuild State of the Union
EasyBuild State of the Union
 
Monitoring indonesia darknets - Revealing the unseen security intrusion
Monitoring indonesia darknets - Revealing the unseen security intrusionMonitoring indonesia darknets - Revealing the unseen security intrusion
Monitoring indonesia darknets - Revealing the unseen security intrusion
 
Great Open Source Compliance For Everyone (Version 3)
Great Open Source Compliance For Everyone (Version 3)Great Open Source Compliance For Everyone (Version 3)
Great Open Source Compliance For Everyone (Version 3)
 
Why Johnny Can't Blow the Whistle
Why Johnny Can't Blow the WhistleWhy Johnny Can't Blow the Whistle
Why Johnny Can't Blow the Whistle
 

Mais de Valdes Nzalli

Pénétration de l'Internet en Afrique : Qu'en est-il des équipements ?
Pénétration de l'Internet en Afrique : Qu'en est-il des équipements ?Pénétration de l'Internet en Afrique : Qu'en est-il des équipements ?
Pénétration de l'Internet en Afrique : Qu'en est-il des équipements ?Valdes Nzalli
 
Etude Statistique d'un mois de Vulnérabilités en Afrique
Etude Statistique d'un mois de Vulnérabilités en AfriqueEtude Statistique d'un mois de Vulnérabilités en Afrique
Etude Statistique d'un mois de Vulnérabilités en AfriqueValdes Nzalli
 
Internet et Vie Privée Analyse des comportements en Afrique après PRISM
Internet et Vie Privée Analyse des comportements en Afrique après PRISMInternet et Vie Privée Analyse des comportements en Afrique après PRISM
Internet et Vie Privée Analyse des comportements en Afrique après PRISMValdes Nzalli
 
Cam cybersec fgi_reseaux_sociaux_et_securite_version_1.1
Cam cybersec fgi_reseaux_sociaux_et_securite_version_1.1Cam cybersec fgi_reseaux_sociaux_et_securite_version_1.1
Cam cybersec fgi_reseaux_sociaux_et_securite_version_1.1Valdes Nzalli
 
Valdes cyberguerre-barcamp2012
Valdes cyberguerre-barcamp2012Valdes cyberguerre-barcamp2012
Valdes cyberguerre-barcamp2012Valdes Nzalli
 
Valdes securite des application - barcamp2012
Valdes securite des application - barcamp2012Valdes securite des application - barcamp2012
Valdes securite des application - barcamp2012Valdes Nzalli
 
Government can save millions by reforming Security Policy
Government can save millions by reforming Security Policy Government can save millions by reforming Security Policy
Government can save millions by reforming Security Policy Valdes Nzalli
 
Cercle gt f-ssi_white_paper_finale5
Cercle gt f-ssi_white_paper_finale5Cercle gt f-ssi_white_paper_finale5
Cercle gt f-ssi_white_paper_finale5Valdes Nzalli
 
Rapport GEULLIC du 24-04-2011
Rapport GEULLIC du 24-04-2011Rapport GEULLIC du 24-04-2011
Rapport GEULLIC du 24-04-2011Valdes Nzalli
 
Logiciels libres cameroun m1
Logiciels libres cameroun m1Logiciels libres cameroun m1
Logiciels libres cameroun m1Valdes Nzalli
 
Presentation communaute (Cahier de Charg
Presentation communaute (Cahier de ChargPresentation communaute (Cahier de Charg
Presentation communaute (Cahier de ChargValdes Nzalli
 

Mais de Valdes Nzalli (12)

#OpenData DevFest18
#OpenData DevFest18#OpenData DevFest18
#OpenData DevFest18
 
Pénétration de l'Internet en Afrique : Qu'en est-il des équipements ?
Pénétration de l'Internet en Afrique : Qu'en est-il des équipements ?Pénétration de l'Internet en Afrique : Qu'en est-il des équipements ?
Pénétration de l'Internet en Afrique : Qu'en est-il des équipements ?
 
