SlideShare una empresa de Scribd logo

8 Ocak 2015 SOME Etkinligi - BGA Cyber Security Incident Response Team

BGA Cyber Security
BGA Cyber Security

8 Ocak 2015 tarihinde gerçekleştirilen Kurumsal SOME Yönetimi Ve Proaktif Güvenlik Çözümleri Etkinliği'ne ait sunumlardır.

Tecnología
1 de 30
Descargar para leer sin conexión
CYBER  SECURITY   INCIDENT  RESPONSE   TEAM BY  BGA  INFORMATION  SECURITY  &  CONSULTING   BGA  INFORMATION  SECURITY  &  CONSULTING  
About  me   Candan  BÖLÜKBAŞ   •       about.me/bolukbas   •       METU  Computer  Eng.     •       CCNA,  CCNP,  CEH,  ITIL,  MCP   •       Enterprise  Security  Services  Manager   •       7-­‐year  .Net  &  Obj-­‐C  Developer     •       T.C.  Cumhurbaşkanlığı  Network  &  Security  Admin   •       candan.bolukbas@bga.com.tr   •       @candanbolukbas   BGA  INFORMATION  SECURITY  &  CONSULTING  
Agenda •       IntroducYon   •       Cyber  AZack  in  the  world   •       CSIRT  staYsYcs  from  USA  &  UK   •       CSIRT  efficiency  measurement   •       Best  PracYces  for  CreaYng  a  CSIRT   •       Conclusion  &  RecommendaYon   •       QuesYons   BGA  INFORMATION  SECURITY  &  CONSULTING  
Challenges  that  today’s  security   organizaEons  have  to  deal  with: Malware  campaigns  launched  by  organized  criminal  groups  who  look  to   steal  informaYon  that  can  be  sold  on  the  black  market   Increasingly  powerful  distributed  denial-­‐of-­‐service  (DDoS)  aZacks  that   can  take  out  large  websites   State-­‐sponsored  espionage  that  can  penetrate  even  well-­‐defended   networks.   BGA  INFORMATION  SECURITY  &  CONSULTING  
As  aIacks  have  become  more  sophisEcated,  the   need  for  Computer  Security  Incident  Response   Teams  (CSIRTs)  has  grown. Botnets   Distributed  denial-­‐of-­‐ service  (DDoS)  aZacks   Insider  threats   Advanced  persistent   threats  (APTs).   CSIRT   BGA  INFORMATION  SECURITY  &  CONSULTING  
BGA  INFORMATION  SECURITY  &  CONSULTING  
BGA  INFORMATION  SECURITY  &  CONSULTING  
BGA  INFORMATION  SECURITY  &  CONSULTING  
What  Are  the  QuesEons? •     What  are  the  basic  requirements  for  establishing  a  CSIRT?   •     What  type  of  CSIRT  will  be  needed?   •     What  type  of  services  should  be  offered?   •     How  big  should  the  CSIRT  be?   •     Where  should  the  CSIRT  be  located  in  the  organizaYon?   •     How  much  will  it  cost  to  implement  and  support  a  team?   •     What  are  the  iniYal  steps  to  follow  to  create  a  CSIRT?   BGA  INFORMATION  SECURITY  &  CONSULTING  
What  Are  Some  Best  PracEces  for   CreaEng  a  CSIRT? • Obtain  management  support  and  buy-­‐in  Step  #1   • Determine  the  CSIRT  strategic  plan  Step  #2   • Gather  relevant  informaYon  Step  #3   • Design  the  CSIRT  vision  Step  #4   • Communicate  the  CSIRT  vision  and  operaYonal  plan  Step  #5   • Begin  CSIRT  implementaYon  Step  #6   • Announce  the  operaYonal  CSIRT  Step  #7   • Evaluate  CSIRT  effecYveness  Step  #8   BGA  INFORMATION  SECURITY  &  CONSULTING  
Step  1:  Obtain  Management  Support  and   Buy-­‐In •       ExecuYve  and  business  or  department  managers  and  their  staffs  commiong  Yme  to  parYcipate  in   this  planning  process;  their  input  is  essenYal  during  the  design  effort.   •       Along  with  obtaining  management  support  for  the  planning  and     implementaYon  process,  it  is  equally  important  to  get  management     commitment  to  sustain  CSIRT  operaYons  and  authority  for  the  long  term.   •       It  is  important  to  elicit  management's  expectaYons  and  percepYons  of     the  CSIRT's  funcYon  and  responsibiliYes.   BGA  INFORMATION  SECURITY  &  CONSULTING  
BGA  INFORMATION  SECURITY  &  CONSULTING  
1%   2%   5%   11%   31%   50%   What  percentage  of  your  organiza8on’s  security  budget  is  allocated  to  incident   response?   More  than  50%   41%  to  50%   31%  to  40%   21%  to  30%   10%  to  20%   Less  than  10%   BGA  INFORMATION  SECURITY  &  CONSULTING  
Step  2:  Determine  the  CSIRT   Development  Strategic  Plan •       Are  there  specific  Yme  frames  to  be  met?  Are  they  realisYc,  and  if  not,  can  they  be  changed?   •       Is  there  a  project  group?  Where  do  the  group  members  come  from?  You  want  to     ensure  that  all  stakeholders  are  represented.   •       How  do  you  let  the  organizaYon  know  about  the  development  of  the  CSIRT?   •       If  you  have  a  project  team,  how  do  you  record  and  communicate  the     informaYon  you  are  collecYng,  especially  if  the  team  is  geographically  dispersed?   BGA  INFORMATION  SECURITY  &  CONSULTING  
Step  3:  Gather  Relevant  InformaEon The  stakeholders  could  include  but  are  not  limited  to:   • Business  managers   • RepresentaYves  from  IT   • RepresentaYves  from  the  legal  department   • RepresentaYves  from  human  resources   • RepresentaYves  from  public  relaYons   • Any  exisYng  security  groups,  including  physical  security   • Audit  and  risk  management  specialists   • General  representaYves  from  the  consYtuency   BGA  INFORMATION  SECURITY  &  CONSULTING  
Step  4:  Design  Your  CSIRT  Vision BGA  INFORMATION  SECURITY  &  CONSULTING   In  creaYng  your  vision,  you  should  idenYfy  your  consYtuency   •  Who  does  the  CSIRT  support  and  serve?   •  Define  your  CSIRT  mission,  goals,  and  objecYves.  What  does  the  CSIRT  do  for  the  idenYfied   consYtuency?   •  Select  the  CSIRT  services  to  provide  to  the  consYtuency  (or  others).  How  does  the  CSIRT   support  its  mission?   •  Determine  the  organizaYonal  model.  How  is  the  CSIRT  structured  and  organized?   •  IdenYfy  required  resources.  What  staff,  equipment,  and  infrastructure     are  needed  to  operate  the  CSIRT?   •  Determine  your  CSIRT  funding.  How  is  the  CSIRT  funded  for  its  iniYal     startup  and  its  long-­‐term  maintenance  and  growth?  
Step  5:  Communicate  the  CSIRT  Vision •       Communicate  the  CSIRT  vision  and  operaYonal  plan  to  management,   your  consYtuency,  and  others  who  need  to  know  and  understand  its   operaYons.     •       Make  adjustments  to  the  plan  based  on  their  feedback.     •       CommunicaYng  your  vision  in  advance  can  help  idenYfy     process  or  organizaYonal  problems  before  implementaYon.     •       It  is  a  way  to  let  people  know  what  is  coming  and  allow  them  to   provide  input  into  CSIRT  development.  This  is  a  way  to  begin  markeYng   the  CSIRT  to  the  consYtuency  and  gaining  the  needed  buy-­‐in  from  all   organizaYonal  levels.   BGA  INFORMATION  SECURITY  &  CONSULTING  
Step  6:  Begin  CSIRT  ImplementaEon Once  management  and  consYtuency  buy-­‐in  is  obtained  for  the  vision,   begin  the  implementaYon:   • Hire  and  train  iniYal  CSIRT  staff.   • Buy  equipment  and  build  any  necessary  network  infrastructure     to  support  the  team.   • Develop  the  iniYal  set  of  CSIRT  policies  and  procedures  to     support  your  services.   • Define  the  specificaYons  for  and  build  your  incident-­‐tracking     system.   • Develop  incident-­‐reporYng  guidelines  and  forms  for  your  consYtuency.   BGA  INFORMATION  SECURITY  &  CONSULTING  
45%   28%   14%   11%   2%   0%   5%   10%   15%   20%   25%   30%   35%   40%   45%   50%   0   1   2-­‐5   5-­‐10   10+   How  many  team  members  are  fully  dedicated  to  CSIRT?   BGA  INFORMATION  SECURITY  &  CONSULTING  
Step  7:  Announce  the  CSIRT •       When  the  CSIRT  is  operaYonal,  announce  it  broadly  to  the   consYtuency  or  parent  organizaYon.   •       Include  the  contact  informaYon  and  hours  of  operaYon  for  the   CSIRT  in  the  announcement.     •       You  may  also  want  to  develop  informaYon  to  publicize  the  CSIRT,   such  as  a  simple  flyer  or  brochure  outlining  the  CSIRT  mission  and   services.   BGA  INFORMATION  SECURITY  &  CONSULTING  
Step  8:  Evaluate  the  EffecEveness  of  the   CSIRT InformaYon  on  effecYveness  can  be  gathered  through  a  variety  of   feedback  mechanisms,  including:     • Benchmarking  against  other  CSIRTs   • General  discussions  with  consYtuency  representaYves   • EvaluaYon  surveys  distributed  to  consYtuency  members  on  a     periodic  basis   • CreaYon  of  a  set  of  criteria  or  quality  parameters   • Compare  with  ExpectaYons  for  Computer  Security     Incident  Response  (RFC  2350)   • Remember  that  PaYence  Can  Be  a  Key!   BGA  INFORMATION  SECURITY  &  CONSULTING  
How  long  it  takes  to  respond  Approximate  average  MTTI,  MTTK,  MTTF  and   MTTV  experienced  by  organizaEons  in  recent  incidents • Mean  Yme  to   verify   MTTV   • Mean  Yme  to   fix   MTTF   • Mean  Yme  to   know   MTTK   • Mean  Yme  to   idenYfy     MTTI   BGA  INFORMATION  SECURITY  &  CONSULTING  
80%   76%   67%   65%   56%   0%   10%   20%   30%   40%   50%   60%   70%   80%   90%   Most  effec8ve  security  tools  for  detec8ng  security  breaches   An8-­‐virus   IP  reputa8on  &  threat  feed  services   Intrusion  preven8on/detec8on  systems   SIEM   Analysis  of  NetFlow  or  packet  captures   BGA  INFORMATION  SECURITY  &  CONSULTING  
BGA  INFORMATION  SECURITY  &  CONSULTING  
Reac8ve  Services   Proac8ve  Services   Security  Quality  Management  Services   Alerts  and  Warnings   Announcements   Risk  Analysis               Incident  Handling   Technology  Watch   Business  ConYnuity  and  Disaster  Recovery   Planning   •  Incident  analysis  (Forensic  &  Tracking)           •  Incident  response  on  site   Security  Audits  or  Assessments  (Scan  &  Pentest)  Security  ConsulYng   •  Incident  response  support           •  Incident  response  coordinaYon   ConfiguraYon  and  Maintenance  of  Security   Tools,  ApplicaYons,  and  Infrastructures   Awareness  Building           Vulnerability  Handling   Development  of  Security  Tools   EducaYon/Training   •  Vulnerability  analysis           •  Vulnerability  response   Intrusion  DetecYon  Services   Product  EvaluaYon  or  CerYficaYon   •  Vulnerability  response  coordinaYon           Security-­‐Related  InformaYon  DisseminaYon       Ar8fact  Handling           •  ArYfact  analysis           •  ArYfact  response           •  ArYfact  response  coordinaYon           BGA  INFORMATION  SECURITY  &  CONSULTING  
BGA  INFORMATION  SECURITY  &  CONSULTING  
Conclusion  &  RecommendaEons   •  Make  it  a  priority  to  build  an  incident  response  team  consisYng  of  experienced,  full-­‐Yme   members     •  Assess  the  readiness  of  incident  response  team  members  on  an  ongoing  basis     •  Create  clearly  defined  rules  of  engagement  for  the  incident  response  team     •  Translate  the  results  of  these  measures  into  user-­‐friendly  business  communicaYons     •  Involve  mulY-­‐disciplinary  areas  of  the  organizaYon  in  the  incident  response  process     •  Invest  in  technologies  that  support  the  collecYon  of  informaYon  to  idenYfy  potenYal  threats     •  Consider  sharing  threat  indicators  with  third-­‐party  organizaYons  to  foster  collaboraYon     •  Have  meaningful  operaYonal  metrics  to  gauge  the  overall  effecYveness  of  incident  response   BGA  INFORMATION  SECURITY  &  CONSULTING  
References [1]  West-­‐Brown,  Moira  J.;  SYkvoort,  Don;  &  Kossakowski,  Klaus-­‐Peter.  Handbook  for  Computer  Security  Incident  Response  Teams   (CSIRTs)  (CMU/SEI-­‐98-­‐HB-­‐001).  PiZsburgh,  PA:  So|ware  Engineering  InsYtute,  Carnegie  Mellon  University,  1998.  Note  that  this   document  was  superceded  by  the  2nd  ediYon  (CMU/SEI-­‐2003-­‐HB-­‐002),  published  in  April  2003.     [2]  Kossakowski,  Klaus-­‐Peter.  InformaYon  Technology  Incident  Response  CapabiliYes.  Hamburg:  Books  on  Demand,  2001  (ISBN:   3-­‐8311-­‐0059-­‐4).     [3]  Kossakowski;  Klaus-­‐Peter  &  SYkvoort,  Don.  A  Trusted  CSIRT  Introducer  in  Europe.  Amersfoort,  Netherlands:  M&I/Stelvio,   February,  2000.   [4]  Exposing  One  of  China’s  Cyber  Espionage  Units  hZp://intelreport.mandiant.com/Mandiant_APT1_Report.pdf   [5]  M-­‐Trends®  2013:  AZack  the  Security  Gap  hZp://pages.fireeye.com/MF0D0O0PDVp6y106k0TI0B3   [6]  M-­‐Trends®  2011:  When  PrevenYon  Fails  hZp://www.mandiant.com/assets/PDF_MTrends_2011.pdf   [7]  M-­‐Trends®  2012:  An  Evolving  Threat  hZp://www.mandiant.com/assets/PDF_MTrends_2012.pdf   [8]  Cyber  Security  Incident  Response  2014  hZp://www.lancope.com/files/documents/Industry-­‐Reports/Lancope-­‐Ponemon-­‐ Report-­‐Cyber-­‐Security-­‐Incident-­‐Response.pdf   [9]  Create  a  CSIRT  hZps://www.cert.org/incident-­‐management/products-­‐services/creaYng-­‐a-­‐csirt.cfm   [10]  CSIRT  Services  list  from  CERT/CC  hZps://www.enisa.europa.eu/acYviYes/cert/support/guide/appendix/csirt-­‐services   BGA  INFORMATION  SECURITY  &  CONSULTING  
QuesEons BGA  INFORMATION  SECURITY  &  CONSULTING  
BGA  INFORMATION  SECURITY  &  CONSULTING  

