Play all

Adaptive Threat Modeling

If there isn't a reason, stop doing it

It's the reason you're doing this!

Security should always come with purpose and intent

How do we understand threats?

Threat modeling is a procedure for optimizing network Security by identifying objectives and vulnerabilities, and then defining countermeasures to prevent, or mitigate the effects of threats to the s…

Drawing, documenting, prioritizing

We're not going to cover methodologies

Focus on reality

Clearly define the capabilities of the threat actor

Understand what the true business impact is

Threat Event Frequency

In order to determine risk we need to identify how often

We can do this with a SIEM

Or via custom tooling

Whatever you do, use the data!

Deliver value, focus, and prioritize

You have realized that things change

Start building threat scenarios automatically

Both predictable and irrational behavior can be modeled

Think about a series of requests as a state transition

You can produce Markov chains from behavioral patterns

Use the request information to produce intended and identifiably malicious transition matrices

You can take this incredibly far

Intent and capability are vital to risk analysis

Using these Markov chains, you can show both

Once you identify this you can build your threat models in near real time

This gives you apply controls to scenarios

Active risk registers tell everyone the story

It allows you to be in constant communication with the business

You can't do it all

Learn to focus on what matters

Description:

Explore adaptive threat modeling techniques in this NDC Security 2018 conference talk. Discover how to analyze web traffic and transform request logs into actionable data for identifying threat actors by intent and categorizing them for quantitative risk analysis. Learn to create a dynamic threat model that adapts to the constantly shifting threat landscape, enabling continuous examination of security controls. Gain insights into developing a quantitative risk-driven approach to security and understand the importance of this data in driving risk analysis and creating an effective security program. Delve into topics such as threat event frequency, automated threat scenario building, and the use of Markov chains for modeling both predictable and irrational behavior. Understand how to leverage intent and capability in risk analysis, build near real-time threat models, and maintain active risk registers for improved communication with business stakeholders. Acquire valuable skills to focus on what truly matters in your security efforts and optimize your organization's network security. Read more

Adaptive Threat Modeling

NDC Conferences

Add to list

#Conference Talks #NDC Conferences #Information Security (InfoSec) #Network Security #Business #Risk Analysis #Mathematics #Statistics & Probability #Probability Theory #Markov Chains #Cybersecurity #Threat Modeling

0:00 / 0:00