Home / Series / BSides Las Vegas / Aired Order / Season 2013 / Episode 20

Stop Shooting Blanks: No magic bullets in your arsenal

There is no one single device that will provide a total security solution. All those “magic” and 4th quadrant solutions will not protect you. Security is not a framework, not a destination, and not a weekend of overtime implementing a new tool. It is not news that organizations need defense in depth or layered defenses. Too many organizations are stuck in a reactive security mode. Businesses react to network alerts, researching events in the morning from the day before. They react to virus detections when the av solution emails them a report. Each security solution only provides a part of the answer to the question “Am I owned?” Network alerts only provide a partial picture, same with host monitoring. By combining logs, network alerts, and system alerts a much clearer picture emerges. This talk will show that you can detect system compromises days, weeks and even months before antivirus will catch it. It will cover key system events and locations to monitor. Network events that you may not currently be watching for that you absolutely should be watching. Plus how simple visualization of log data can make potential compromises really stand out. Examples from compromises will be used to reinforce the concepts presented.

English
  • Originally Aired July 31, 2013
  • Created July 4, 2019 by
    Administrator admin
  • Modified July 4, 2019 by
    Administrator admin
Name Type Role
Renegade6 Guest Star