Recomendados

Ict 2015 saga - cisco cybersecurity rešenja- Viktor Varga
Ict 2015 saga - cisco cybersecurity rešenja- Viktor VargaIct 2015 saga - cisco cybersecurity rešenja- Viktor Varga
Ict 2015 saga - cisco cybersecurity rešenja- Viktor VargaDejan Jeremic
 
Ivan dragas get ahead of cybercrime
Ivan dragas get ahead of cybercrimeIvan dragas get ahead of cybercrime
Ivan dragas get ahead of cybercrimeDejan Jeremic
 
Ict conf td-evs_pcidss-final
Ict conf td-evs_pcidss-finalIct conf td-evs_pcidss-final
Ict conf td-evs_pcidss-finalDejan Jeremic
 
Developing A Cyber Security Incident Response Program
Developing A Cyber Security Incident Response ProgramDeveloping A Cyber Security Incident Response Program
Developing A Cyber Security Incident Response ProgramBGA Cyber Security
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security GovernancePriyanka Aash
 
2021/0/15 - Solarwinds supply chain attack: why we should take it sereously
2021/0/15 - Solarwinds supply chain attack: why we should take it sereously2021/0/15 - Solarwinds supply chain attack: why we should take it sereously
2021/0/15 - Solarwinds supply chain attack: why we should take it sereouslySirris
 
Evidence-Based Security: The New Top Five Controls
Evidence-Based Security: The New Top Five ControlsEvidence-Based Security: The New Top Five Controls
Evidence-Based Security: The New Top Five ControlsPriyanka Aash
 
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)Shah Sheikh
 

Recomendados

Ict 2015 saga - cisco cybersecurity rešenja- Viktor Varga
Ict 2015 saga - cisco cybersecurity rešenja- Viktor VargaIct 2015 saga - cisco cybersecurity rešenja- Viktor Varga
Ict 2015 saga - cisco cybersecurity rešenja- Viktor VargaDejan Jeremic
 
Ivan dragas get ahead of cybercrime
Ivan dragas get ahead of cybercrimeIvan dragas get ahead of cybercrime
Ivan dragas get ahead of cybercrimeDejan Jeremic
 
Ict conf td-evs_pcidss-final
Ict conf td-evs_pcidss-finalIct conf td-evs_pcidss-final
Ict conf td-evs_pcidss-finalDejan Jeremic
 
Developing A Cyber Security Incident Response Program
Developing A Cyber Security Incident Response ProgramDeveloping A Cyber Security Incident Response Program
Developing A Cyber Security Incident Response ProgramBGA Cyber Security
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security GovernancePriyanka Aash
 
2021/0/15 - Solarwinds supply chain attack: why we should take it sereously
2021/0/15 - Solarwinds supply chain attack: why we should take it sereously2021/0/15 - Solarwinds supply chain attack: why we should take it sereously
2021/0/15 - Solarwinds supply chain attack: why we should take it sereouslySirris
 
Evidence-Based Security: The New Top Five Controls
Evidence-Based Security: The New Top Five ControlsEvidence-Based Security: The New Top Five Controls
Evidence-Based Security: The New Top Five ControlsPriyanka Aash
 
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)Shah Sheikh
 
Talk1 esc3 muscl-standards and regulation_v1_1
Talk1 esc3 muscl-standards and regulation_v1_1Talk1 esc3 muscl-standards and regulation_v1_1
Talk1 esc3 muscl-standards and regulation_v1_1Sylvain Martinez
 
Debunked: 5 Myths About Zero Trust Security
Debunked: 5 Myths About Zero Trust SecurityDebunked: 5 Myths About Zero Trust Security
Debunked: 5 Myths About Zero Trust SecurityCentrify Corporation
 
Be the Hunter
Be the Hunter Be the Hunter
Be the Hunter Rahul Neel Mani
 
8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security
8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security
8 Ocak 2015 SOME Etkinligi - Cisco Next Generation SecurityBGA Cyber Security
 
OFFICE 365 SECURITY
OFFICE 365 SECURITYOFFICE 365 SECURITY
OFFICE 365 SECURITYSylvain Martinez
 
Tomorrow Starts Here - Security Everywhere
Tomorrow Starts Here - Security Everywhere Tomorrow Starts Here - Security Everywhere
Tomorrow Starts Here - Security Everywhere Cisco Canada
 
Robert Hurlbut - Threat Modeling for Secure Software Design
Robert Hurlbut - Threat Modeling for Secure Software DesignRobert Hurlbut - Threat Modeling for Secure Software Design
Robert Hurlbut - Threat Modeling for Secure Software Designcentralohioissa
 
Next Generation Security
Next Generation SecurityNext Generation Security
Next Generation SecurityCisco Canada
 
