Think Like a Hacker
Download as PPTX, PDF1 like557 views
The document emphasizes the importance of managing cybersecurity risk by understanding hacker reconnaissance methods and utilizing open source intelligence (OSINT) to identify vulnerabilities. It discusses the necessity for timely, relevant, verified, and actionable cyber threat intelligence to support informed business decisions. Additionally, it highlights the need for continuous visibility of vulnerabilities in publicly accessible systems to stay ahead of potential threats.
Think Like a Hacker
- 1. Manage risk not data or systems Hackers knows a lot about your security without touching your network Candan BOLUKBAS CTO & Co-Founder, NormShield
- 2. “ ” A problem well defined is half solved. John Dewey, American philosopher
- 3. Open source intelligence (OSINT) Social media Vulnerability Databases Blogs and user generated content Hacktivist forums Black Markets Underground Data leakage • Human Errors & Omissions • Passive Vulnerability Scan • Internet-wide Scanners • E-mail & Password Harvesting • Mass & Spear Phishing • Fraudulent Domains & Apps • Malware Activities • Data Leakage & Whistleblowing Hackers conduct reconnaissance
- 6. Unreliable Threat Intelligence Data https://webroot-cms-cdn.s3.amazonaws.com/9114/5445/5911/ponemon-importance-of-cyber-threat-intelligence.pdf
- 7. Too many alerts and false positives https://webroot-cms-cdn.s3.amazonaws.com/9114/5445/5911/ponemon-importance-of-cyber-threat-intelligence.pdf - 2015
- 8. Threat intelligence not visible to decision makers https://www.anomali.com/files/white-papers/Ponemon-Research-Report.pdf https://baydynamics.com/content/uploads/2016/06/how-board-of-directors-feel-about-cyber-security-reports.pdf
- 10. Cyber Threat Intelligence must be: Timely Relevant Verified Accurate Actionable
- 11. Stay one step ahead of hackers • Executive scorecard: Understandable format, informed business decisions, measurable performance • Vulnerabilities tracking: Uncovering known vulnerabilities on a daily and weekly basis, monitoring CVEs and tracking exploitations in the wild • System change detection: Detect newly deployed servers, applications, ports or services to the internet without security checks. • Actionable intelligence: Provide verified risks and recommended actions to enable sound business decisions.
- 12. Think and Act Like a Hacker! It is critical to have continuous visibility to all the vulnerabilities in company’s publicly accessible systems and potential risks in cyberspace. For example, NormShield has over 400 crawlers that collect data from hacker sites, internet wide-scanners, reputation sites, search engines, etc. We also manually extract data from dark web and sites that require membership. Use the tools and techniques that hackers use to plan attacks, discover the Internet footprint of their targets, and identify weaknesses to exploit. Every hacking attempt starts with reconnaissance step (the first step of the Cyber-Kill Chain).
- 15. info@normshield.com @NormShield (571) 335-0222 normshield.com 8201 Greensboro Drive, Suite 300, McLean, VA 22102 Stop by our table to get your free cyber threat scorecard.
Editor's Notes
- #2: Are you familiar with Gartner and their recent reporting? Gartner is seeing the benefits of enterprises deploying rapid detection and response approaches. They are so committed to this approach they have named it SOAR – Security Operations and Reporting. NormShield is at the forefront of SOAR with a solution specifically designed for <large/mid-sized enterprises> like yours. The most important thing is that with NormShield you automatically see, prioritize and act on cyber threats. SOURCE: By 2020, 60% of enterprise information security budgets will be allocated for rapid detection and response approaches, up from less than 30% in 2016. Gartner Gartner estimates that 5% of large and midsize enterprises currently use SOAR technologies, but expects this to grow to 30% by 2019… with SOAR, ROI and business value can easily be demonstrated by solving operational day-to-day problems.