Play all

Intro

Critical Assets

Short Game vs Long Game

Fundamentals

Asset Management

Our Own Battlefields

Defending the Unknown

Mapping Your Space

Collecting Data

Threat Intelligence

More data is not necessarily good

Where are you going to put that

What do you do

How many alerts

How many events can an analyst process

How long does it take to analyze an event

Do you drown in incidents

What threats are relevant

Everyones system is owned by malware

Three types of threats

Why does this matter

Tier 1 automated response

Destroy image

Human time expended

Containment analysis

Persistent threats

Human Time

Chess Match

Intelligent Prioritization

External Indicators

Internal External Content

Learning from Incidents

Raising Costs

The Goal

Real Security

Description:

Explore a comprehensive conference talk on active defense strategies in cybersecurity. Delve into the concept of winning long-term security wars despite losing individual battles. Learn about critical asset identification, the importance of asset management, and creating your own defensive battlefields. Discover techniques for mapping your digital space, collecting and analyzing threat intelligence, and dealing with data overload. Examine the challenges of alert fatigue, incident response, and analyst workload. Understand the three types of threats and their relevance to your organization. Investigate automated response systems, containment analysis, and persistent threat mitigation. Gain insights into intelligent prioritization, leveraging external indicators, and learning from security incidents. Explore strategies for raising costs for attackers and achieving real, sustainable security in an ever-evolving threat landscape.

Losing Battles Winning Wars - Active Defense Rebooted

Add to list

#Conference Talks #Information Security (InfoSec) #Cybersecurity #Threat Intelligence #Business #Finance #Asset Management #Incident Response #Incident Analysis