Indicators of Compromise for Cyber Threat Intelligence and Incident Response.pdf
(
2434 KB
)
Pobierz
Indicators of Compromise
per Cyber Threat Intelligence e
Incident Response
M. Costa – Sinergy
G. Zanoni
–
Symantec
Security Summit Roma 2016
Agenda
•
Threat Intelligence
(M. Costa)
•
Lo scenario
•
Definizione di Threat Intelligence
•
Indicator of Compromise (IoC)
•
Cosa sono e a cosa servono gli IoC?
•
IoC – Creazione, Raccolta, Condivisione
•
Standard e Tools
•
Incident Response (G. Zanoni)
•
La Threat Intelligence nella realtà: SOC, MSSP
2
Incident Management - Scenario
Threat
Intelligence
Security
Advisory
Gestione degli
Incidenti di Sicurezza:
elementi principali
Monitoring
3
Incident Response
Incident Management - Attività
Advisory
Monitoring
Threat
Intelligence
Incident
Response
• Progettare e implementare
• Controllo on-site
• Analisi
• Gestire l’attacco
4
Incident Management - Attori
Advisory
Monitoring
Threat
Intelligence
Incident
Response
• Security Partner
• MSS & Security Partner
• Managed Security Service
Provider
• MSS & Security Partner
5
Plik z chomika:
darkbull
Inne pliki z tego folderu:
CompTIA A+ Exam Prep [Exams A+ Essentials, 220-602, 220-603, & 220-604].chm
(50230 KB)
Anti-Hacker Tool Kit, 3rd Ed.chm
(35281 KB)
Applied Security Visualization.pdf
(21603 KB)
Attacca i Sever (da Linux Pro 117 - Maggio 2012).pdf
(16907 KB)
Ajax Security.pdf
(12743 KB)
Inne foldery tego chomika:
2. Basic Skills 1 - Cyber Security Essentials
3. Basic Skills 2 - Linux Essentials
5. Intermediate Skills 1 - Python Coding Projects
6. Intermediate Skills 2 - Nmap
7. Intermediate Skills 3 - WireShark
Zgłoś jeśli
naruszono regulamin