Source: DefCamp YouTube
Source: DefCamp Archives
Threat Intelligence! It’s a hot topic in information security news, and right now, you’ve probably got several vendors trying to sell you their latest and greatest solution. Whether you purchase intel from companies like Crowdstrike or you leverage open source threat lists, you end up with millions of IoCs that are not relevant for your environment or organization. However, in an effort to migrate from Security Operations Centers to Security Intelligence Centers, threat intelligence represents a critical aspect of a proactive approach towards tackling actors in the current information security landscape.
What if you could generate high-value threat indicators that were directly applicable to your organization, without dishing out any extra money? What if you could generate all those indicators using only what you already had in place at your organization? And finally, what if setting up this whole process only took you about a day to complete?
This talk will describe how to use IDS data ingested into Splunk to generate high-integrity threat intelligence. We will then discuss how to correlate those indicators with connection logs to identify communications with those actors who have previously attacked your systems. Finally we will discuss how to generate historical profiles about each actor in order to better understand the evolution of their techniques, tactics and procedures and how to automagically store those indicators to generate threat activity alerts in the future. As a bonus, we will show you how to build an eye-catching intelligence report for management.
Because it’s the most important conference on Hacking & Information Security in Central Eastern Europe, bringing hands-on talks about the latest research and practices from the INFOSEC field. Since 2011 is gathering under the same roof decision makers, security specialists, entrepreneurs and developers.
OWASP Bucharest AppSec Conference 2016 – October 6th
“OWASP Bucharest team is happy to announce the OWASP Bucharest AppSec Conference 2016 a one day Security and Hacking Conference dedicated to the application security. It will take place on 6th of October, 2016 – Bucharest, Romania.
The objective of the OWASP’s Bucharest AppSec Conference is to raise awareness about application security and to bring high-quality security content provided by renowned professionals in the European region. Everyone is free to participate in OWASP and all our materials are available under a free and open software license.
Who Should Attend?