Talos Insight: Threat Innovation Emerging from the Noise
Talos Insight: Threat Innovation Emerging from the NoiseTalos Insight: Threat Innovation Emerging from the Noise
Talos Insight: Threat Innovation Emerging from the NoiseCisco Canada
 
kill-chain-presentation-v3
kill-chain-presentation-v3kill-chain-presentation-v3
kill-chain-presentation-v3Shawn Croswell
 
ION-E Defense In Depth Presentation for The Institiute of Internal Auditors
ION-E Defense In Depth Presentation for The Institiute of Internal AuditorsION-E Defense In Depth Presentation for The Institiute of Internal Auditors
ION-E Defense In Depth Presentation for The Institiute of Internal Auditorsmdagrossa
 
Microsoft Avanced Threat Analytics
Microsoft Avanced Threat AnalyticsMicrosoft Avanced Threat Analytics
Microsoft Avanced Threat AnalyticsAdeo Security
 
WhyNormShield
WhyNormShieldWhyNormShield
WhyNormShieldCandan BOLUKBAS
 
The Motives, Means and Methods of Cyber-Adversaries
The Motives, Means and Methods of Cyber-AdversariesThe Motives, Means and Methods of Cyber-Adversaries
The Motives, Means and Methods of Cyber-AdversariesKaspersky
 
DTS Solution - Cyber Security Services Portfolio
DTS Solution - Cyber Security Services PortfolioDTS Solution - Cyber Security Services Portfolio
DTS Solution - Cyber Security Services PortfolioShah Sheikh
 
NIST Zero Trust Explained
NIST Zero Trust ExplainedNIST Zero Trust Explained
NIST Zero Trust Explainedrtp2009
 
Ransomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your CompanyRansomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your CompanyVeriato
 
An in depth understanding in the application of the zero-trust security model...
An in depth understanding in the application of the zero-trust security model...An in depth understanding in the application of the zero-trust security model...
An in depth understanding in the application of the zero-trust security model...Max Justice
 
The Business Benefits of Threat Intelligence Webinar
The Business Benefits of Threat Intelligence WebinarThe Business Benefits of Threat Intelligence Webinar
The Business Benefits of Threat Intelligence WebinarThreatConnect
 
Jake Williams - Navigating the FDA Recommendations on Medical Device Security...
Jake Williams - Navigating the FDA Recommendations on Medical Device Security...Jake Williams - Navigating the FDA Recommendations on Medical Device Security...
Jake Williams - Navigating the FDA Recommendations on Medical Device Security...centralohioissa
 
BGA SOME/SOC Etkinliği - Kurumsal SOME’ler için SOC Modeli Nasıl Olmalı?
BGA SOME/SOC Etkinliği - Kurumsal SOME’ler için SOC Modeli Nasıl Olmalı?BGA SOME/SOC Etkinliği - Kurumsal SOME’ler için SOC Modeli Nasıl Olmalı?
BGA SOME/SOC Etkinliği - Kurumsal SOME’ler için SOC Modeli Nasıl Olmalı?BGA Cyber Security
 
Beyaz Şapkalı Hacker CEH Eğitimi - Bölüm 1, 2, 3
Beyaz Şapkalı Hacker CEH Eğitimi - Bölüm 1, 2, 3Beyaz Şapkalı Hacker CEH Eğitimi - Bölüm 1, 2, 3
Beyaz Şapkalı Hacker CEH Eğitimi - Bölüm 1, 2, 3BGA Cyber Security
 

Más contenido relacionado

La actualidad más candente

Talk1 esc3 muscl-standards and regulation_v1_1
Talk1 esc3 muscl-standards and regulation_v1_1Talk1 esc3 muscl-standards and regulation_v1_1
Talk1 esc3 muscl-standards and regulation_v1_1Sylvain Martinez
 
Debunked: 5 Myths About Zero Trust Security
Debunked: 5 Myths About Zero Trust SecurityDebunked: 5 Myths About Zero Trust Security
Debunked: 5 Myths About Zero Trust SecurityCentrify Corporation
 
8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security
8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security
8 Ocak 2015 SOME Etkinligi - Cisco Next Generation SecurityBGA Cyber Security
 
Tomorrow Starts Here - Security Everywhere
Tomorrow Starts Here - Security Everywhere Tomorrow Starts Here - Security Everywhere
Tomorrow Starts Here - Security Everywhere Cisco Canada
 
Robert Hurlbut - Threat Modeling for Secure Software Design
Robert Hurlbut - Threat Modeling for Secure Software DesignRobert Hurlbut - Threat Modeling for Secure Software Design
Robert Hurlbut - Threat Modeling for Secure Software Designcentralohioissa
 
Next Generation Security
Next Generation SecurityNext Generation Security
Next Generation SecurityCisco Canada
 
Talos Insight: Threat Innovation Emerging from the Noise
Talos Insight: Threat Innovation Emerging from the NoiseTalos Insight: Threat Innovation Emerging from the Noise
Talos Insight: Threat Innovation Emerging from the NoiseCisco Canada
 
kill-chain-presentation-v3
kill-chain-presentation-v3kill-chain-presentation-v3
kill-chain-presentation-v3Shawn Croswell
 
ION-E Defense In Depth Presentation for The Institiute of Internal Auditors
ION-E Defense In Depth Presentation for The Institiute of Internal AuditorsION-E Defense In Depth Presentation for The Institiute of Internal Auditors
ION-E Defense In Depth Presentation for The Institiute of Internal Auditorsmdagrossa
 
Microsoft Avanced Threat Analytics
Microsoft Avanced Threat AnalyticsMicrosoft Avanced Threat Analytics
Microsoft Avanced Threat AnalyticsAdeo Security
 
The Motives, Means and Methods of Cyber-Adversaries
The Motives, Means and Methods of Cyber-AdversariesThe Motives, Means and Methods of Cyber-Adversaries
The Motives, Means and Methods of Cyber-AdversariesKaspersky
 
DTS Solution - Cyber Security Services Portfolio
DTS Solution - Cyber Security Services PortfolioDTS Solution - Cyber Security Services Portfolio
DTS Solution - Cyber Security Services PortfolioShah Sheikh
 
NIST Zero Trust Explained
NIST Zero Trust ExplainedNIST Zero Trust Explained
NIST Zero Trust Explainedrtp2009
 
Ransomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your CompanyRansomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your CompanyVeriato
 
An in depth understanding in the application of the zero-trust security model...
An in depth understanding in the application of the zero-trust security model...An in depth understanding in the application of the zero-trust security model...
An in depth understanding in the application of the zero-trust security model...Max Justice
 
The Business Benefits of Threat Intelligence Webinar
The Business Benefits of Threat Intelligence WebinarThe Business Benefits of Threat Intelligence Webinar
The Business Benefits of Threat Intelligence WebinarThreatConnect
 
Jake Williams - Navigating the FDA Recommendations on Medical Device Security...
Jake Williams - Navigating the FDA Recommendations on Medical Device Security...Jake Williams - Navigating the FDA Recommendations on Medical Device Security...
Jake Williams - Navigating the FDA Recommendations on Medical Device Security...centralohioissa
 

La actualidad más candente (20)

Talk1 esc3 muscl-standards and regulation_v1_1
Talk1 esc3 muscl-standards and regulation_v1_1Talk1 esc3 muscl-standards and regulation_v1_1
Talk1 esc3 muscl-standards and regulation_v1_1
 
Debunked: 5 Myths About Zero Trust Security
Debunked: 5 Myths About Zero Trust SecurityDebunked: 5 Myths About Zero Trust Security
Debunked: 5 Myths About Zero Trust Security
 
Be the Hunter
Be the Hunter Be the Hunter
Be the Hunter
 
8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security
8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security
8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security
 
OFFICE 365 SECURITY
OFFICE 365 SECURITYOFFICE 365 SECURITY
OFFICE 365 SECURITY
 
Tomorrow Starts Here - Security Everywhere
Tomorrow Starts Here - Security Everywhere Tomorrow Starts Here - Security Everywhere
Tomorrow Starts Here - Security Everywhere
 
Robert Hurlbut - Threat Modeling for Secure Software Design
Robert Hurlbut - Threat Modeling for Secure Software DesignRobert Hurlbut - Threat Modeling for Secure Software Design
Robert Hurlbut - Threat Modeling for Secure Software Design
 
Next Generation Security
Next Generation SecurityNext Generation Security
Next Generation Security
 
Talos Insight: Threat Innovation Emerging from the Noise
Talos Insight: Threat Innovation Emerging from the NoiseTalos Insight: Threat Innovation Emerging from the Noise
Talos Insight: Threat Innovation Emerging from the Noise
 
kill-chain-presentation-v3
kill-chain-presentation-v3kill-chain-presentation-v3
kill-chain-presentation-v3
 
ION-E Defense In Depth Presentation for The Institiute of Internal Auditors
ION-E Defense In Depth Presentation for The Institiute of Internal AuditorsION-E Defense In Depth Presentation for The Institiute of Internal Auditors
ION-E Defense In Depth Presentation for The Institiute of Internal Auditors
 
Microsoft Avanced Threat Analytics
Microsoft Avanced Threat AnalyticsMicrosoft Avanced Threat Analytics
Microsoft Avanced Threat Analytics
 
WhyNormShield
WhyNormShieldWhyNormShield
WhyNormShield
 
The Motives, Means and Methods of Cyber-Adversaries
The Motives, Means and Methods of Cyber-AdversariesThe Motives, Means and Methods of Cyber-Adversaries
The Motives, Means and Methods of Cyber-Adversaries
 
DTS Solution - Cyber Security Services Portfolio
DTS Solution - Cyber Security Services PortfolioDTS Solution - Cyber Security Services Portfolio
DTS Solution - Cyber Security Services Portfolio
 
NIST Zero Trust Explained
NIST Zero Trust ExplainedNIST Zero Trust Explained
NIST Zero Trust Explained
 
Ransomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your CompanyRansomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your Company
 
An in depth understanding in the application of the zero-trust security model...
An in depth understanding in the application of the zero-trust security model...An in depth understanding in the application of the zero-trust security model...
An in depth understanding in the application of the zero-trust security model...
 
