Threat Intelligence - OWASP Foundation | Open Source Foundation for Application Security ·...

Preview:

Click to see full reader

Citation preview

Threat Intelligence

Sherif Mansour

Threat Intelligence is like teenage sex: everyone talks about it, nobody really knows how to do it, everyone thinks everyone else is doing it, so everyone claims they are doing it...

What Can Threat Intel Tell Me?

1. Information about "bad actors” Public Threat FeedsPrivate Threat Feeds

2. Alerting if your org is listed as a bad actor

3. TTP Tactics, Techniques, Procedures

Information about "bad actors”

• Origins – IPs/ASN/Domains• Compromised Organizations / accounts• Malware signatures etc..

Alerting if your org is listed as a bad actor

If you find this, you are having a bad day!

TTP Tactics, Techniques, Procedures

• Learning from other’s grief!• Allows you to check if your org is prepared for

defending, detecting such campaigns

What can go wrong?

• Poor data quality• False positives• Unable to leverage data – difficult to integrate

Recommended

The OWASP Foundation OWASP AppSec Aguascalientes 2010 ¿Qué es OWASP? Miguel Pérez-Milicua Softtek Miembro de OWASP capítulo Aguacalientes
Documents
Application Security Awareness - OWASP Foundation · 2020-01-17 · Short Description Promote OWASP projects, events, education material and OWASP mission. Related Projects OWASP
Documents
The OWASP Foundation OWASP Belgium Chapter OWASP Update 6-Jun-2013 Seba Deleersnyder BE Board seba@owasp.org
Documents
The OWASP Foundation OWASP Automatic vs. Manual Code Analysis
Documents
The OWASP Foundation OWASP Top 10 2010 Kuai Hinojosa Software Security Consultant at Cigital OWASP Global Education Committee OWASP
Documents
Threat Intelligence on the Cheap - OWASP · Threat Intelligence on the Cheap OWASP Los Angeles May 24, ... • REN-ISAC project ... more/better intel than DarkWeb
Documents
The OWASP Foundation OWASP Belgium Chapter OWASP Update Sebastien Deleersnyder Foundation Board, Zenitel Belgium seba@owasp.org
Documents
The OWASP Foundation OWASP Technology and Business Risk Management
Documents
The OWASP Foundation OWASP Mantra - An Introduction Prepared By -Team Mantra- contact@getmantra.com
Documents
Geoffrey Vaughan - OWASP Foundation
Documents
OWASP Foundation
Documents
OWASP API Threat Protection with 42Crunch
Documents
OWASP Foundation - files.meetup.com · OWASP Foundation, NYC Chapter Exploits & Innovation OWASP was established in 2001. In 2004 it became a 501(c)(3) not-for-profit charitable
Documents
Docker Threat Modeling und OWASP Docker Top 10 · Docker Threat Modeling und OWASP Docker Top 10 Dr. Dirk Wetter @drwetter
Documents
Mobile Application Threat Analysis - OWASP › ... › Mobile-threat-analysis-short-presentation_owa… · publish_and_refresh_sync faking_app_in_app_store ssl_protection ip_bound_session
Documents
Copyright © 2007 - The OWASP Foundation This work is available under the Creative Commons SA 2.5 license The OWASP Foundation OWASP Denver February 2012
Documents
The OWASP Foundation Injection Flaws
Documents
OWASP Cambridge Talk - Application Honeypot Threat
Documents
OWASP The OWASP Foundation
Documents
Aaron Weaver - OWASP Foundation
Documents