BSides SF Security Mendoza Line
-
Upload
ed-bellis -
Category
Technology
-
view
2.214 -
download
0
description
Transcript of BSides SF Security Mendoza Line
![Page 1: BSides SF Security Mendoza Line](https://reader034.fdocuments.us/reader034/viewer/2022052622/5595418a1a28ab340c8b461b/html5/thumbnails/1.jpg)
Hitting Above The Security Mendoza LineEd Bellis, CEO Risk I/O
![Page 2: BSides SF Security Mendoza Line](https://reader034.fdocuments.us/reader034/viewer/2022052622/5595418a1a28ab340c8b461b/html5/thumbnails/2.jpg)
Nice To Meet YouCoFounder Risk I/O
About Me
About Risk I/O
Former CISO Orbitz
Contributing Author Beautiful Security
CSO Magazine/Online Writer
Data-Driven Vulnerability Intelligence Platform
DataWeek 2012 Top Security Innovator
3 Startups to Watch - Information Week
InfoSec Island Blogger
16 Hot Startups - eWeek
![Page 3: BSides SF Security Mendoza Line](https://reader034.fdocuments.us/reader034/viewer/2022052622/5595418a1a28ab340c8b461b/html5/thumbnails/3.jpg)
About Mario
Played for Pirates, Rangers & Mariners
Played MLB for 9 Seasons
Lifetime Batting Avg: .214, 4HR, 101 RBI
Failed to bat .200 5 times
![Page 4: BSides SF Security Mendoza Line](https://reader034.fdocuments.us/reader034/viewer/2022052622/5595418a1a28ab340c8b461b/html5/thumbnails/4.jpg)
The Security Mendoza Line
Alex Hutton came up with original concept of the Security Mendoza Line
http://riskmanagementinsight.com/riskanalysis/?p=294
Wouldn’t it be nice if we had something that helped us divide who we considered “Amateur” and who we considered “Professional”?
Enter The Security Mendoza Line
![Page 5: BSides SF Security Mendoza Line](https://reader034.fdocuments.us/reader034/viewer/2022052622/5595418a1a28ab340c8b461b/html5/thumbnails/5.jpg)
Josh Corman expands
HD Moore’s Law
the Security Mendoza Line
“Compute power grows at the rate of doubling about every 2 years”
“Casual attacker power grows at the rate of Metasploit”
http://blog.cognitivedissidents.com/2011/11/01/intro-to-hdmoores-law/
![Page 6: BSides SF Security Mendoza Line](https://reader034.fdocuments.us/reader034/viewer/2022052622/5595418a1a28ab340c8b461b/html5/thumbnails/6.jpg)
A Difficult Task
ExploitDB > 18K Exploits
0
500
1000
1500
2000
2010 2012
Exploit Development
MSF Modules
Nearly 2K MSF Exploitsin first 9 months!
17.8% Known Exploits
![Page 7: BSides SF Security Mendoza Line](https://reader034.fdocuments.us/reader034/viewer/2022052622/5595418a1a28ab340c8b461b/html5/thumbnails/7.jpg)
Release Early Release Often
![Page 8: BSides SF Security Mendoza Line](https://reader034.fdocuments.us/reader034/viewer/2022052622/5595418a1a28ab340c8b461b/html5/thumbnails/8.jpg)
Point Click Pwn
![Page 9: BSides SF Security Mendoza Line](https://reader034.fdocuments.us/reader034/viewer/2022052622/5595418a1a28ab340c8b461b/html5/thumbnails/9.jpg)
A Data Driven Approach
![Page 10: BSides SF Security Mendoza Line](https://reader034.fdocuments.us/reader034/viewer/2022052622/5595418a1a28ab340c8b461b/html5/thumbnails/10.jpg)
Out Scripting the Kiddies
Fighting Automation with Automation
Netflix/SimianArmy
![Page 11: BSides SF Security Mendoza Line](https://reader034.fdocuments.us/reader034/viewer/2022052622/5595418a1a28ab340c8b461b/html5/thumbnails/11.jpg)
Context Matters
Attack Path data analysis
![Page 12: BSides SF Security Mendoza Line](https://reader034.fdocuments.us/reader034/viewer/2022052622/5595418a1a28ab340c8b461b/html5/thumbnails/12.jpg)
Context Matters
Wait just a minute...
http://vorobeychik.com/2012/ssgames.pdf
Computing Optimal Security Strategies for Interdependent Assets
Game Theory: Smart Data>Big Datahttp://blog.risk.io/2013/02/playing-around-with-game-theory/
![Page 13: BSides SF Security Mendoza Line](https://reader034.fdocuments.us/reader034/viewer/2022052622/5595418a1a28ab340c8b461b/html5/thumbnails/13.jpg)
Context Matters
Mitigating Controls
Firewalls / ACLs
IPS
WAF
MFA
Other
![Page 14: BSides SF Security Mendoza Line](https://reader034.fdocuments.us/reader034/viewer/2022052622/5595418a1a28ab340c8b461b/html5/thumbnails/14.jpg)
Context Matters
Honeypot, WAF & IDS datalogs! logs! logs!
Measuring Likelihood
![Page 15: BSides SF Security Mendoza Line](https://reader034.fdocuments.us/reader034/viewer/2022052622/5595418a1a28ab340c8b461b/html5/thumbnails/15.jpg)
My(vuln posture X other threat activity) / (other
vuln posture X other threat activity)
Broader Context
Targets of Opportunity?
![Page 16: BSides SF Security Mendoza Line](https://reader034.fdocuments.us/reader034/viewer/2022052622/5595418a1a28ab340c8b461b/html5/thumbnails/16.jpg)
Beyond Info SharingModel Sharing
![Page 17: BSides SF Security Mendoza Line](https://reader034.fdocuments.us/reader034/viewer/2022052622/5595418a1a28ab340c8b461b/html5/thumbnails/17.jpg)
CVE Trending Analysis
A Quick Side Note
Gunnar’s Debt Clock
![Page 18: BSides SF Security Mendoza Line](https://reader034.fdocuments.us/reader034/viewer/2022052622/5595418a1a28ab340c8b461b/html5/thumbnails/18.jpg)
Q & A
follow us
http://blog.risk.io/
http://www.honeyapps.com/signuphttp://www.honeyapps.com/signup
@riskio
@ebellis
the blog
And one more thing....
We’re Hiring! https://www.risk.io/jobs