Upload File

amateur hour: why apts are the least of your worries

  • Home
  • Technology
  • Amateur Hour: Why APTs Are The Least Of Your Worries
22
Amateur Hour Why APTs Are the Least of Your Worries

Upload: ed-bellis

Post on 15-Apr-2017

664 views

Category:

Technology


0 download

Report

TRANSCRIPT

Page 1: Amateur Hour: Why APTs Are The Least Of Your Worries

Amateur Hour Why APTs Are the Least of Your Worries

Page 2: Amateur Hour: Why APTs Are The Least Of Your Worries

Ed Bellis• Co-founder and CTO at Kenna Security, an automated risk & vulnerability intelligence platform

• Orbitz CISO for 6 years

• 20+ years Info Security experience including Bank of America, CSC, E&Y

• Contributing Author Beautiful Security

• Frequent speaker at events such as…

About Me

Page 3: Amateur Hour: Why APTs Are The Least Of Your Worries

Warning This presentation contains large amounts of data used for the purpose of proving an information

security theory. No marketers were harmed during the making of this presentation.

Page 4: Amateur Hour: Why APTs Are The Least Of Your Worries

“APT-1, Titan Rain, GhostNet, Aurora, Stuxnet, Red October, and Duqu, Oh my!!”

Page 5: Amateur Hour: Why APTs Are The Least Of Your Worries

Real but Likely??

• Spreadsheets that require a black belt in Excel

• COUNT ALL THE THINGS!

Page 6: Amateur Hour: Why APTs Are The Least Of Your Worries

Likely or Very Likely?

74%

Page 7: Amateur Hour: Why APTs Are The Least Of Your Worries

Don’t Worry, We Got This

67%

Page 8: Amateur Hour: Why APTs Are The Least Of Your Worries

“What is real? How do you define real?”

Page 9: Amateur Hour: Why APTs Are The Least Of Your Worries

2016 DBIR A Sneak Preview

Page 10: Amateur Hour: Why APTs Are The Least Of Your Worries

Your Threat Model Is Backwards

“While 2015 was no chump when it came to successfully exploited CVEs, the tally of really old CVEs which still get exploited in 2015 suggests that the oldies are still goodies.”

Page 11: Amateur Hour: Why APTs Are The Least Of Your Worries

Your Confidence Is Unwarranted

“…we need to see more of targeted remediation efforts which more often than not focus on those vulnerabilities which attackers are successful with in the wild.”

Page 12: Amateur Hour: Why APTs Are The Least Of Your Worries

The Great Defensive Gap

Page 13: Amateur Hour: Why APTs Are The Least Of Your Worries

“Low Hanging Fruit”

“if a vulnerability is going to be exploited, 30 days is a good bet for how much time you have to remediate.“

Page 14: Amateur Hour: Why APTs Are The Least Of Your Worries

The Tortoise

On Average it takes companies 100 to 120 days to remediate vulnerabilities.

Page 15: Amateur Hour: Why APTs Are The Least Of Your Worries

Versus The Hare

The probability that a CVE that is exploited in the first year will be hit X days after publication. At 40-60 days, that probability is over 90 percent.

Page 16: Amateur Hour: Why APTs Are The Least Of Your Worries

Casual attacker power grows at the rate of Metasploit.

Page 17: Amateur Hour: Why APTs Are The Least Of Your Worries

But HD Moore’s Law is just the Tip of the Iceberg

Page 18: Amateur Hour: Why APTs Are The Least Of Your Worries

Are These Attributes In Your Threat Model?

Page 19: Amateur Hour: Why APTs Are The Least Of Your Worries

What About These?

Page 20: Amateur Hour: Why APTs Are The Least Of Your Worries

Secure Because Math

Existing Exploit + Patch Available + RCE > Advanced Persistent Threat

P for Probability!

…or put another way… “Why Burn a Zero Day?”

Page 21: Amateur Hour: Why APTs Are The Least Of Your Worries

Key Takeaways

1.Focus on the Basics

2.Automate your Defenses A. Configuration Management B. Patch Management C. Compensating Controls D. Continuous Deployment

Make it necessary to be both Advanced and Persistent.

Page 22: Amateur Hour: Why APTs Are The Least Of Your Worries

Q&A


Strawbridge apts

Answer-Providing Tools (APTs)

TDW-GP24NG-APTS Rapid N-Glycan Preparation with APTS … · Rapid N-Glycan Preparation with APTS Enzymatic deglcosylation, fluorescent labeling with APTS and cleanup of excess dye

No Worries English

Worries (Punjabi)

No Worries

Wellington apts

Apts and other stuff

The Rabbi’s Worries

3. APTs Presentation

TABLE OF CONTENT - APTS

Fence around worries

APTS SFD 2Q2019

18911 CANNONS WHARF APTS-BLOCKE

APTS Pressure Sensor Integration - UNECE

prometheus portfolio map · 8/6/2019  · San Carlos, CA San Carlos, CA (Retail) 383 Apts 271 Apts 382 Apts 79,782 Sq Ft 22,020 Sq Ft 202 Apts 26,000 Sq Ft SAN FRANCISCO BAY AREA:

Water Worries

CSET - Academics, AI, and APTs

APTS SFD 3Q2019

Bernal-Monterey Blvd Apts 06

WORRIES – WHAT WORRIES?

APTS Monthly

Crown Villa Apts. - Savannah, GA

Sample apts

APTs - SANS Information Security Training · APTs Formerly associated more with nation-state attackers, APTs are now, increasingly, following the money, reports Alan Earls. A dvanced

GlycanAssure HyPerformance APTS Kit · The GlycanAssure™ HyPerformance APTS Kit is an N-glycan rapid-release, APTS labeling, and cleanup kit for glycoprotein sample preparation

What worries managers

5256 - Brighton Park Apts - SPECS

No Worries Chinese

Survival Analysis APTS 2015/16 Preliminary material › fac › sci › statistics › apts › ... · Survival Analysis APTS 2015/16 Preliminary material Ingrid Van Keilegom

Worries research analysis_upload

APTS High-dimensional Statistics - Warwick

APTS OFFER LETTER

Winter Worries

APTS Applied Stochastic Processes Preliminary material · APTS-ASP 3 Introduction Introduction Thismodulewillintroducestudentstotwoimportantnotionsin stochasticprocesses—reversibilityandmartingales—identifying