The Business Benefits of Threat Intelligence Webinar
The Business Benefits of Threat Intelligence WebinarThe Business Benefits of Threat Intelligence Webinar
The Business Benefits of Threat Intelligence Webinar
 
Jake Williams - Navigating the FDA Recommendations on Medical Device Security...
Jake Williams - Navigating the FDA Recommendations on Medical Device Security...Jake Williams - Navigating the FDA Recommendations on Medical Device Security...
Jake Williams - Navigating the FDA Recommendations on Medical Device Security...
 

Destacado

BGA SOME/SOC Etkinliği - Kurumsal SOME’ler için SOC Modeli Nasıl Olmalı?
BGA SOME/SOC Etkinliği - Kurumsal SOME’ler için SOC Modeli Nasıl Olmalı?BGA SOME/SOC Etkinliği - Kurumsal SOME’ler için SOC Modeli Nasıl Olmalı?
BGA SOME/SOC Etkinliği - Kurumsal SOME’ler için SOC Modeli Nasıl Olmalı?BGA Cyber Security
 
Beyaz Şapkalı Hacker CEH Eğitimi - Bölüm 1, 2, 3
Beyaz Şapkalı Hacker CEH Eğitimi - Bölüm 1, 2, 3Beyaz Şapkalı Hacker CEH Eğitimi - Bölüm 1, 2, 3
Beyaz Şapkalı Hacker CEH Eğitimi - Bölüm 1, 2, 3BGA Cyber Security
 
Güvenli Yazılım Geliştirmede Dosya Yükleme
Güvenli Yazılım Geliştirmede Dosya YüklemeGüvenli Yazılım Geliştirmede Dosya Yükleme
Güvenli Yazılım Geliştirmede Dosya YüklemeBGA Cyber Security
 
İleri Seviye Ağ Güvenliği Lab Kitabı
İleri Seviye Ağ Güvenliği Lab Kitabıİleri Seviye Ağ Güvenliği Lab Kitabı
İleri Seviye Ağ Güvenliği Lab KitabıBGA Cyber Security
 
Ağ Protokollerine Yönelik Adli Bilişim Analizi
Ağ Protokollerine Yönelik Adli Bilişim AnaliziAğ Protokollerine Yönelik Adli Bilişim Analizi
Ağ Protokollerine Yönelik Adli Bilişim AnaliziBGA Cyber Security
 
Beyaz Şapkalı Hacker Eğitimi Yardımcı Ders Notları
Beyaz Şapkalı Hacker Eğitimi Yardımcı Ders NotlarıBeyaz Şapkalı Hacker Eğitimi Yardımcı Ders Notları
Beyaz Şapkalı Hacker Eğitimi Yardımcı Ders NotlarıBGA Cyber Security
 
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...BGA Cyber Security
 
IstSec'14 - İbrahim BALİÇ - Automated Malware Analysis
IstSec'14 - İbrahim BALİÇ - Automated Malware AnalysisIstSec'14 - İbrahim BALİÇ - Automated Malware Analysis
IstSec'14 - İbrahim BALİÇ - Automated Malware AnalysisBGA Cyber Security
 
İstSec 2015 - Norm shield why
İstSec 2015 - Norm shield why İstSec 2015 - Norm shield why
İstSec 2015 - Norm shield why BGA Cyber Security
 
8 Ocak 2015 SOME Etkinligi - BGA Bank Vulnerable Web Application
8 Ocak 2015 SOME Etkinligi - BGA Bank Vulnerable Web Application8 Ocak 2015 SOME Etkinligi - BGA Bank Vulnerable Web Application
8 Ocak 2015 SOME Etkinligi - BGA Bank Vulnerable Web ApplicationBGA Cyber Security
 
Hosting Ortamlarında Açık Kaynak Yazılımlar Kullanılarak Saldırı Tespiti ve A...
Hosting Ortamlarında Açık Kaynak Yazılımlar Kullanılarak Saldırı Tespiti ve A...Hosting Ortamlarında Açık Kaynak Yazılımlar Kullanılarak Saldırı Tespiti ve A...
Hosting Ortamlarında Açık Kaynak Yazılımlar Kullanılarak Saldırı Tespiti ve A...BGA Cyber Security
 
BGA SOME/SOC Etkinliği - APT Tehditlerine Karşı 7/24 Güvenlik İzlemesi (SOC)
BGA SOME/SOC Etkinliği - APT Tehditlerine Karşı 7/24 Güvenlik İzlemesi (SOC)BGA SOME/SOC Etkinliği - APT Tehditlerine Karşı 7/24 Güvenlik İzlemesi (SOC)
BGA SOME/SOC Etkinliği - APT Tehditlerine Karşı 7/24 Güvenlik İzlemesi (SOC)BGA Cyber Security
 
IstSec'14 - Çağrı ERSEN - Açık Kaynak Sistemlerle Siber Saldırı Gözetleme Sis...
IstSec'14 - Çağrı ERSEN - Açık Kaynak Sistemlerle Siber Saldırı Gözetleme Sis...IstSec'14 - Çağrı ERSEN - Açık Kaynak Sistemlerle Siber Saldırı Gözetleme Sis...
IstSec'14 - Çağrı ERSEN - Açık Kaynak Sistemlerle Siber Saldırı Gözetleme Sis...BGA Cyber Security
 
8 Ocak 2015 SOME Etkinligi - BGA Bankalar İçin Some Kurulumu
8 Ocak 2015 SOME Etkinligi - BGA Bankalar İçin Some Kurulumu8 Ocak 2015 SOME Etkinligi - BGA Bankalar İçin Some Kurulumu
8 Ocak 2015 SOME Etkinligi - BGA Bankalar İçin Some KurulumuBGA Cyber Security
 
İstSec'14 - Hamza Şamlıoğlu - Sosyal Medya ve Siber Riskler
İstSec'14 - Hamza Şamlıoğlu - Sosyal Medya ve Siber RisklerİstSec'14 - Hamza Şamlıoğlu - Sosyal Medya ve Siber Riskler
İstSec'14 - Hamza Şamlıoğlu - Sosyal Medya ve Siber RisklerBGA Cyber Security
 
Bilgi Güvenliğinde Sızma Testleri
Bilgi Güvenliğinde Sızma TestleriBilgi Güvenliğinde Sızma Testleri
Bilgi Güvenliğinde Sızma TestleriBGA Cyber Security
 
NetSecTR - "Siem / Log Korelasyon Sunumu" Huzeyfe Önal
NetSecTR - "Siem / Log Korelasyon Sunumu" Huzeyfe ÖnalNetSecTR - "Siem / Log Korelasyon Sunumu" Huzeyfe Önal
NetSecTR - "Siem / Log Korelasyon Sunumu" Huzeyfe ÖnalBGA Cyber Security
 
Mobile Application Penetration Testing
Mobile Application Penetration TestingMobile Application Penetration Testing
Mobile Application Penetration TestingBGA Cyber Security
 
Beyaz Şapkalı Hacker CEH Eğitimi - Bölüm 10, 11, 12
Beyaz Şapkalı Hacker CEH Eğitimi - Bölüm 10, 11, 12Beyaz Şapkalı Hacker CEH Eğitimi - Bölüm 10, 11, 12
Beyaz Şapkalı Hacker CEH Eğitimi - Bölüm 10, 11, 12BGA Cyber Security
 

Destacado (20)

BGA SOME/SOC Etkinliği - Kurumsal SOME’ler için SOC Modeli Nasıl Olmalı?
BGA SOME/SOC Etkinliği - Kurumsal SOME’ler için SOC Modeli Nasıl Olmalı?BGA SOME/SOC Etkinliği - Kurumsal SOME’ler için SOC Modeli Nasıl Olmalı?
BGA SOME/SOC Etkinliği - Kurumsal SOME’ler için SOC Modeli Nasıl Olmalı?
 
Beyaz Şapkalı Hacker CEH Eğitimi - Bölüm 1, 2, 3
Beyaz Şapkalı Hacker CEH Eğitimi - Bölüm 1, 2, 3Beyaz Şapkalı Hacker CEH Eğitimi - Bölüm 1, 2, 3
Beyaz Şapkalı Hacker CEH Eğitimi - Bölüm 1, 2, 3
 
Güvenli Yazılım Geliştirmede Dosya Yükleme
Güvenli Yazılım Geliştirmede Dosya YüklemeGüvenli Yazılım Geliştirmede Dosya Yükleme
Güvenli Yazılım Geliştirmede Dosya Yükleme
 
İleri Seviye Ağ Güvenliği Lab Kitabı
İleri Seviye Ağ Güvenliği Lab Kitabıİleri Seviye Ağ Güvenliği Lab Kitabı
İleri Seviye Ağ Güvenliği Lab Kitabı
 
Ağ Protokollerine Yönelik Adli Bilişim Analizi
Ağ Protokollerine Yönelik Adli Bilişim AnaliziAğ Protokollerine Yönelik Adli Bilişim Analizi
Ağ Protokollerine Yönelik Adli Bilişim Analizi
 
Beyaz Şapkalı Hacker Eğitimi Yardımcı Ders Notları
Beyaz Şapkalı Hacker Eğitimi Yardımcı Ders NotlarıBeyaz Şapkalı Hacker Eğitimi Yardımcı Ders Notları
Beyaz Şapkalı Hacker Eğitimi Yardımcı Ders Notları
 
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
 
IstSec'14 - İbrahim BALİÇ - Automated Malware Analysis
IstSec'14 - İbrahim BALİÇ - Automated Malware AnalysisIstSec'14 - İbrahim BALİÇ - Automated Malware Analysis
IstSec'14 - İbrahim BALİÇ - Automated Malware Analysis
 
İstSec 2015 - Norm shield why
İstSec 2015 - Norm shield why İstSec 2015 - Norm shield why
İstSec 2015 - Norm shield why
 
8 Ocak 2015 SOME Etkinligi - BGA Bank Vulnerable Web Application
8 Ocak 2015 SOME Etkinligi - BGA Bank Vulnerable Web Application8 Ocak 2015 SOME Etkinligi - BGA Bank Vulnerable Web Application
8 Ocak 2015 SOME Etkinligi - BGA Bank Vulnerable Web Application
 
Hosting Ortamlarında Açık Kaynak Yazılımlar Kullanılarak Saldırı Tespiti ve A...
Hosting Ortamlarında Açık Kaynak Yazılımlar Kullanılarak Saldırı Tespiti ve A...Hosting Ortamlarında Açık Kaynak Yazılımlar Kullanılarak Saldırı Tespiti ve A...
Hosting Ortamlarında Açık Kaynak Yazılımlar Kullanılarak Saldırı Tespiti ve A...
 
BGA SOME/SOC Etkinliği - APT Tehditlerine Karşı 7/24 Güvenlik İzlemesi (SOC)
BGA SOME/SOC Etkinliği - APT Tehditlerine Karşı 7/24 Güvenlik İzlemesi (SOC)BGA SOME/SOC Etkinliği - APT Tehditlerine Karşı 7/24 Güvenlik İzlemesi (SOC)
BGA SOME/SOC Etkinliği - APT Tehditlerine Karşı 7/24 Güvenlik İzlemesi (SOC)
 
IstSec'14 - Çağrı ERSEN - Açık Kaynak Sistemlerle Siber Saldırı Gözetleme Sis...
IstSec'14 - Çağrı ERSEN - Açık Kaynak Sistemlerle Siber Saldırı Gözetleme Sis...IstSec'14 - Çağrı ERSEN - Açık Kaynak Sistemlerle Siber Saldırı Gözetleme Sis...
IstSec'14 - Çağrı ERSEN - Açık Kaynak Sistemlerle Siber Saldırı Gözetleme Sis...
 
8 Ocak 2015 SOME Etkinligi - BGA Bankalar İçin Some Kurulumu
8 Ocak 2015 SOME Etkinligi - BGA Bankalar İçin Some Kurulumu8 Ocak 2015 SOME Etkinligi - BGA Bankalar İçin Some Kurulumu
8 Ocak 2015 SOME Etkinligi - BGA Bankalar İçin Some Kurulumu
 
İstSec'14 - Hamza Şamlıoğlu - Sosyal Medya ve Siber Riskler
İstSec'14 - Hamza Şamlıoğlu - Sosyal Medya ve Siber RisklerİstSec'14 - Hamza Şamlıoğlu - Sosyal Medya ve Siber Riskler
İstSec'14 - Hamza Şamlıoğlu - Sosyal Medya ve Siber Riskler
 
Bilgi Güvenliğinde Sızma Testleri
Bilgi Güvenliğinde Sızma TestleriBilgi Güvenliğinde Sızma Testleri
Bilgi Güvenliğinde Sızma Testleri
 
NetSecTR - "Siem / Log Korelasyon Sunumu" Huzeyfe Önal
NetSecTR - "Siem / Log Korelasyon Sunumu" Huzeyfe ÖnalNetSecTR - "Siem / Log Korelasyon Sunumu" Huzeyfe Önal
NetSecTR - "Siem / Log Korelasyon Sunumu" Huzeyfe Önal
 
Mobile Application Penetration Testing
Mobile Application Penetration TestingMobile Application Penetration Testing
Mobile Application Penetration Testing
 
BGA Pentest Hizmeti
BGA Pentest HizmetiBGA Pentest Hizmeti
BGA Pentest Hizmeti
 
Beyaz Şapkalı Hacker CEH Eğitimi - Bölüm 10, 11, 12
Beyaz Şapkalı Hacker CEH Eğitimi - Bölüm 10, 11, 12Beyaz Şapkalı Hacker CEH Eğitimi - Bölüm 10, 11, 12
Beyaz Şapkalı Hacker CEH Eğitimi - Bölüm 10, 11, 12
 

Similar a 8 Ocak 2015 SOME Etkinligi - BGA Cyber Security Incident Response Team

Cloud Computing Cynthia Carpio-beck's Work sample of product-service prese...
Cloud Computing Cynthia Carpio-beck's Work sample of product-service prese...Cloud Computing Cynthia Carpio-beck's Work sample of product-service prese...
Cloud Computing Cynthia Carpio-beck's Work sample of product-service prese...Cynthia Renée Beck, SCPM, MBA
 
Scot Secure 2019 Edinburgh (Day 2)
Scot Secure 2019 Edinburgh (Day 2)Scot Secure 2019 Edinburgh (Day 2)
Scot Secure 2019 Edinburgh (Day 2)Ray Bugg
 
How to Create Plan-of-Action to Secure Critical Information
How to Create Plan-of-Action to Secure Critical InformationHow to Create Plan-of-Action to Secure Critical Information
How to Create Plan-of-Action to Secure Critical InformationKoenig Solutions Ltd.
 
UMASS-NISTCSF-October-2016-Presentation-rev2.pptx
UMASS-NISTCSF-October-2016-Presentation-rev2.pptxUMASS-NISTCSF-October-2016-Presentation-rev2.pptx
UMASS-NISTCSF-October-2016-Presentation-rev2.pptxAbid Ur Rehman
 
Reducing cardholder data footprint with tokenization and other techniques
Reducing cardholder data footprint with tokenization and other techniquesReducing cardholder data footprint with tokenization and other techniques
Reducing cardholder data footprint with tokenization and other techniquesVISTA InfoSec
 
Introduction to NIST Cybersecurity Framework
Introduction to NIST Cybersecurity FrameworkIntroduction to NIST Cybersecurity Framework
Introduction to NIST Cybersecurity FrameworkTuan Phan
 
Business Incubator Feasibility Study
Business Incubator Feasibility StudyBusiness Incubator Feasibility Study
Business Incubator Feasibility StudyEssa AlEssa
 
Kmicro Cybersecurity Offerings 2020
Kmicro Cybersecurity Offerings 2020Kmicro Cybersecurity Offerings 2020
Kmicro Cybersecurity Offerings 2020Manuel Guillen
 
Nist cybersecurity framework isc2 quantico
Nist cybersecurity framework isc2 quanticoNist cybersecurity framework isc2 quantico
Nist cybersecurity framework isc2 quanticoTuan Phan
 
02-Assess-and-Raise-Your-Digital-Maturity--Phases-1-2.pptx
02-Assess-and-Raise-Your-Digital-Maturity--Phases-1-2.pptx02-Assess-and-Raise-Your-Digital-Maturity--Phases-1-2.pptx
02-Assess-and-Raise-Your-Digital-Maturity--Phases-1-2.pptxFortuneNwaiwu1
 
Looking Forward: What to Expect With PCI 4.0
Looking Forward: What to Expect With PCI 4.0Looking Forward: What to Expect With PCI 4.0
Looking Forward: What to Expect With PCI 4.0SureCloud
 
How the Charity Digital Code of Practice can help you increase impact | Chari...
How the Charity Digital Code of Practice can help you increase impact | Chari...How the Charity Digital Code of Practice can help you increase impact | Chari...
How the Charity Digital Code of Practice can help you increase impact | Chari...CharityComms
 
Build an Information Security Strategy
Build an Information Security StrategyBuild an Information Security Strategy
Build an Information Security StrategyAndrew Byers
 
Cybersecurity digital marketing plan
Cybersecurity digital marketing planCybersecurity digital marketing plan
Cybersecurity digital marketing planRohit Philips
 
01-Assess-and-Raise-Your-Digital-Maturity--Executive-Brief.pptx
01-Assess-and-Raise-Your-Digital-Maturity--Executive-Brief.pptx01-Assess-and-Raise-Your-Digital-Maturity--Executive-Brief.pptx
01-Assess-and-Raise-Your-Digital-Maturity--Executive-Brief.pptxFortuneNwaiwu1
 

Similar a 8 Ocak 2015 SOME Etkinligi - BGA Cyber Security Incident Response Team (20)

CSIRT_16_Jun
CSIRT_16_JunCSIRT_16_Jun
CSIRT_16_Jun
 
Cloud Computing Cynthia Carpio-beck's Work sample of product-service prese...
Cloud Computing Cynthia Carpio-beck's Work sample of product-service prese...Cloud Computing Cynthia Carpio-beck's Work sample of product-service prese...
Cloud Computing Cynthia Carpio-beck's Work sample of product-service prese...
 
Scot Secure 2019 Edinburgh (Day 2)
Scot Secure 2019 Edinburgh (Day 2)Scot Secure 2019 Edinburgh (Day 2)
Scot Secure 2019 Edinburgh (Day 2)
 
How to Create Plan-of-Action to Secure Critical Information
How to Create Plan-of-Action to Secure Critical InformationHow to Create Plan-of-Action to Secure Critical Information
How to Create Plan-of-Action to Secure Critical Information
 
UMASS-NISTCSF-October-2016-Presentation-rev2.pptx
UMASS-NISTCSF-October-2016-Presentation-rev2.pptxUMASS-NISTCSF-October-2016-Presentation-rev2.pptx
UMASS-NISTCSF-October-2016-Presentation-rev2.pptx
 
How to build an IT strategy
How to build an IT strategyHow to build an IT strategy
How to build an IT strategy
 
Reducing cardholder data footprint with tokenization and other techniques
Reducing cardholder data footprint with tokenization and other techniquesReducing cardholder data footprint with tokenization and other techniques
Reducing cardholder data footprint with tokenization and other techniques
 
CISO's first 100 days
CISO's first 100 daysCISO's first 100 days
CISO's first 100 days
 
Introduction to NIST Cybersecurity Framework
Introduction to NIST Cybersecurity FrameworkIntroduction to NIST Cybersecurity Framework
Introduction to NIST Cybersecurity Framework
 
Business Incubator Feasibility Study
Business Incubator Feasibility StudyBusiness Incubator Feasibility Study
Business Incubator Feasibility Study
 
5548 isaca for-students
5548 isaca for-students5548 isaca for-students
5548 isaca for-students
 
Kmicro Cybersecurity Offerings 2020
Kmicro Cybersecurity Offerings 2020Kmicro Cybersecurity Offerings 2020
Kmicro Cybersecurity Offerings 2020
 
Nist cybersecurity framework isc2 quantico
Nist cybersecurity framework isc2 quanticoNist cybersecurity framework isc2 quantico
Nist cybersecurity framework isc2 quantico
 
02-Assess-and-Raise-Your-Digital-Maturity--Phases-1-2.pptx
02-Assess-and-Raise-Your-Digital-Maturity--Phases-1-2.pptx02-Assess-and-Raise-Your-Digital-Maturity--Phases-1-2.pptx
02-Assess-and-Raise-Your-Digital-Maturity--Phases-1-2.pptx
 
Looking Forward: What to Expect With PCI 4.0
Looking Forward: What to Expect With PCI 4.0Looking Forward: What to Expect With PCI 4.0
Looking Forward: What to Expect With PCI 4.0
 
How the Charity Digital Code of Practice can help you increase impact | Chari...
How the Charity Digital Code of Practice can help you increase impact | Chari...How the Charity Digital Code of Practice can help you increase impact | Chari...
How the Charity Digital Code of Practice can help you increase impact | Chari...
 
