Tag Archives: DefCamp #7

DefCamp #7 – International Hacking & Information Security Conference

Authors: Cristina NICADaniel BARBU

Published: IJISC – International Journal of Information Security and Cybercrime Volume 5, Issue 2, Year 2016

DefCamp, one of the most important conferences of Hacking & Information Security from Central and Eastern Europe has reached its Seventh edition this year. Held in Bucharest, on the 10th and 11th of November 2016, it brought together over 1100 attendees from 35 countries (according to organizer, CCSIR – Cyber Security Research Center from Romania). Read more…

Source: IJISC – International Journal of Information Security and Cybercrime Volume 5, Issue 2, Year 2016

Image source

Advertisements

Leave a comment

Filed under Articles, Event Review, General, InfoSec, Recommendations

[Recommended] DefCamp 2016 – Official Overview

Source: DefCamp YouTube

Leave a comment

Filed under Conference, Events, InfoSec, Talks

[Recommended] DefCamp#7 Archives

Source: DefCamp #7 Archives 

Leave a comment

Filed under Conference, Talks

DefCamp 2016 – THREAT INTELLIGENCE! DIY!

Source: DefCamp Archives

Threat Intelligence! It’s a hot topic in information security news, and right now, you’ve probably got several vendors trying to sell you their latest and greatest solution. Whether you purchase intel from companies like Crowdstrike or you leverage open source threat lists, you end up with millions of IoCs that are not relevant for your environment or organization. However, in an effort to migrate from Security Operations Centers to Security Intelligence Centers, threat intelligence represents a critical aspect of a proactive approach towards tackling actors in the current information security landscape.

What if you could generate high-value threat indicators that were directly applicable to your organization, without dishing out any extra money? What if you could generate all those indicators using only what you already had in place at your organization? And finally, what if setting up this whole process only took you about a day to complete?

This talk will describe how to use IDS data ingested into Splunk to generate high-integrity threat intelligence. We will then discuss how to correlate those indicators with connection logs to identify communications with those actors who have previously attacked your systems. Finally we will discuss how to generate historical profiles about each actor in order to better understand the evolution of their techniques, tactics and procedures and how to automagically store those indicators to generate threat activity alerts in the future. As a bonus, we will show you how to build an eye-catching intelligence report for management.

Leave a comment

Filed under Conference, Events, InfoSec, Talks