SlideShare una empresa de Scribd logo

Gildas Deograt - Effective Honeynet in High Grade Security Strategy

Indonesia Honeynet Chapter
Indonesia Honeynet Chapter

This document discusses effective strategies for implementing honeynets in security. It describes different levels of potential attackers from very high to low. It explains how honeynets can be used to identify unauthorized and potentially malicious authorized users by separating production systems from external honeynet systems. The document also lists requirements for a high grade security strategy using integrated tools like honeynets, honeypots, honeytokens, network intrusion detection systems, and security information and event management.

TecnologíaEducación
1 de 9
Descargar para leer sin conexión
XECUREIT.COM “Your Security, Our Passion” Consultancy Assurance Research Education Effective Honeynet in High Grade Security Strategy "Feeling secure is dangerous. It makes us complacent." "Rasa aman berbahaya. Rasa aman membuat kita lengah." Gildas Deograt Lumy, CISA, CISSP, ISO27001 LA Chief Technology Officer gildas@xecureit.com
Effective HoneynetPage 2 XECUREIT.COM Example
Effective HoneynetPage 3 XECUREIT.COM Enemy Level  Very High ● Government grade attacker ● “Unlimited” resources, “lawful”  High ● High level of expertise, using advance in-house developed tools, budget <USD 1 Million ● Authorized users both consciously and as victims of social engineering  Medium ● Have expertise, using public or customized tools, budget <USD100,000 ● Known Attacker, such as employees, contractors, partners or customers both consciously and as victims of social engineering  Low / Very Low ● Script kiddies, new born attacker, using public tools, budget <USD10,000 ● Unknown Attacker (Public)
Effective HoneynetPage 4 XECUREIT.COM Easy to know your enemy ;) (Production) group_server1.organisasi.id group_server2.organisasi.id (External Honeynet)
Effective HoneynetPage 5 XECUREIT.COM How to know the malicious authorized user? (Production) group_server1.organisasi.id group_server2.organisasi.id (External Honeynet)
Effective HoneynetPage 6 XECUREIT.COM Easy to know the “potential” malicious authorized users (Production) group_server1.organisasi.id group_server2.organisasi.id (External Honeynet)
Effective HoneynetPage 7 XECUREIT.COM Easy to know the malicious authorized users (Production) group_server1.organisasi.id group_server2.organisasi.id (External Honeynet)
Effective HoneynetPage 8 XECUREIT.COM Requirements  High Grade Security Strategy ● Appropriate information security classification. ● Balance prevention and detection mechanism. ● Effective systems “separation of duties”. ● Clear understanding of information security policies and procedures (Do’s and Dont’s).  Integrated Tools ● Honeynet, Honeypot & Honeytoken ● Network-based IDS ● SIEM
XECUREIT.COM “Your Security, Our Passion” Consultancy Assurance Research Education TERIMAKASIH THANK YOU "Feeling secure is dangerous. It makes us complacent." "Rasa aman berbahaya. Rasa aman membuat kita lengah." Gildas Deograt Lumy, CISA, CISSP, ISO27001 LA Chief Technology Officer gildas@xecureit.com

Recomendados

Cyber crime’s
Cyber crime’sCyber crime’s
Cyber crime’sReeshabh Chaudhary
 
Dos threats and countermeasures
Dos threats and countermeasuresDos threats and countermeasures
Dos threats and countermeasuresn|u - The Open Security Community
 
Security from the Start: Optimizing Your Acquia Experience with Acquia Cloud...
Security from the Start: Optimizing Your Acquia Experience with Acquia Cloud... Security from the Start: Optimizing Your Acquia Experience with Acquia Cloud...
Security from the Start: Optimizing Your Acquia Experience with Acquia Cloud...Rachel Wandishin
 
Cyber Security Management in a Highly Innovative World
Cyber Security Management in a Highly Innovative WorldCyber Security Management in a Highly Innovative World
Cyber Security Management in a Highly Innovative WorldSafeNet
 
Application security meetup 27012021
Application security meetup 27012021Application security meetup 27012021
Application security meetup 27012021lior mazor
 