Build and Information Security Strategy
Build and Information Security StrategyBuild and Information Security Strategy
Build and Information Security Strategy
 
Build an Information Security Strategy
Build an Information Security StrategyBuild an Information Security Strategy
Build an Information Security Strategy
 
Cybersecurity digital marketing plan
Cybersecurity digital marketing planCybersecurity digital marketing plan
Cybersecurity digital marketing plan
 
01-Assess-and-Raise-Your-Digital-Maturity--Executive-Brief.pptx
01-Assess-and-Raise-Your-Digital-Maturity--Executive-Brief.pptx01-Assess-and-Raise-Your-Digital-Maturity--Executive-Brief.pptx
01-Assess-and-Raise-Your-Digital-Maturity--Executive-Brief.pptx
 

Más de BGA Cyber Security

WEBSOCKET Protokolünün Derinlemesine İncelenmesi
WEBSOCKET Protokolünün Derinlemesine İncelenmesiWEBSOCKET Protokolünün Derinlemesine İncelenmesi
WEBSOCKET Protokolünün Derinlemesine İncelenmesiBGA Cyber Security
 
Tatil Öncesi Güvenlik Kontrol Listesi.pdf
Tatil Öncesi Güvenlik Kontrol Listesi.pdfTatil Öncesi Güvenlik Kontrol Listesi.pdf
Tatil Öncesi Güvenlik Kontrol Listesi.pdfBGA Cyber Security
 
Ücretsiz Bilgi Güvenliği Farkındalık Eğitimi
Ücretsiz Bilgi Güvenliği Farkındalık EğitimiÜcretsiz Bilgi Güvenliği Farkındalık Eğitimi
Ücretsiz Bilgi Güvenliği Farkındalık EğitimiBGA Cyber Security
 
3. parti firma risklerinden nasıl korunulur?
3. parti firma risklerinden nasıl korunulur?3. parti firma risklerinden nasıl korunulur?
3. parti firma risklerinden nasıl korunulur?BGA Cyber Security
 
Bir Ransomware Saldırısının Anatomisi. A'dan Z'ye Ransomware Saldırıları
Bir Ransomware Saldırısının Anatomisi. A'dan Z'ye Ransomware SaldırılarıBir Ransomware Saldırısının Anatomisi. A'dan Z'ye Ransomware Saldırıları
Bir Ransomware Saldırısının Anatomisi. A'dan Z'ye Ransomware SaldırılarıBGA Cyber Security
 
Webinar: Popüler black marketler
Webinar: Popüler black marketlerWebinar: Popüler black marketler
Webinar: Popüler black marketlerBGA Cyber Security
 
Webinar: SOC Ekipleri için MITRE ATT&CK Kullanım Senaryoları
Webinar: SOC Ekipleri için MITRE ATT&CK Kullanım SenaryolarıWebinar: SOC Ekipleri için MITRE ATT&CK Kullanım Senaryoları
Webinar: SOC Ekipleri için MITRE ATT&CK Kullanım SenaryolarıBGA Cyber Security
 
Açık Kaynak Kodlu Çözümler Kullanarak SOC Yönetimi SOAR & IRM Webinar - 2020
Açık Kaynak Kodlu Çözümler Kullanarak SOC Yönetimi SOAR & IRM Webinar - 2020Açık Kaynak Kodlu Çözümler Kullanarak SOC Yönetimi SOAR & IRM Webinar - 2020
Açık Kaynak Kodlu Çözümler Kullanarak SOC Yönetimi SOAR & IRM Webinar - 2020BGA Cyber Security
 
DNS Protokolüne Yönelik Güncel Saldırı Teknikleri & Çözüm Önerileri
DNS Protokolüne Yönelik Güncel Saldırı Teknikleri & Çözüm ÖnerileriDNS Protokolüne Yönelik Güncel Saldırı Teknikleri & Çözüm Önerileri
DNS Protokolüne Yönelik Güncel Saldırı Teknikleri & Çözüm ÖnerileriBGA Cyber Security
 
Webinar: Siber Güvenlikte Olgunluk Seviyesini Arttırmak
Webinar: Siber Güvenlikte Olgunluk Seviyesini ArttırmakWebinar: Siber Güvenlikte Olgunluk Seviyesini Arttırmak
Webinar: Siber Güvenlikte Olgunluk Seviyesini ArttırmakBGA Cyber Security
 
Open Source Soc Araçları Eğitimi 2020-II
Open Source Soc Araçları Eğitimi 2020-IIOpen Source Soc Araçları Eğitimi 2020-II
Open Source Soc Araçları Eğitimi 2020-IIBGA Cyber Security
 
Webinar Sunumu: Saldırı, Savunma ve Loglama Açısından Konteyner Güvenliği
Webinar Sunumu: Saldırı, Savunma ve Loglama Açısından Konteyner GüvenliğiWebinar Sunumu: Saldırı, Savunma ve Loglama Açısından Konteyner Güvenliği
Webinar Sunumu: Saldırı, Savunma ve Loglama Açısından Konteyner GüvenliğiBGA Cyber Security
 
Hacklenmiş Windows Sistem Analizi
Hacklenmiş Windows Sistem AnaliziHacklenmiş Windows Sistem Analizi
Hacklenmiş Windows Sistem AnaliziBGA Cyber Security
 
RAKAMLARIN DİLİ İLE 2020 YILI SIZMA TESTLERİ
RAKAMLARIN DİLİ İLE 2020 YILI SIZMA TESTLERİRAKAMLARIN DİLİ İLE 2020 YILI SIZMA TESTLERİ
RAKAMLARIN DİLİ İLE 2020 YILI SIZMA TESTLERİBGA Cyber Security
 
BGA Türkiye Bankacılık Sektörü 1. Çeyrek Phishing Raporu
BGA Türkiye Bankacılık Sektörü 1. Çeyrek Phishing RaporuBGA Türkiye Bankacılık Sektörü 1. Çeyrek Phishing Raporu
BGA Türkiye Bankacılık Sektörü 1. Çeyrek Phishing RaporuBGA Cyber Security
 
SOC Kurulumu ve Yönetimi İçin Açık Kaynak Kodlu Çözümler
SOC Kurulumu ve Yönetimi İçin Açık Kaynak Kodlu ÇözümlerSOC Kurulumu ve Yönetimi İçin Açık Kaynak Kodlu Çözümler
SOC Kurulumu ve Yönetimi İçin Açık Kaynak Kodlu ÇözümlerBGA Cyber Security
 
Veri Sızıntıları İçinden Bilgi Toplama: Distributed Denial of Secrets
Veri Sızıntıları İçinden Bilgi Toplama: Distributed Denial of SecretsVeri Sızıntıları İçinden Bilgi Toplama: Distributed Denial of Secrets
Veri Sızıntıları İçinden Bilgi Toplama: Distributed Denial of SecretsBGA Cyber Security
 
Aktif Dizin (Active Directory) Güvenlik Testleri - I: Bilgi Toplama
Aktif Dizin (Active Directory) Güvenlik Testleri - I: Bilgi ToplamaAktif Dizin (Active Directory) Güvenlik Testleri - I: Bilgi Toplama
Aktif Dizin (Active Directory) Güvenlik Testleri - I: Bilgi ToplamaBGA Cyber Security
 

Más de BGA Cyber Security (20)

WEBSOCKET Protokolünün Derinlemesine İncelenmesi
WEBSOCKET Protokolünün Derinlemesine İncelenmesiWEBSOCKET Protokolünün Derinlemesine İncelenmesi
WEBSOCKET Protokolünün Derinlemesine İncelenmesi
 
Tatil Öncesi Güvenlik Kontrol Listesi.pdf
Tatil Öncesi Güvenlik Kontrol Listesi.pdfTatil Öncesi Güvenlik Kontrol Listesi.pdf
Tatil Öncesi Güvenlik Kontrol Listesi.pdf
 
Ücretsiz Bilgi Güvenliği Farkındalık Eğitimi
Ücretsiz Bilgi Güvenliği Farkındalık EğitimiÜcretsiz Bilgi Güvenliği Farkındalık Eğitimi
Ücretsiz Bilgi Güvenliği Farkındalık Eğitimi
 
3. parti firma risklerinden nasıl korunulur?
3. parti firma risklerinden nasıl korunulur?3. parti firma risklerinden nasıl korunulur?
3. parti firma risklerinden nasıl korunulur?
 
