BSides SF Security Mendoza Line

Post on 02-Jul-2015

2,215 views 0 download

Preview:

Click to see full reader
Report this document
SHARE

description

Hitting Above The Security Mendoza Line. Presentation by Ed Bellis at BSides San Francisco.

transcript

Hitting Above The Security Mendoza LineEd Bellis, CEO Risk I/O

Nice To Meet YouCoFounder Risk I/O

About Me

About Risk I/O

Former CISO Orbitz

Contributing Author Beautiful Security

CSO Magazine/Online Writer

Data-Driven Vulnerability Intelligence Platform

DataWeek 2012 Top Security Innovator

3 Startups to Watch - Information Week

InfoSec Island Blogger

16 Hot Startups - eWeek

About Mario

Played for Pirates, Rangers & Mariners

Played MLB for 9 Seasons

Lifetime Batting Avg: .214, 4HR, 101 RBI

Failed to bat .200 5 times

The Security Mendoza Line

Alex Hutton came up with original concept of the Security Mendoza Line

http://riskmanagementinsight.com/riskanalysis/?p=294

Wouldn’t it be nice if we had something that helped us divide who we considered “Amateur” and who we considered “Professional”?

Enter The Security Mendoza Line

http://riskmanagementinsight.com/riskanalysis/?p=294
http://riskmanagementinsight.com/riskanalysis/?p=294

Josh Corman expands

HD Moore’s Law

the Security Mendoza Line

“Compute power grows at the rate of doubling about every 2 years”

“Casual attacker power grows at the rate of Metasploit”

http://blog.cognitivedissidents.com/2011/11/01/intro-to-hdmoores-law/

http://blog.cognitivedissidents.com/2011/11/01/intro-to-hdmoores-law/
http://blog.cognitivedissidents.com/2011/11/01/intro-to-hdmoores-law/
http://blog.cognitivedissidents.com/2011/11/01/intro-to-hdmoores-law/
http://blog.cognitivedissidents.com/2011/11/01/intro-to-hdmoores-law/

A Difficult Task

ExploitDB > 18K Exploits

0

500

1000

1500

2000

2010 2012

Exploit Development

MSF Modules

Nearly 2K MSF Exploitsin first 9 months!

17.8% Known Exploits

Release Early Release Often

Point Click Pwn

A Data Driven Approach

Out Scripting the Kiddies

Fighting Automation with Automation

Netflix/SimianArmy

Context Matters

Attack Path data analysis

Context Matters

Wait just a minute...

http://vorobeychik.com/2012/ssgames.pdf

Computing Optimal Security Strategies for Interdependent Assets

Game Theory: Smart Data>Big Datahttp://blog.risk.io/2013/02/playing-around-with-game-theory/

http://vorobeychik.com/2012/ssgames.pdf
http://vorobeychik.com/2012/ssgames.pdf
http://blog.risk.io/2013/02/playing-around-with-game-theory/
http://blog.risk.io/2013/02/playing-around-with-game-theory/

Context Matters

Mitigating Controls

Firewalls / ACLs

IPS

WAF

MFA

Other

Context Matters

Honeypot, WAF & IDS datalogs! logs! logs!

Measuring Likelihood

My(vuln posture X other threat activity) / (other

vuln posture X other threat activity)

Broader Context

Targets of Opportunity?

Beyond Info SharingModel Sharing

CVE Trending Analysis

A Quick Side Note

Gunnar’s Debt Clock

Q & A

follow us

http://blog.risk.io/

http://www.honeyapps.com/signuphttp://www.honeyapps.com/signup

@riskio

@ebellis

the blog

twitter

And one more thing....

We’re Hiring! https://www.risk.io/jobs

http://www.honeyapps.com/signup
http://www.honeyapps.com/signup
http://www.honeyapps.com/signup
http://www.honeyapps.com/signup
http://www.honeyapps.com/signup
http://www.honeyapps.com/signup
http://www.honeyapps.com/signup
https://www.risk.io/jobs
https://www.risk.io/jobs

Top related

Digital Forensics - BSides Lisbon 2013
Technology
Taking AppSec to 11 - BSides Austin 2016
Internet
BSides LA/PDX
Technology
BSides Algiers - Stuxnet - Sofiane Talmat
Technology
BSides Philly Finding a Company's BreakPoint
Technology
BITCOIN FORENSICS : Bsides Delhi Conference
Technology
Bsides Set
Documents
BSidesOttawa 2016 Sponsorship Kit V1 - Security BSides€¦ · BSides Ottawa 2016 Page | 3 BSides Ottawa Welcome Thank you for your interest in sponsoring #BSidesOttawa. Following
Documents
Minding the Metacognitive Gap - BSides NOLA
Technology
Security BSides Atlanta - "The Business Doesn't Care..."
Technology
BSides Algiers - Metasploit framework - Oussama Elhamer
Technology
Breaking Secure Mobile Applications - BSides
Documents
BSides Algiers - Certification Electronique - Lilia Ounini
Technology
Bsides Sanders/Allen
Internet
BSIDES MAGAZINE_ APRIL 2007
Documents
BSides London - Scapy Workshop
Technology
BSides Huntsville Keynote - Active Cyber Defense Cycle
Technology
Bsides detroit 2013 honeypots
Technology
Maltego Magic Workshop - BSides London 2015
Internet
Active Defense - Ohio InfoSec - Active... · 2020. 3. 10. · Cyber Security Symposium, BSides Indianapolis 2018, BSides Columbus 5.0, BSides Cincinnati 2018, the 11th Annual Central
Documents

Copyright © 2018 DOCUMENTS