Abstract image of a woman sitting on books and studying on a laptop

Analogic Opsec 101

V
vicenteDiaz_KL

The document discusses operational security (OPSEC) best practices for security analysts. It warns that adversaries are not necessarily enemies and have varying levels of resources. It advises analysts to be wary of mass surveillance by agencies and to use encrypted communication tools. When meeting suspicious people, analysts should not go alone, plan an exit, and have a dead man's switch. At borders, analysts should be collaborative with officers but not consent to searches or help without a warrant. Overall the document stresses preparation, having alternatives, and maintaining discipline over relying solely on tools when doing their work.

Education
1 of 15
Downloaded 13 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
OPSEC KRAV MAGA Dani Creus, Vicente Díaz Security Analysts, Global Research and Analysis Team, Kaspersky Lab
OPSEC AGAIN! WHY? 2 •  Unsolved questions. •  Non technical stuff. •  Unrealistic advices. •  The “Jordan Rules” Security Analyst Summit 2015
ADVERSARIES 3 •  Adversary != Enemy Resources vs No Resources Agencies The rest *.Mil Big Bad Boys Security Analyst Summit 2015 ProTip: Don´t let your PR feed these guys for free
MASS SURVEILLANCE 4 •  Good ROI for Agencies! •  They don´t like encryption •  PGP, ZRTP, OTR, TrueCrypt Security Analyst Summit 2015
MASS SURVEILLANCE 5 •  Some inherent problems •  And some non-technical problems Security Analyst Summit 2015
RECRUITMENT 6Security Analyst Summit 2015 •  Neglected approach ? •  Approaches and interaction. •  Move to termination.
TERMINATION 7Security Analyst Summit 2015 •  Deterrence is your best option. •  Plan alternatives. •  Prepare an escalation strategy.
SUSPICIOUS MEETINGS 8 •  Don´t go alone. •  Go on your own, plan how to get out. •  Dead man switch. •  Tell them you are ready. •  The trap might NOT be the meeting! Security Analyst Summit 2015
UNPLEASANT COMPANY 9 •  Suspicious patterns. •  You are not James Bond. •  Go to a safe place, protect contacts. •  Ask yourself what they want. •  Option: direct approach. •  Better: inform your people Security Analyst Summit 2015
BORDERS 10 •  If you consent a search, no warrant needed. •  Police can search your computer at the border without a warrant. •  Warrant limitations are ignored if they see something illegal while searching. •  You don´t have to help or answer questions. •  You cannot interfere or lie to an officer. Security Analyst Summit 2015
BORDERS – OUR ADVICE 11 •  Be collaborative. •  Don´t make things worse. •  Have your story ready and back it up. •  Don´t bring anything with you. Security Analyst Summit 2015
EXTENDING OPSEC 12 Your company should provide you: •  Single POC for when in trouble. •  International legal support. •  Small briefing on the country you are going to. Security Analyst Summit 2015
13Security Analyst Summit 2015 Do your homework.
CONCLUSION 14 •  STFU. •  Discipline over tools. •  Preparation and alternatives. •  Don´t forget your role. Security Analyst Summit 2015
THANK YOU Dani Creus Vicente Díaz @them0ux @trompi

More Related Content

PDF
Opsec for security researchers
vicenteDiaz_KL
 
PDF
Click and Dragger: Denial and Deception on Android mobile
grugq
 
PDF
An Underground education
grugq
 
PPTX
The Inmates Are Running the Asylum: Why Some Multi-Factor Authentication Tech...
Clare Nelson, CISSP, CIPP-E
 
PPTX
Ed McCabe - Putting the Intelligence back in Threat Intelligence
centralohioissa
 
PPT
Developing Software with Security in Mind
sblom
 
PDF
Hacking Diversity – Hacker Halted . 2019 – Marcelle Lee
EC-Council
 
PDF
It's Okay To Touch Yourself - DerbyCon 2013
Ben Ten (0xA)
 
Opsec for security researchers
vicenteDiaz_KL
 
Click and Dragger: Denial and Deception on Android mobile
grugq
 
An Underground education
grugq
 
The Inmates Are Running the Asylum: Why Some Multi-Factor Authentication Tech...
Clare Nelson, CISSP, CIPP-E
 
Ed McCabe - Putting the Intelligence back in Threat Intelligence
centralohioissa
 
Developing Software with Security in Mind
sblom
 
Hacking Diversity – Hacker Halted . 2019 – Marcelle Lee
EC-Council
 
It's Okay To Touch Yourself - DerbyCon 2013
Ben Ten (0xA)
 

What's hot (20)

PDF
MITRE ATT&CKcon 2018: From Automation to Analytics: Simulating the Adversary ...
MITRE - ATT&CKcon
 
PDF
Enabling effective hunt teaming and incident response
jeffmcjunkin
 
PDF
The Internet is on fire – don't just stand there, grab a bucket!
Frode Hommedal
 
PPTX
Jason Samide - State of Security & 2016 Predictions
centralohioissa
 
PDF
A Journey Into Pen-tester land: Myths or Facts!
Ammar WK
 
PDF
Security for Human Beings
zekivazquez
 
PPTX
Machine learning cyphort_malware_most_wanted
Cyphort
 
PPTX
Janitor vs cleaner
John Stauffacher
 
PDF
Internet security lessons for IoT
Dirk Zittersteyn
 
PPTX
Hacker Halted 2018: From CTF to CVE – How Application of Concepts and Persist...
EC-Council
 
PPTX
Управление рисками: как перестать верить в иллюзии
Positive Hack Days
 
PPTX
Jim Wojno: Incident Response - No Pain, No Gain!
centralohioissa
 
PPT
HIMSS Summit of the Southeast: Compliance and Controls
Tony Gambacorta
 
PDF
MITRE ATT&CKcon 2.0: Keynote Address - The Friends We Made Along the Way; Ton...
MITRE - ATT&CKcon
 
PDF
Threat Intelligence Victory Garden
Ryan Kovar
 
PPTX
Database Security Risks You Might Not Have Considered, but Need To
IDERA Software
 
PPTX
Alerting, Reminding, Reminding, Reminding And Releasing Vulnerabilities
tmacuk
 
PPT
Anton Chuvakin on What is NOT Working in Security 2004
Anton Chuvakin
 
PDF
Purple View
Haydn Johnson
 
PPT
Will there be an IT Risk Management 2.0?
Luke O'Connor
 
MITRE ATT&CKcon 2018: From Automation to Analytics: Simulating the Adversary ...
MITRE - ATT&CKcon
 
Enabling effective hunt teaming and incident response
jeffmcjunkin
 
The Internet is on fire – don't just stand there, grab a bucket!
Frode Hommedal
 
Jason Samide - State of Security & 2016 Predictions
centralohioissa
 
A Journey Into Pen-tester land: Myths or Facts!
Ammar WK
 
Security for Human Beings
zekivazquez
 
Machine learning cyphort_malware_most_wanted
Cyphort
 
Janitor vs cleaner
John Stauffacher
 
Internet security lessons for IoT
Dirk Zittersteyn
 
Hacker Halted 2018: From CTF to CVE – How Application of Concepts and Persist...
EC-Council
 
Управление рисками: как перестать верить в иллюзии
Positive Hack Days
 
Jim Wojno: Incident Response - No Pain, No Gain!
centralohioissa
 
HIMSS Summit of the Southeast: Compliance and Controls
Tony Gambacorta
 
MITRE ATT&CKcon 2.0: Keynote Address - The Friends We Made Along the Way; Ton...
MITRE - ATT&CKcon
 
Threat Intelligence Victory Garden
Ryan Kovar
 
Database Security Risks You Might Not Have Considered, but Need To
IDERA Software
 
Alerting, Reminding, Reminding, Reminding And Releasing Vulnerabilities
tmacuk
 
Anton Chuvakin on What is NOT Working in Security 2004
Anton Chuvakin
 
Purple View
Haydn Johnson
 
Will there be an IT Risk Management 2.0?
Luke O'Connor
 
Ad

Viewers also liked (11)

KEY
OPSEC for hackers
grugq
 
PDF
Smr week 23 opsec and safe social networking
Fort Rucker FRSA
 
PDF
Conley Group Opsec Presentation
The Conley Group, Inc.
 
PPTX
OPSEC for OMBUDSMEN
Naval OPSEC
 
PDF
Cyber opsec protecting_yourself_online
Ftlwood Families
 
PDF
VoIP Wars: Destroying Jar Jar Lync (Unfiltered version)
Fatih Ozavci
 
PDF
ICS/SCADA/PLC Google/Shodanhq Cheat Sheet
qqlan
 
PDF
VoIP Wars: Attack of the Cisco Phones
Fatih Ozavci
 
PDF
VoIP Wars : Return of the SIP
Fatih Ozavci
 
PPTX
Try harder or go home
jaredhaight
 
PDF
The Art of VoIP Hacking - Defcon 23 Workshop
Fatih Ozavci
 
OPSEC for hackers
grugq
 
Smr week 23 opsec and safe social networking
Fort Rucker FRSA
 
Conley Group Opsec Presentation
The Conley Group, Inc.
 