Bir Ransomware Saldırısının Anatomisi. A'dan Z'ye Ransomware Saldırıları
Bir Ransomware Saldırısının Anatomisi. A'dan Z'ye Ransomware SaldırılarıBir Ransomware Saldırısının Anatomisi. A'dan Z'ye Ransomware Saldırıları
Bir Ransomware Saldırısının Anatomisi. A'dan Z'ye Ransomware Saldırıları
 
Webinar: Popüler black marketler
Webinar: Popüler black marketlerWebinar: Popüler black marketler
Webinar: Popüler black marketler
 
Webinar: SOC Ekipleri için MITRE ATT&CK Kullanım Senaryoları
Webinar: SOC Ekipleri için MITRE ATT&CK Kullanım SenaryolarıWebinar: SOC Ekipleri için MITRE ATT&CK Kullanım Senaryoları
Webinar: SOC Ekipleri için MITRE ATT&CK Kullanım Senaryoları
 
Açık Kaynak Kodlu Çözümler Kullanarak SOC Yönetimi SOAR & IRM Webinar - 2020
Açık Kaynak Kodlu Çözümler Kullanarak SOC Yönetimi SOAR & IRM Webinar - 2020Açık Kaynak Kodlu Çözümler Kullanarak SOC Yönetimi SOAR & IRM Webinar - 2020
Açık Kaynak Kodlu Çözümler Kullanarak SOC Yönetimi SOAR & IRM Webinar - 2020
 
DNS Protokolüne Yönelik Güncel Saldırı Teknikleri & Çözüm Önerileri
DNS Protokolüne Yönelik Güncel Saldırı Teknikleri & Çözüm ÖnerileriDNS Protokolüne Yönelik Güncel Saldırı Teknikleri & Çözüm Önerileri
DNS Protokolüne Yönelik Güncel Saldırı Teknikleri & Çözüm Önerileri
 
Webinar: Siber Güvenlikte Olgunluk Seviyesini Arttırmak
Webinar: Siber Güvenlikte Olgunluk Seviyesini ArttırmakWebinar: Siber Güvenlikte Olgunluk Seviyesini Arttırmak
Webinar: Siber Güvenlikte Olgunluk Seviyesini Arttırmak
 
Open Source Soc Araçları Eğitimi 2020-II
Open Source Soc Araçları Eğitimi 2020-IIOpen Source Soc Araçları Eğitimi 2020-II
Open Source Soc Araçları Eğitimi 2020-II
 
Webinar Sunumu: Saldırı, Savunma ve Loglama Açısından Konteyner Güvenliği
Webinar Sunumu: Saldırı, Savunma ve Loglama Açısından Konteyner GüvenliğiWebinar Sunumu: Saldırı, Savunma ve Loglama Açısından Konteyner Güvenliği
Webinar Sunumu: Saldırı, Savunma ve Loglama Açısından Konteyner Güvenliği
 
Hacklenmiş Windows Sistem Analizi
Hacklenmiş Windows Sistem AnaliziHacklenmiş Windows Sistem Analizi
Hacklenmiş Windows Sistem Analizi
 
Open Source SOC Kurulumu
Open Source SOC KurulumuOpen Source SOC Kurulumu
Open Source SOC Kurulumu
 
RAKAMLARIN DİLİ İLE 2020 YILI SIZMA TESTLERİ
RAKAMLARIN DİLİ İLE 2020 YILI SIZMA TESTLERİRAKAMLARIN DİLİ İLE 2020 YILI SIZMA TESTLERİ
RAKAMLARIN DİLİ İLE 2020 YILI SIZMA TESTLERİ
 
Siber Fidye 2020 Raporu
Siber Fidye 2020 RaporuSiber Fidye 2020 Raporu
Siber Fidye 2020 Raporu
 
BGA Türkiye Bankacılık Sektörü 1. Çeyrek Phishing Raporu
BGA Türkiye Bankacılık Sektörü 1. Çeyrek Phishing RaporuBGA Türkiye Bankacılık Sektörü 1. Çeyrek Phishing Raporu
BGA Türkiye Bankacılık Sektörü 1. Çeyrek Phishing Raporu
 
SOC Kurulumu ve Yönetimi İçin Açık Kaynak Kodlu Çözümler
SOC Kurulumu ve Yönetimi İçin Açık Kaynak Kodlu ÇözümlerSOC Kurulumu ve Yönetimi İçin Açık Kaynak Kodlu Çözümler
SOC Kurulumu ve Yönetimi İçin Açık Kaynak Kodlu Çözümler
 
Veri Sızıntıları İçinden Bilgi Toplama: Distributed Denial of Secrets
Veri Sızıntıları İçinden Bilgi Toplama: Distributed Denial of SecretsVeri Sızıntıları İçinden Bilgi Toplama: Distributed Denial of Secrets
Veri Sızıntıları İçinden Bilgi Toplama: Distributed Denial of Secrets
 
Aktif Dizin (Active Directory) Güvenlik Testleri - I: Bilgi Toplama
Aktif Dizin (Active Directory) Güvenlik Testleri - I: Bilgi ToplamaAktif Dizin (Active Directory) Güvenlik Testleri - I: Bilgi Toplama
Aktif Dizin (Active Directory) Güvenlik Testleri - I: Bilgi Toplama
 

Último

Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusA Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusZilliz
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024The Digital Insurer
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 

Último (20)

Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusA Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source Milvus
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 