Information security - what is going on 2016
Information security - what is going on 2016Information security - what is going on 2016
Information security - what is going on 2016Tomppa Järvinen
 
Ethical hacking: Safeguarding your digital world.
Ethical hacking: Safeguarding your digital world.Ethical hacking: Safeguarding your digital world.
Ethical hacking: Safeguarding your digital world.Cetpa Infotech
 
Adversary Playbook Tactical Assessment of Protection Techniques
Adversary Playbook Tactical Assessment of Protection TechniquesAdversary Playbook Tactical Assessment of Protection Techniques
Adversary Playbook Tactical Assessment of Protection TechniquesJustin Berman
 

Recomendados

Cyber crime’s
Cyber crime’sCyber crime’s
Cyber crime’sReeshabh Chaudhary
 
Dos threats and countermeasures
Dos threats and countermeasuresDos threats and countermeasures
Dos threats and countermeasuresn|u - The Open Security Community
 
Security from the Start: Optimizing Your Acquia Experience with Acquia Cloud...
Security from the Start: Optimizing Your Acquia Experience with Acquia Cloud... Security from the Start: Optimizing Your Acquia Experience with Acquia Cloud...
Security from the Start: Optimizing Your Acquia Experience with Acquia Cloud...Rachel Wandishin
 
Cyber Security Management in a Highly Innovative World
Cyber Security Management in a Highly Innovative WorldCyber Security Management in a Highly Innovative World
Cyber Security Management in a Highly Innovative WorldSafeNet
 
Application security meetup 27012021
Application security meetup 27012021Application security meetup 27012021
Application security meetup 27012021lior mazor
 
Information security - what is going on 2016
Information security - what is going on 2016Information security - what is going on 2016
Information security - what is going on 2016Tomppa Järvinen
 
Ethical hacking: Safeguarding your digital world.
Ethical hacking: Safeguarding your digital world.Ethical hacking: Safeguarding your digital world.
Ethical hacking: Safeguarding your digital world.Cetpa Infotech
 
Adversary Playbook Tactical Assessment of Protection Techniques
Adversary Playbook Tactical Assessment of Protection TechniquesAdversary Playbook Tactical Assessment of Protection Techniques
Adversary Playbook Tactical Assessment of Protection TechniquesJustin Berman
 
CyberSecurity Study Jam
CyberSecurity Study JamCyberSecurity Study Jam
CyberSecurity Study JamSahilSingh368445
 
Cyber_Security_Issues_and_Challenges.pptx
Cyber_Security_Issues_and_Challenges.pptxCyber_Security_Issues_and_Challenges.pptx
Cyber_Security_Issues_and_Challenges.pptxGracePeter10
 
Insider Threat Solution from GTRI
Insider Threat Solution from GTRIInsider Threat Solution from GTRI
Insider Threat Solution from GTRIZivaro Inc
 
Security by Design: An Introduction to Drupal Security
Security by Design: An Introduction to Drupal SecuritySecurity by Design: An Introduction to Drupal Security
Security by Design: An Introduction to Drupal SecurityTara Arnold
 
Security by design: An Introduction to Drupal Security
Security by design: An Introduction to Drupal SecuritySecurity by design: An Introduction to Drupal Security
Security by design: An Introduction to Drupal SecurityMediacurrent
 
2013 12 18 webcast - building the privileged identity management business case
2013 12 18 webcast - building the privileged identity management business case2013 12 18 webcast - building the privileged identity management business case
2013 12 18 webcast - building the privileged identity management business casepmcbrideva1
 
Cyber intelligence-services
Cyber intelligence-servicesCyber intelligence-services
Cyber intelligence-servicesCyber 51 LLC
 
Insomnihack 2018 - Securing Internal Resources Through Tiered Access
Insomnihack 2018 - Securing Internal Resources Through Tiered AccessInsomnihack 2018 - Securing Internal Resources Through Tiered Access
Insomnihack 2018 - Securing Internal Resources Through Tiered AccessJoel M. Leo
 