OPSEC for OMBUDSMEN
Naval OPSEC
 
Cyber opsec protecting_yourself_online
Ftlwood Families
 
VoIP Wars: Destroying Jar Jar Lync (Unfiltered version)
Fatih Ozavci
 
ICS/SCADA/PLC Google/Shodanhq Cheat Sheet
qqlan
 
VoIP Wars: Attack of the Cisco Phones
Fatih Ozavci
 
VoIP Wars : Return of the SIP
Fatih Ozavci
 
Try harder or go home
jaredhaight
 
The Art of VoIP Hacking - Defcon 23 Workshop
Fatih Ozavci
 
Ad

Similar to Analogic Opsec 101 (13)

PPT
OPSEC Vulnerabilities And Indicators
Department of Defense
 
PDF
London oil and gas security summit 2013 neah ges
KW Miller
 
PDF
DEF CON 27 - workshop - KRISTY WESTPHAL - analysis 101
Felipe Prado
 
PPTX
Operational Security For All OPSEC_for_ALL_221026.pptx
poeja84
 
PPT
Conley Group Operational Security Presentation
guest019923
 
PPTX
Thiago Pinto - Forming a Safety Features Personal Security Briefing Version ...
Thiago Pinto
 
PPTX
SAL-DR-01-ELC 10 Understanding the SOC Audience.pptx
hforhassan101
 
PPT
Security Overview - Updates and Trends In Detail
MohanArumugam24
 
PDF
Web Application Security.pdf
Briskinfosec Technology and Consulting
 
PPTX
ATAGTR2017 Security Testing for Healthcare applications
Agile Testing Alliance
 
PPTX
2015: The year-ahead-in-cyber-security
Stephen Cobb
 
PPTX
Infosec is Broken “did you bring a knife to a gun fight?"
Jorge Sebastiao
 
PDF
[cb22] Keynote: Underwhelmed: Making Sense of the Overwhelming Challenge of C...
CODE BLUE
 
OPSEC Vulnerabilities And Indicators
Department of Defense
 
London oil and gas security summit 2013 neah ges
KW Miller
 
DEF CON 27 - workshop - KRISTY WESTPHAL - analysis 101
Felipe Prado
 
Operational Security For All OPSEC_for_ALL_221026.pptx
poeja84
 
Conley Group Operational Security Presentation
guest019923
 
Thiago Pinto - Forming a Safety Features Personal Security Briefing Version ...
Thiago Pinto
 
SAL-DR-01-ELC 10 Understanding the SOC Audience.pptx
hforhassan101
 
Security Overview - Updates and Trends In Detail
MohanArumugam24
 
Web Application Security.pdf
Briskinfosec Technology and Consulting
 
ATAGTR2017 Security Testing for Healthcare applications
Agile Testing Alliance
 
2015: The year-ahead-in-cyber-security
Stephen Cobb
 
Infosec is Broken “did you bring a knife to a gun fight?"
Jorge Sebastiao
 
[cb22] Keynote: Underwhelmed: Making Sense of the Overwhelming Challenge of C...
CODE BLUE
 

Recently uploaded (20)

PPTX
A powerpoint presentation on the Revised K-10 Science Shaping Paper
JericEstaco2
 
PDF
LIFE & LIVING TRILOGY - PART (3) REALITY & MYSTERY.pdf
sureshkumarsoni26
 
PPTX
What’s under the hood: Parsing standardized learning content for AI
Rustici Software
 
PDF
CRP102_SAGALASSOS_Final_Projects_2025.pdf
City and Regional Planning, METU
 
PDF
Complications of Minimal Access-Surgery.pdf
Laparoscopy Hospital
 
PDF
FORM 1 BIOLOGY MIND MAPS and their schemes
arcade5
 
PDF
International_Financial_Reporting_Standa.pdf
VrindaTayade1
 
PDF
Literature_Review_methods_ BRACU_MKT426 course material
mokoto4834
 
PDF
IP : I ; Unit I : Preformulation Studies
RAGHUNATH SAKHARE
 
PDF
BP 505 T. PHARMACEUTICAL JURISPRUDENCE (UNIT 1).pdf
CMEmpire
 
PDF
BP 704 T. NOVEL DRUG DELIVERY SYSTEMS (UNIT 2).pdf
CMEmpire
 
PDF
semiconductor packaging in vlsi design fab
KarpoorasundariK
 
PPTX
Climate Change and Its Global Impact.pptx
vaishalidobhal148
 
PPTX
Computer Architecture Input Output Memory.pptx
Gunasundari Selvaraj
 
PDF
Myanmar Dental Journal, The Journal of the Myanmar Dental Association (2013).pdf
Nay Aung
 
PDF
David L Page_DCI Research Study Journey_how Methodology can inform one's prac...
David L Page
 
PPTX
Unit 4 Computer Architecture Multicore Processor.pptx
Gunasundari Selvaraj
 
PDF
Journal of Dental Science - UDMY (2021).pdf
Nay Aung
 
PDF
Journal of Dental Science - UDMY (2022).pdf
Nay Aung
 
PDF
Race Reva University – Shaping Future Leaders in Artificial Intelligence
RACE REVA University
 
A powerpoint presentation on the Revised K-10 Science Shaping Paper
JericEstaco2
 
LIFE & LIVING TRILOGY - PART (3) REALITY & MYSTERY.pdf
sureshkumarsoni26
 
What’s under the hood: Parsing standardized learning content for AI
Rustici Software
 
CRP102_SAGALASSOS_Final_Projects_2025.pdf
City and Regional Planning, METU
 
Complications of Minimal Access-Surgery.pdf
Laparoscopy Hospital
 
FORM 1 BIOLOGY MIND MAPS and their schemes
arcade5
 
International_Financial_Reporting_Standa.pdf
VrindaTayade1
 
Literature_Review_methods_ BRACU_MKT426 course material
mokoto4834
 
IP : I ; Unit I : Preformulation Studies
RAGHUNATH SAKHARE
 
BP 505 T. PHARMACEUTICAL JURISPRUDENCE (UNIT 1).pdf
CMEmpire
 
BP 704 T. NOVEL DRUG DELIVERY SYSTEMS (UNIT 2).pdf
CMEmpire
 
semiconductor packaging in vlsi design fab
KarpoorasundariK
 
Climate Change and Its Global Impact.pptx
vaishalidobhal148
 
Computer Architecture Input Output Memory.pptx
Gunasundari Selvaraj
 
Myanmar Dental Journal, The Journal of the Myanmar Dental Association (2013).pdf
Nay Aung
 
David L Page_DCI Research Study Journey_how Methodology can inform one's prac...
David L Page
 
Unit 4 Computer Architecture Multicore Processor.pptx
Gunasundari Selvaraj
 
Journal of Dental Science - UDMY (2021).pdf
Nay Aung
 
Journal of Dental Science - UDMY (2022).pdf
Nay Aung
 
Race Reva University – Shaping Future Leaders in Artificial Intelligence
RACE REVA University
 

Analogic Opsec 101

  • 1. OPSEC KRAV MAGA Dani Creus, Vicente Díaz Security Analysts, Global Research and Analysis Team, Kaspersky Lab
  • 2. OPSEC AGAIN! WHY? 2 •  Unsolved questions. •  Non technical stuff. •  Unrealistic advices. •  The “Jordan Rules” Security Analyst Summit 2015
  • 3. ADVERSARIES 3 •  Adversary != Enemy Resources vs No Resources Agencies The rest *.Mil Big Bad Boys Security Analyst Summit 2015 ProTip: Don´t let your PR feed these guys for free
  • 4. MASS SURVEILLANCE 4 •  Good ROI for Agencies! •  They don´t like encryption •  PGP, ZRTP, OTR, TrueCrypt Security Analyst Summit 2015
  • 5. MASS SURVEILLANCE 5 •  Some inherent problems •  And some non-technical problems Security Analyst Summit 2015
  • 6. RECRUITMENT 6Security Analyst Summit 2015 •  Neglected approach ? •  Approaches and interaction. •  Move to termination.
  • 7. TERMINATION 7Security Analyst Summit 2015 •  Deterrence is your best option. •  Plan alternatives. •  Prepare an escalation strategy.
  • 8. SUSPICIOUS MEETINGS 8 •  Don´t go alone. •  Go on your own, plan how to get out. •  Dead man switch. •  Tell them you are ready. •  The trap might NOT be the meeting! Security Analyst Summit 2015
  • 9. UNPLEASANT COMPANY 9 •  Suspicious patterns. •  You are not James Bond. •  Go to a safe place, protect contacts. •  Ask yourself what they want. •  Option: direct approach. •  Better: inform your people Security Analyst Summit 2015
  • 10. BORDERS 10 •  If you consent a search, no warrant needed. •  Police can search your computer at the border without a warrant. •  Warrant limitations are ignored if they see something illegal while searching. •  You don´t have to help or answer questions. •  You cannot interfere or lie to an officer. Security Analyst Summit 2015
  • 11. BORDERS – OUR ADVICE 11 •  Be collaborative. •  Don´t make things worse. •  Have your story ready and back it up. •  Don´t bring anything with you. Security Analyst Summit 2015
  • 12. EXTENDING OPSEC 12 Your company should provide you: •  Single POC for when in trouble. •  International legal support. •  Small briefing on the country you are going to. Security Analyst Summit 2015
  • 13. 13Security Analyst Summit 2015 Do your homework.
  • 14. CONCLUSION 14 •  STFU. •  Discipline over tools. •  Preparation and alternatives. •  Don´t forget your role. Security Analyst Summit 2015
  • 15. THANK YOU Dani Creus Vicente Díaz @them0ux @trompi