Etude Statistique d'un mois de Vulnérabilités en Afrique
Etude Statistique d'un mois de Vulnérabilités en AfriqueEtude Statistique d'un mois de Vulnérabilités en Afrique
Etude Statistique d'un mois de Vulnérabilités en Afrique
 
Internet et Vie Privée Analyse des comportements en Afrique après PRISM
Internet et Vie Privée Analyse des comportements en Afrique après PRISMInternet et Vie Privée Analyse des comportements en Afrique après PRISM
Internet et Vie Privée Analyse des comportements en Afrique après PRISM
 
Cam cybersec fgi_reseaux_sociaux_et_securite_version_1.1
Cam cybersec fgi_reseaux_sociaux_et_securite_version_1.1Cam cybersec fgi_reseaux_sociaux_et_securite_version_1.1
Cam cybersec fgi_reseaux_sociaux_et_securite_version_1.1
 
Valdes cyberguerre-barcamp2012
Valdes cyberguerre-barcamp2012Valdes cyberguerre-barcamp2012
Valdes cyberguerre-barcamp2012
 
Valdes securite des application - barcamp2012
Valdes securite des application - barcamp2012Valdes securite des application - barcamp2012
Valdes securite des application - barcamp2012
 
Government can save millions by reforming Security Policy
Government can save millions by reforming Security Policy Government can save millions by reforming Security Policy
Government can save millions by reforming Security Policy
 
Cercle gt f-ssi_white_paper_finale5
Cercle gt f-ssi_white_paper_finale5Cercle gt f-ssi_white_paper_finale5
Cercle gt f-ssi_white_paper_finale5
 
Rapport GEULLIC du 24-04-2011
Rapport GEULLIC du 24-04-2011Rapport GEULLIC du 24-04-2011
Rapport GEULLIC du 24-04-2011
 
Logiciels libres cameroun m1
Logiciels libres cameroun m1Logiciels libres cameroun m1
Logiciels libres cameroun m1
 
Presentation communaute (Cahier de Charg
Presentation communaute (Cahier de ChargPresentation communaute (Cahier de Charg
Presentation communaute (Cahier de Charg
 

Último

IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 

Último (20)

IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 

Collaboration Between Infosec Community and CERT Teams

  • 1. Collaboration Between Infosec Community and CERT Teams : Project Sonar case 1
  • 2. Summary 1- Intro 2- A little Flashback 3- Who is the Infosec Community ? 3- What is Project Sonar ? 4- How can it be useful for CERT/CSIRT ? 5- What can be done ? 6- Conclusion 2
  • 3. INTRO ● ● /me { Valdes T. Nzalli | @valdesjo77 Co-Founder & Security Evangelist at Cameroon Cyber Security } Cameroon Cyber Security : { NGO Association, Infosec Workshops, Trainings, Awareness and Share ! | @camcybersec www.camcybersec.cm « Be Secure, Be Safe ! » } 3
  • 4. A LITTLE FLASHBACK Internet Census Map (Carna Botnet) 4
  • 5. Who is the Infosec Community ? ● Infosec Researchers ● Infosec Products Builders / Vendors ● Security Analysts worldwide 5
  • 6. What is Project Sonar ? ● Scanning Public Internet-facing Systems ● Analyse datasets provided by Scans ● Share result and datasets with IT Security Community Datasets Availables : IPv4 TCP banners & UDP probe replies IPv4 Reverse DNS PTR records IPv4 SSL Certificates 6
  • 7. What is Project Sonar ? ● Public Vulnerabilities on UpnP device reveled 7
  • 8. What is Project Sonar ? Serial Console Port Services exposed worldwide 8
  • 9. What is Project Sonar ? OpenSSH servers usage and vulnerabilities frequency in Africa 9
  • 10. How can it be useful for CERT/CSIRT ? 10
  • 11. How can it be useful for CERT/CSIRT ? ● Workforce reduced ● More Specific Awareness Campaign ● ● Improvement of the Global Cybersecurity State Pro-active Incident Response 11
  • 12. What can be done ? ● ● ● ● ● Working together with Infosec Researchers/Products Builders Define standard of communication with Infosec Community Grab Datasets available for « internal » usage Analyse and use this Informations for their customers Also, share their information with Infosec Community to improve global Cybersecurity 12
  • 13. Conclusion Useful Ressources : ● ● ● ● Project Sonar free Datasets https://scans.io/ Internet Census Project http://internetcensus2012.bitbucket.org/ Rapid7 Community : Welcome to Project Sonar https://community.rapid7.com/community/infosec/sonar/blog/2 Additional : Shodan HQ : www.shodanhq.com 13