Staying Safe and Secure Online
Staying Safe and Secure OnlineStaying Safe and Secure Online
Staying Safe and Secure Onlineevolutionaryit
 
Insight live om It-sikkerhed- Peter Schjøtt
Insight live om It-sikkerhed- Peter SchjøttInsight live om It-sikkerhed- Peter Schjøtt
Insight live om It-sikkerhed- Peter SchjøttMediehuset Ingeniøren Live
 
Advanced Persistent Threat - Evaluating Effective Responses
Advanced Persistent Threat - Evaluating Effective ResponsesAdvanced Persistent Threat - Evaluating Effective Responses
Advanced Persistent Threat - Evaluating Effective ResponsesNetIQ
 
Detect & Remediate Malware & Advanced Targeted Attacks
Detect & Remediate Malware & Advanced Targeted AttacksDetect & Remediate Malware & Advanced Targeted Attacks
Detect & Remediate Malware & Advanced Targeted AttacksImperva
 
Data Security for MSME
Data Security for MSMEData Security for MSME
Data Security for MSMEDeepak Gupta
 
apidays LIVE Paris 2021 - How password managers are built for Privacy and Sec...
apidays LIVE Paris 2021 - How password managers are built for Privacy and Sec...apidays LIVE Paris 2021 - How password managers are built for Privacy and Sec...
apidays LIVE Paris 2021 - How password managers are built for Privacy and Sec...apidays
 
Defcamp 2013 - Does it pay to be a blackhat hacker
Defcamp 2013 - Does it pay to be a blackhat hackerDefcamp 2013 - Does it pay to be a blackhat hacker
Defcamp 2013 - Does it pay to be a blackhat hackerDefCamp
 
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hackerDan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hackerDan Vasile
 
Retail security-services--client-presentation
Retail security-services--client-presentationRetail security-services--client-presentation
Retail security-services--client-presentationJoseph Schorr
 
Application Security by Ethical Hackers
Application Security by Ethical HackersApplication Security by Ethical Hackers
Application Security by Ethical HackersEntersoft
 
Security by default - Building continuous cyber-resilience.
Security by default - Building continuous cyber-resilience.Security by default - Building continuous cyber-resilience.
Security by default - Building continuous cyber-resilience.Thoughtworks
 
The Future of Cyber Security - Matthew Rosenquist
The Future of Cyber Security - Matthew RosenquistThe Future of Cyber Security - Matthew Rosenquist
The Future of Cyber Security - Matthew RosenquistMatthew Rosenquist
 
Charles Lim - Honeynet Indonesia Chapter
Charles Lim - Honeynet Indonesia Chapter Charles Lim - Honeynet Indonesia Chapter
Charles Lim - Honeynet Indonesia Chapter Indonesia Honeynet Chapter
 
Lukas - Ancaman E-Health Security
Lukas - Ancaman E-Health SecurityLukas - Ancaman E-Health Security
Lukas - Ancaman E-Health SecurityIndonesia Honeynet Chapter
 

Más contenido relacionado

Similar a Gildas Deograt - Effective Honeynet in High Grade Security Strategy

Cyber_Security_Issues_and_Challenges.pptx
Cyber_Security_Issues_and_Challenges.pptxCyber_Security_Issues_and_Challenges.pptx
Cyber_Security_Issues_and_Challenges.pptxGracePeter10
 
Insider Threat Solution from GTRI
Insider Threat Solution from GTRIInsider Threat Solution from GTRI
Insider Threat Solution from GTRIZivaro Inc
 
Security by Design: An Introduction to Drupal Security
Security by Design: An Introduction to Drupal SecuritySecurity by Design: An Introduction to Drupal Security
Security by Design: An Introduction to Drupal SecurityTara Arnold
 
Security by design: An Introduction to Drupal Security
Security by design: An Introduction to Drupal SecuritySecurity by design: An Introduction to Drupal Security
Security by design: An Introduction to Drupal SecurityMediacurrent
 
2013 12 18 webcast - building the privileged identity management business case
2013 12 18 webcast - building the privileged identity management business case2013 12 18 webcast - building the privileged identity management business case
2013 12 18 webcast - building the privileged identity management business casepmcbrideva1
 
