Security Jiujitsu
04.10.2015 Views
Share Embed Flag

Security Jiujitsu

conf2015_DVeuve_Splunk_SecurityCompliance_SecurityJiujitsuBuildingCorrelation

conf2015_DVeuve_Splunk_SecurityCompliance_SecurityJiujitsuBuildingCorrelation

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
  • No tags were found...
munin

You also want an ePaper? Increase the reach of your titles

YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.

START NOW

Visibility – Analysis – AcEon <br />

Framework for evaluaEng data and responding Splunk <br />

Applies to all exisEng frameworks, as it’s the Splunk side of the loop. <br />

For example, Let’s look at the lateral movement secEon of the kill chain. <br />

(Not familiar with the kill chain? It’s a great way to understand the phases of an auack. Check the <br />

URL below.) <br />

Visibility: What data will let you detect Lateral Movement? <br />

Analysis: What will you do to that data to come to a decision? <br />

AcEon: What will you do in response to that decision? <br />

– Can we automate all of this? <br />

Kill Chain: hup://www.lockheedmarEn.com/content/dam/lockheed/data/corporate/documents/LM-­‐White-­‐Paper-­‐Intel-­‐Driven-­‐Defense.pdf

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!