8 Ocak 2015 SOME Etkinligi - BGA Cyber Security Incident Response Team

  • 1. CYBER  SECURITY   INCIDENT  RESPONSE   TEAM BY  BGA  INFORMATION  SECURITY  &  CONSULTING   BGA  INFORMATION  SECURITY  &  CONSULTING  
  • 2. About  me   Candan  BÖLÜKBAŞ   •       about.me/bolukbas   •       METU  Computer  Eng.     •       CCNA,  CCNP,  CEH,  ITIL,  MCP   •       Enterprise  Security  Services  Manager   •       7-­‐year  .Net  &  Obj-­‐C  Developer     •       T.C.  Cumhurbaşkanlığı  Network  &  Security  Admin   •       candan.bolukbas@bga.com.tr   •       @candanbolukbas   BGA  INFORMATION  SECURITY  &  CONSULTING  
  • 3. Agenda •       IntroducYon   •       Cyber  AZack  in  the  world   •       CSIRT  staYsYcs  from  USA  &  UK   •       CSIRT  efficiency  measurement   •       Best  PracYces  for  CreaYng  a  CSIRT   •       Conclusion  &  RecommendaYon   •       QuesYons   BGA  INFORMATION  SECURITY  &  CONSULTING  
  • 4. Challenges  that  today’s  security   organizaEons  have  to  deal  with: Malware  campaigns  launched  by  organized  criminal  groups  who  look  to   steal  informaYon  that  can  be  sold  on  the  black  market   Increasingly  powerful  distributed  denial-­‐of-­‐service  (DDoS)  aZacks  that   can  take  out  large  websites   State-­‐sponsored  espionage  that  can  penetrate  even  well-­‐defended   networks.   BGA  INFORMATION  SECURITY  &  CONSULTING  
  • 5. As  aIacks  have  become  more  sophisEcated,  the   need  for  Computer  Security  Incident  Response   Teams  (CSIRTs)  has  grown. Botnets   Distributed  denial-­‐of-­‐ service  (DDoS)  aZacks   Insider  threats   Advanced  persistent   threats  (APTs).   CSIRT   BGA  INFORMATION  SECURITY  &  CONSULTING  
  • 6. BGA  INFORMATION  SECURITY  &  CONSULTING  
  • 7. BGA  INFORMATION  SECURITY  &  CONSULTING  
  • 8. BGA  INFORMATION  SECURITY  &  CONSULTING  
  • 9. What  Are  the  QuesEons? •     What  are  the  basic  requirements  for  establishing  a  CSIRT?   •     What  type  of  CSIRT  will  be  needed?   •     What  type  of  services  should  be  offered?   •     How  big  should  the  CSIRT  be?   •     Where  should  the  CSIRT  be  located  in  the  organizaYon?   •     How  much  will  it  cost  to  implement  and  support  a  team?   •     What  are  the  iniYal  steps  to  follow  to  create  a  CSIRT?   BGA  INFORMATION  SECURITY  &  CONSULTING  
  • 10. What  Are  Some  Best  PracEces  for   CreaEng  a  CSIRT? • Obtain  management  support  and  buy-­‐in  Step  #1   • Determine  the  CSIRT  strategic  plan  Step  #2   • Gather  relevant  informaYon  Step  #3   • Design  the  CSIRT  vision  Step  #4   • Communicate  the  CSIRT  vision  and  operaYonal  plan  Step  #5   • Begin  CSIRT  implementaYon  Step  #6   • Announce  the  operaYonal  CSIRT  Step  #7   • Evaluate  CSIRT  effecYveness  Step  #8   BGA  INFORMATION  SECURITY  &  CONSULTING  
  • 11. Step  1:  Obtain  Management  Support  and   Buy-­‐In •       ExecuYve  and  business  or  department  managers  and  their  staffs  commiong  Yme  to  parYcipate  in   this  planning  process;  their  input  is  essenYal  during  the  design  effort.   •       Along  with  obtaining  management  support  for  the  planning  and     implementaYon  process,  it  is  equally  important  to  get  management     commitment  to  sustain  CSIRT  operaYons  and  authority  for  the  long  term.   •       It  is  important  to  elicit  management's  expectaYons  and  percepYons  of     the  CSIRT's  funcYon  and  responsibiliYes.   BGA  INFORMATION  SECURITY  &  CONSULTING  
  • 12. BGA  INFORMATION  SECURITY  &  CONSULTING  
  • 13. 1%   2%   5%   11%   31%   50%   What  percentage  of  your  organiza8on’s  security  budget  is  allocated  to  incident   response?   More  than  50%   41%  to  50%   31%  to  40%   21%  to  30%   10%  to  20%   Less  than  10%   BGA  INFORMATION  SECURITY  &  CONSULTING  
  • 14. Step  2:  Determine  the  CSIRT   Development  Strategic  Plan •       Are  there  specific  Yme  frames  to  be  met?  Are  they  realisYc,  and  if  not,  can  they  be  changed?   •       Is  there  a  project  group?  Where  do  the  group  members  come  from?  You  want  to     ensure  that  all  stakeholders  are  represented.   •       How  do  you  let  the  organizaYon  know  about  the  development  of  the  CSIRT?   •       If  you  have  a  project  team,  how  do  you  record  and  communicate  the     informaYon  you  are  collecYng,  especially  if  the  team  is  geographically  dispersed?   BGA  INFORMATION  SECURITY  &  CONSULTING  
  • 15. Step  3:  Gather  Relevant  InformaEon The  stakeholders  could  include  but  are  not  limited  to:   • Business  managers   • RepresentaYves  from  IT   • RepresentaYves  from  the  legal  department   • RepresentaYves  from  human  resources   • RepresentaYves  from  public  relaYons   • Any  exisYng  security  groups,  including  physical  security   • Audit  and  risk  management  specialists   • General  representaYves  from  the  consYtuency   BGA  INFORMATION  SECURITY  &  CONSULTING  
  • 16. Step  4:  Design  Your  CSIRT  Vision BGA  INFORMATION  SECURITY  &  CONSULTING   In  creaYng  your  vision,  you  should  idenYfy  your  consYtuency   •  Who  does  the  CSIRT  support  and  serve?   •  Define  your  CSIRT  mission,  goals,  and  objecYves.  What  does  the  CSIRT  do  for  the  idenYfied   consYtuency?   •  Select  the  CSIRT  services  to  provide  to  the  consYtuency  (or  others).  How  does  the  CSIRT   support  its  mission?   •  Determine  the  organizaYonal  model.  How  is  the  CSIRT  structured  and  organized?   •  IdenYfy  required  resources.  What  staff,  equipment,  and  infrastructure     are  needed  to  operate  the  CSIRT?   •  Determine  your  CSIRT  funding.  How  is  the  CSIRT  funded  for  its  iniYal     startup  and  its  long-­‐term  maintenance  and  growth?  
  • 17. Step  5:  Communicate  the  CSIRT  Vision •       Communicate  the  CSIRT  vision  and  operaYonal  plan  to  management,   your  consYtuency,  and  others  who  need  to  know  and  understand  its   operaYons.     •       Make  adjustments  to  the  plan  based  on  their  feedback.     •       CommunicaYng  your  vision  in  advance  can  help  idenYfy     process  or  organizaYonal  problems  before  implementaYon.     •       It  is  a  way  to  let  people  know  what  is  coming  and  allow  them  to   provide  input  into  CSIRT  development.  This  is  a  way  to  begin  markeYng   the  CSIRT  to  the  consYtuency  and  gaining  the  needed  buy-­‐in  from  all   organizaYonal  levels.   BGA  INFORMATION  SECURITY  &  CONSULTING  
  • 18. Step  6:  Begin  CSIRT  ImplementaEon Once  management  and  consYtuency  buy-­‐in  is  obtained  for  the  vision,   begin  the  implementaYon:   • Hire  and  train  iniYal  CSIRT  staff.   • Buy  equipment  and  build  any  necessary  network  infrastructure     to  support  the  team.   • Develop  the  iniYal  set  of  CSIRT  policies  and  procedures  to     support  your  services.   • Define  the  specificaYons  for  and  build  your  incident-­‐tracking     system.   • Develop  incident-­‐reporYng  guidelines  and  forms  for  your  consYtuency.   BGA  INFORMATION  SECURITY  &  CONSULTING  
  • 19. 45%   28%   14%   11%   2%   0%   5%   10%   15%   20%   25%   30%   35%   40%   45%   50%   0   1   2-­‐5   5-­‐10   10+   How  many  team  members  are  fully  dedicated  to  CSIRT?   BGA  INFORMATION  SECURITY  &  CONSULTING  
  • 20. Step  7:  Announce  the  CSIRT •       When  the  CSIRT  is  operaYonal,  announce  it  broadly  to  the   consYtuency  or  parent  organizaYon.   •       Include  the  contact  informaYon  and  hours  of  operaYon  for  the   CSIRT  in  the  announcement.     •       You  may  also  want  to  develop  informaYon  to  publicize  the  CSIRT,   such  as  a  simple  flyer  or  brochure  outlining  the  CSIRT  mission  and   services.   BGA  INFORMATION  SECURITY  &  CONSULTING  
  • 21. Step  8:  Evaluate  the  EffecEveness  of  the   CSIRT InformaYon  on  effecYveness  can  be  gathered  through  a  variety  of   feedback  mechanisms,  including:     • Benchmarking  against  other  CSIRTs   • General  discussions  with  consYtuency  representaYves   • EvaluaYon  surveys  distributed  to  consYtuency  members  on  a     periodic  basis   • CreaYon  of  a  set  of  criteria  or  quality  parameters   • Compare  with  ExpectaYons  for  Computer  Security     Incident  Response  (RFC  2350)   • Remember  that  PaYence  Can  Be  a  Key!   BGA  INFORMATION  SECURITY  &  CONSULTING  
  • 22. How  long  it  takes  to  respond  Approximate  average  MTTI,  MTTK,  MTTF  and   MTTV  experienced  by  organizaEons  in  recent  incidents • Mean  Yme  to   verify   MTTV   • Mean  Yme  to   fix   MTTF   • Mean  Yme  to   know   MTTK   • Mean  Yme  to   idenYfy     MTTI   BGA  INFORMATION  SECURITY  &  CONSULTING  
  • 23. 80%   76%   67%   65%   56%   0%   10%   20%   30%   40%   50%   60%   70%   80%   90%   Most  effec8ve  security  tools  for  detec8ng  security  breaches   An8-­‐virus   IP  reputa8on  &  threat  feed  services   Intrusion  preven8on/detec8on  systems   SIEM   Analysis  of  NetFlow  or  packet  captures   BGA  INFORMATION  SECURITY  &  CONSULTING  
  • 24. BGA  INFORMATION  SECURITY  &  CONSULTING  
  • 25. Reac8ve  Services   Proac8ve  Services   Security  Quality  Management  Services   Alerts  and  Warnings   Announcements   Risk  Analysis               Incident  Handling   Technology  Watch   Business  ConYnuity  and  Disaster  Recovery   Planning   •  Incident  analysis  (Forensic  &  Tracking)           •  Incident  response  on  site   Security  Audits  or  Assessments  (Scan  &  Pentest)  Security  ConsulYng   •  Incident  response  support           •  Incident  response  coordinaYon   ConfiguraYon  and  Maintenance  of  Security   Tools,  ApplicaYons,  and  Infrastructures   Awareness  Building           Vulnerability  Handling   Development  of  Security  Tools   EducaYon/Training   •  Vulnerability  analysis           •  Vulnerability  response   Intrusion  DetecYon  Services   Product  EvaluaYon  or  CerYficaYon   •  Vulnerability  response  coordinaYon           Security-­‐Related  InformaYon  DisseminaYon       Ar8fact  Handling           •  ArYfact  analysis           •  ArYfact  response           •  ArYfact  response  coordinaYon           BGA  INFORMATION  SECURITY  &  CONSULTING  
  • 26. BGA  INFORMATION  SECURITY  &  CONSULTING  
  • 27. Conclusion  &  RecommendaEons   •  Make  it  a  priority  to  build  an  incident  response  team  consisYng  of  experienced,  full-­‐Yme   members     •  Assess  the  readiness  of  incident  response  team  members  on  an  ongoing  basis     •  Create  clearly  defined  rules  of  engagement  for  the  incident  response  team     •  Translate  the  results  of  these  measures  into  user-­‐friendly  business  communicaYons     •  Involve  mulY-­‐disciplinary  areas  of  the  organizaYon  in  the  incident  response  process     •  Invest  in  technologies  that  support  the  collecYon  of  informaYon  to  idenYfy  potenYal  threats     •  Consider  sharing  threat  indicators  with  third-­‐party  organizaYons  to  foster  collaboraYon     •  Have  meaningful  operaYonal  metrics  to  gauge  the  overall  effecYveness  of  incident  response   BGA  INFORMATION  SECURITY  &  CONSULTING  
  • 28. References [1]  West-­‐Brown,  Moira  J.;  SYkvoort,  Don;  &  Kossakowski,  Klaus-­‐Peter.  Handbook  for  Computer  Security  Incident  Response  Teams   (CSIRTs)  (CMU/SEI-­‐98-­‐HB-­‐001).  PiZsburgh,  PA:  So|ware  Engineering  InsYtute,  Carnegie  Mellon  University,  1998.  Note  that  this   document  was  superceded  by  the  2nd  ediYon  (CMU/SEI-­‐2003-­‐HB-­‐002),  published  in  April  2003.     [2]  Kossakowski,  Klaus-­‐Peter.  InformaYon  Technology  Incident  Response  CapabiliYes.  Hamburg:  Books  on  Demand,  2001  (ISBN:   3-­‐8311-­‐0059-­‐4).     [3]  Kossakowski;  Klaus-­‐Peter  &  SYkvoort,  Don.  A  Trusted  CSIRT  Introducer  in  Europe.  Amersfoort,  Netherlands:  M&I/Stelvio,   February,  2000.   [4]  Exposing  One  of  China’s  Cyber  Espionage  Units  hZp://intelreport.mandiant.com/Mandiant_APT1_Report.pdf   [5]  M-­‐Trends®  2013:  AZack  the  Security  Gap  hZp://pages.fireeye.com/MF0D0O0PDVp6y106k0TI0B3   [6]  M-­‐Trends®  2011:  When  PrevenYon  Fails  hZp://www.mandiant.com/assets/PDF_MTrends_2011.pdf   [7]  M-­‐Trends®  2012:  An  Evolving  Threat  hZp://www.mandiant.com/assets/PDF_MTrends_2012.pdf   [8]  Cyber  Security  Incident  Response  2014  hZp://www.lancope.com/files/documents/Industry-­‐Reports/Lancope-­‐Ponemon-­‐ Report-­‐Cyber-­‐Security-­‐Incident-­‐Response.pdf   [9]  Create  a  CSIRT  hZps://www.cert.org/incident-­‐management/products-­‐services/creaYng-­‐a-­‐csirt.cfm   [10]  CSIRT  Services  list  from  CERT/CC  hZps://www.enisa.europa.eu/acYviYes/cert/support/guide/appendix/csirt-­‐services   BGA  INFORMATION  SECURITY  &  CONSULTING  
  • 30. BGA  INFORMATION  SECURITY  &  CONSULTING