Cyber intelligence-services
Cyber intelligence-servicesCyber intelligence-services
Cyber intelligence-servicesCyber 51 LLC
 
Insomnihack 2018 - Securing Internal Resources Through Tiered Access
Insomnihack 2018 - Securing Internal Resources Through Tiered AccessInsomnihack 2018 - Securing Internal Resources Through Tiered Access
Insomnihack 2018 - Securing Internal Resources Through Tiered AccessJoel M. Leo
 
Staying Safe and Secure Online
Staying Safe and Secure OnlineStaying Safe and Secure Online
Staying Safe and Secure Onlineevolutionaryit
 
Advanced Persistent Threat - Evaluating Effective Responses
Advanced Persistent Threat - Evaluating Effective ResponsesAdvanced Persistent Threat - Evaluating Effective Responses
Advanced Persistent Threat - Evaluating Effective ResponsesNetIQ
 
Detect & Remediate Malware & Advanced Targeted Attacks
Detect & Remediate Malware & Advanced Targeted AttacksDetect & Remediate Malware & Advanced Targeted Attacks
Detect & Remediate Malware & Advanced Targeted AttacksImperva
 
Data Security for MSME
Data Security for MSMEData Security for MSME
Data Security for MSMEDeepak Gupta
 
apidays LIVE Paris 2021 - How password managers are built for Privacy and Sec...
apidays LIVE Paris 2021 - How password managers are built for Privacy and Sec...apidays LIVE Paris 2021 - How password managers are built for Privacy and Sec...
apidays LIVE Paris 2021 - How password managers are built for Privacy and Sec...apidays
 
Defcamp 2013 - Does it pay to be a blackhat hacker
Defcamp 2013 - Does it pay to be a blackhat hackerDefcamp 2013 - Does it pay to be a blackhat hacker
Defcamp 2013 - Does it pay to be a blackhat hackerDefCamp
 
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hackerDan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hackerDan Vasile
 
Retail security-services--client-presentation
Retail security-services--client-presentationRetail security-services--client-presentation
Retail security-services--client-presentationJoseph Schorr
 
Application Security by Ethical Hackers
Application Security by Ethical HackersApplication Security by Ethical Hackers
Application Security by Ethical HackersEntersoft
 
Security by default - Building continuous cyber-resilience.
Security by default - Building continuous cyber-resilience.Security by default - Building continuous cyber-resilience.
Security by default - Building continuous cyber-resilience.Thoughtworks
 
The Future of Cyber Security - Matthew Rosenquist
The Future of Cyber Security - Matthew RosenquistThe Future of Cyber Security - Matthew Rosenquist
The Future of Cyber Security - Matthew RosenquistMatthew Rosenquist
 

Similar a Gildas Deograt - Effective Honeynet in High Grade Security Strategy (20)

CyberSecurity Study Jam
CyberSecurity Study JamCyberSecurity Study Jam
CyberSecurity Study Jam
 
Cyber_Security_Issues_and_Challenges.pptx
Cyber_Security_Issues_and_Challenges.pptxCyber_Security_Issues_and_Challenges.pptx
Cyber_Security_Issues_and_Challenges.pptx
 
Insider Threat Solution from GTRI
Insider Threat Solution from GTRIInsider Threat Solution from GTRI
Insider Threat Solution from GTRI
 
Security by Design: An Introduction to Drupal Security
Security by Design: An Introduction to Drupal SecuritySecurity by Design: An Introduction to Drupal Security
Security by Design: An Introduction to Drupal Security
 
Security by design: An Introduction to Drupal Security
Security by design: An Introduction to Drupal SecuritySecurity by design: An Introduction to Drupal Security
Security by design: An Introduction to Drupal Security
 
2013 12 18 webcast - building the privileged identity management business case
2013 12 18 webcast - building the privileged identity management business case2013 12 18 webcast - building the privileged identity management business case
2013 12 18 webcast - building the privileged identity management business case
 
Cyber intelligence-services
Cyber intelligence-servicesCyber intelligence-services
Cyber intelligence-services
 
Insomnihack 2018 - Securing Internal Resources Through Tiered Access
Insomnihack 2018 - Securing Internal Resources Through Tiered AccessInsomnihack 2018 - Securing Internal Resources Through Tiered Access
Insomnihack 2018 - Securing Internal Resources Through Tiered Access
 
Staying Safe and Secure Online
Staying Safe and Secure OnlineStaying Safe and Secure Online
Staying Safe and Secure Online
 
Insight live om It-sikkerhed- Peter Schjøtt
Insight live om It-sikkerhed- Peter SchjøttInsight live om It-sikkerhed- Peter Schjøtt
Insight live om It-sikkerhed- Peter Schjøtt
 
Advanced Persistent Threat - Evaluating Effective Responses
Advanced Persistent Threat - Evaluating Effective ResponsesAdvanced Persistent Threat - Evaluating Effective Responses
Advanced Persistent Threat - Evaluating Effective Responses
 
Detect & Remediate Malware & Advanced Targeted Attacks
Detect & Remediate Malware & Advanced Targeted AttacksDetect & Remediate Malware & Advanced Targeted Attacks
Detect & Remediate Malware & Advanced Targeted Attacks
 
Data Security for MSME
Data Security for MSMEData Security for MSME
Data Security for MSME
 
apidays LIVE Paris 2021 - How password managers are built for Privacy and Sec...
apidays LIVE Paris 2021 - How password managers are built for Privacy and Sec...apidays LIVE Paris 2021 - How password managers are built for Privacy and Sec...
apidays LIVE Paris 2021 - How password managers are built for Privacy and Sec...
 
Defcamp 2013 - Does it pay to be a blackhat hacker
Defcamp 2013 - Does it pay to be a blackhat hackerDefcamp 2013 - Does it pay to be a blackhat hacker
Defcamp 2013 - Does it pay to be a blackhat hacker
 
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hackerDan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
 
Retail security-services--client-presentation
Retail security-services--client-presentationRetail security-services--client-presentation
Retail security-services--client-presentation
 
Application Security by Ethical Hackers
Application Security by Ethical HackersApplication Security by Ethical Hackers
Application Security by Ethical Hackers
 
Security by default - Building continuous cyber-resilience.
Security by default - Building continuous cyber-resilience.Security by default - Building continuous cyber-resilience.
Security by default - Building continuous cyber-resilience.
 
The Future of Cyber Security - Matthew Rosenquist
The Future of Cyber Security - Matthew RosenquistThe Future of Cyber Security - Matthew Rosenquist
The Future of Cyber Security - Matthew Rosenquist
 

Más de Indonesia Honeynet Chapter

I.G.N. Mantra - Mobile Security, Mobile Malware,and Countermeasure
I.G.N. Mantra - Mobile Security, Mobile Malware,and CountermeasureI.G.N. Mantra - Mobile Security, Mobile Malware,and Countermeasure
I.G.N. Mantra - Mobile Security, Mobile Malware,and CountermeasureIndonesia Honeynet Chapter
 
Ahmad Alkazimy - Indonesia Malware Incident Updates
Ahmad Alkazimy - Indonesia Malware Incident UpdatesAhmad Alkazimy - Indonesia Malware Incident Updates
Ahmad Alkazimy - Indonesia Malware Incident UpdatesIndonesia Honeynet Chapter
 

Más de Indonesia Honeynet Chapter (8)

Charles Lim - Honeynet Indonesia Chapter
Charles Lim - Honeynet Indonesia Chapter Charles Lim - Honeynet Indonesia Chapter
Charles Lim - Honeynet Indonesia Chapter
 
Lukas - Ancaman E-Health Security
Lukas - Ancaman E-Health SecurityLukas - Ancaman E-Health Security
Lukas - Ancaman E-Health Security
 
Karunia Wijaya - Proactive Incident Handling
Karunia Wijaya - Proactive Incident HandlingKarunia Wijaya - Proactive Incident Handling
Karunia Wijaya - Proactive Incident Handling
 
Iwan Sumantri - Cyber Threat Indonesia 2013
Iwan Sumantri - Cyber Threat Indonesia 2013Iwan Sumantri - Cyber Threat Indonesia 2013
Iwan Sumantri - Cyber Threat Indonesia 2013
 
I.G.N. Mantra - Mobile Security, Mobile Malware,and Countermeasure
I.G.N. Mantra - Mobile Security, Mobile Malware,and CountermeasureI.G.N. Mantra - Mobile Security, Mobile Malware,and Countermeasure
I.G.N. Mantra - Mobile Security, Mobile Malware,and Countermeasure
 
Hogan Kusnadi - Cloud Computing Secutity
Hogan Kusnadi - Cloud Computing SecutityHogan Kusnadi - Cloud Computing Secutity
Hogan Kusnadi - Cloud Computing Secutity
 
Amien Harisen - APT1 Attack
Amien Harisen - APT1 AttackAmien Harisen - APT1 Attack
Amien Harisen - APT1 Attack
 
Ahmad Alkazimy - Indonesia Malware Incident Updates
Ahmad Alkazimy - Indonesia Malware Incident UpdatesAhmad Alkazimy - Indonesia Malware Incident Updates
Ahmad Alkazimy - Indonesia Malware Incident Updates
 

Último

DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 

Último (20)

DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 

Gildas Deograt - Effective Honeynet in High Grade Security Strategy

  • 1. XECUREIT.COM “Your Security, Our Passion” Consultancy Assurance Research Education Effective Honeynet in High Grade Security Strategy "Feeling secure is dangerous. It makes us complacent." "Rasa aman berbahaya. Rasa aman membuat kita lengah." Gildas Deograt Lumy, CISA, CISSP, ISO27001 LA Chief Technology Officer gildas@xecureit.com
  • 2. Effective HoneynetPage 2 XECUREIT.COM Example
  • 3. Effective HoneynetPage 3 XECUREIT.COM Enemy Level  Very High ● Government grade attacker ● “Unlimited” resources, “lawful”  High ● High level of expertise, using advance in-house developed tools, budget <USD 1 Million ● Authorized users both consciously and as victims of social engineering  Medium ● Have expertise, using public or customized tools, budget <USD100,000 ● Known Attacker, such as employees, contractors, partners or customers both consciously and as victims of social engineering  Low / Very Low ● Script kiddies, new born attacker, using public tools, budget <USD10,000 ● Unknown Attacker (Public)
  • 4. Effective HoneynetPage 4 XECUREIT.COM Easy to know your enemy ;) (Production) group_server1.organisasi.id group_server2.organisasi.id (External Honeynet)
  • 5. Effective HoneynetPage 5 XECUREIT.COM How to know the malicious authorized user? (Production) group_server1.organisasi.id group_server2.organisasi.id (External Honeynet)
  • 6. Effective HoneynetPage 6 XECUREIT.COM Easy to know the “potential” malicious authorized users (Production) group_server1.organisasi.id group_server2.organisasi.id (External Honeynet)
  • 7. Effective HoneynetPage 7 XECUREIT.COM Easy to know the malicious authorized users (Production) group_server1.organisasi.id group_server2.organisasi.id (External Honeynet)
  • 8. Effective HoneynetPage 8 XECUREIT.COM Requirements  High Grade Security Strategy ● Appropriate information security classification. ● Balance prevention and detection mechanism. ● Effective systems “separation of duties”. ● Clear understanding of information security policies and procedures (Do’s and Dont’s).  Integrated Tools ● Honeynet, Honeypot & Honeytoken ● Network-based IDS ● SIEM
  • 9. XECUREIT.COM “Your Security, Our Passion” Consultancy Assurance Research Education TERIMAKASIH THANK YOU "Feeling secure is dangerous. It makes us complacent." "Rasa aman berbahaya. Rasa aman membuat kita lengah." Gildas Deograt Lumy, CISA, CISSP, ISO27001 LA Chief Technology Officer gildas@xecureit.com