Hi [[ session.user.profile.firstName ]]


  • Date
  • Rating
  • Views
  • Lessons Learned from Building and Running MHN
    Lessons Learned from Building and Running MHN
    Jason Trost, VP Threat Research Recorded: Oct 5 2015 31 mins
    Honeypots are really useful for collecting security data for research, especially around botnets, scanning hosts, password brute forcers, and other misbehaving systems. They are also the cheapest way collect this data at scale. Deploying many types of honeypots across geo-diverse locations of the Internet improves the aggregate data quality and provides a holistic view. This provides insight into both global trends of attacks and network activity as well as the behaviors of individual malicious systems. For these reasons, we started the Modern Honey Network, which is both an open source (GPLv3) project and a community of hundreds of MHN servers that manage and aggregate data from thousands of heterogeneous honeypots (Dionaea, Kippo, Amun, Conpot, Wordpot, Shockpot, and Glastopf) and network sensors (Snort, Suricata, p0f) deployed by different individuals and organizations as a distributed sensor network. The project has turned into the largest crowdsourced honeynet in the world consisting of thousands of diverse sensors deployed across 45 countries and 6 continents worldwide. Sensors are operated by all sorts of people from hobbyists, to academic researchers, to Fortune 1000 companies. In this talk we will discuss our experience in starting this project, analyzing the data, and building a crowdsourced global sensor network for tracking security threats and gathering interesting data for research. We've found that lots of people like honeypots, especially if you give them a cool realtime visualization of their data and make it easy to setup; lots of organizations will share their data with you if it is part of a community; and lots of companies will deploy honeypots as additional network sensors, especially if you make it easy to deploy/manage/integrate with their existing security tools.
  • Social Threat Intelligence (STI)
    Social Threat Intelligence (STI)
    Trevor Welsh, Sr. SE Manager Recorded: Jul 16 2015 51 mins
    Social has changed many aspects of information security. Fascinatingly, enterprise has been slow to embrace community sourcing security intelligence. Trevor Welsh of ThreatStream will present on Social Threat Intelligence (STI). This talk will detail how STI exists today, and how it might exist tomorrow. Trevor will also detail how enterprise can best take advantage of STI in a sensible, secure way.
  • Threat Intelligence:  Defeating the Adversary
    Threat Intelligence: Defeating the Adversary
    Colby DeRodeff Recorded: Jun 29 2015 34 mins
    The state of threat intelligence is rapidly evolving, yet, there are still those who don’t know why it’s important and better yet, how to leverage the information they receive. Many organizations are overwhelmed by the volume of indicators they see daily and can only combat these threats in a reactive manner due to lack of resources. In this presentation, we will discuss threat intelligence, what it is, why it’s important, and how to use and leverage your current security investment to help avoid costly breaches and defeat cyber adversaries.
  • Fight Cyber Adversaries with Controlled Collaboration
    Fight Cyber Adversaries with Controlled Collaboration
    Colby DeRodeff, CSO ThreatStream Recorded: Nov 6 2014 20 mins
    In the war for information, the adversary has one key advantage ... collaboration. There's no barrier preventing cyber criminals from joining forces to attack organizations. With bot army's and sophisticated malware RATs, the enemies resources are limitless. It's time to take control and turn the tables by enabling our own community. Real-time threat indicator sharing is now a possibility.

    Join other like-minded security professionals to create a collective defense grid by sharing threat intelligence. Learn how to mitigate cyber attacks by enabling controlled collaboration.
  • Threat Intelligence Revolution
    Threat Intelligence Revolution
    Colby DeRodeff, CSO ThreatStream Recorded: Jul 29 2014 50 mins
    Real-world intelligence has been used for thousands of years to thwart an enemy’s intentions. With the evolving sophistication of cyber threats growing at a rapid pace, today, internet and network connectivity has become the lifeblood of enterprise operations. Businesses require effective up-to-date intelligence to mitigate threats in order to safeguard transactions, information, and intellectual property from data theft and operational disruption. Learn how to realign your defenses and defeat cyber threats with a radical approach and be a leader in the threat intelligence revolution!

Embed in website or blog