HackDig : Dig high-quality web security articles for hackers

The importance of logs: You won’t see what you don’t log

Presentation on logging and auditing strategies (as given at Secure South West 11). Building on my blog post on Cisco’s security blog entitled The Importance of Logs, I put together a presentation that picks apart some of the practical aspects of building a successful logging capability focusing on the need to document “good” and curate 
Publish At:2019-09-19 17:35 | Read:770 | Comments:0 | Tags:Presentations blue team hardening red team SecureSouthWest t

Where 2 worlds collide: Bringing Mimikatz et al to UNIX

Presentation on Active Directory integration solutions for UNIX (as given at Black Hat Europe 2018). Over the past fifteen years there’s been an uptick in “interesting” UNIX infrastructures being integrated into customers’ existing AD forests. Whilst the threat models enabled by this should be quite familiar to anyone securing a heter
Publish At:2019-09-19 17:35 | Read:919 | Comments:0 | Tags:Presentations analysis auditing Black Hat Europe blue team c

Discover the secrets of the SOC

Presentation on building effective SOCs (as given at InfoSec Europe 2019 on the interactive workshop track). Simon Crocker, Cisco’s EMEAR lead for SOC Advisory looks at what goes into making a SOC work effectively. This talk discusses the core SOC requirements around monitoring and incident response function, but also touches on some of the other serv
Publish At:2019-09-19 17:35 | Read:945 | Comments:0 | Tags:Presentations blue team C-Suite conference InfoSec Europe SO

Is that really you? The importance of identity in breach response and recovery

Presentation on Zero Trust and the importance of identity in breach response and recovery (as given at InfoSec Europe 2019 on the tech talk track). Richard Dean, Cisco’s EMEAR Head Of Security Advisory Services looks at Cisco’s approach to zero trust. This talk discusses the need to monitoring your users’ access and privileges and how securing t
Publish At:2019-09-19 17:35 | Read:1053 | Comments:0 | Tags:Presentations blue team C-Suite conference incident response

So you want to build a SOC: Lessons from the front line

Presentation on building an effective operational security capability (as given at Cisco Live US/Talos Threat Research Summit 2019). This talk will not help you build a SOC in only 60 minutes, but it will help you build a functional security operation over time. Building a SOC can be daunting. This talk will look at how to pick your fights and the key battle
Publish At:2019-09-19 17:35 | Read:931 | Comments:0 | Tags:Presentations blue team conference SOC TTRS

Security Engineering – A manifesto for defensive security

Presentation on the need to re-examine how we engineer systems (taking service providers as an example) and the implications on how we quantify cyber risk if we want to take this message into the board room (as given at BT’s SnoopCon 2019 and Cisco’s June 2019 Knowledge Network webinar for service providers). Having delivered security consultancy
Publish At:2019-09-19 17:35 | Read:956 | Comments:0 | Tags:Presentations C-Suite conference CRQ cyber risk quantificati

Lightning OWASP Project Presentations at AppSec EU 2015

AppSec EU 2015 begins in two weeks. It is being held in Amsterdam at the Amsterdam RAI exhibition and conference centre.With the news yesterday that the number of conference attendee bookings has surpassed 400, together with the training, capture the flag competition, university challenge, application security hackathon, computer gaming, networking and organ
Publish At:2015-05-09 22:15 | Read:4684 | Comments:0 | Tags:requirements SDLC testing development owasp projects appsece

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud