Presentation is loading. Please wait.

Presentation is loading. Please wait.

Deep Dive into the Blue VCU Infosec Team.

Published byBarbra Fisher Modified over 6 years ago

Similar presentations

Presentation on theme: "Deep Dive into the Blue VCU Infosec Team."— Presentation transcript:

1 Deep Dive into the Blue VCU Infosec Team

2 My password is Passw0rd

3 Blue Team Advantages Knowledge of internal environment
Network Traffic data System Event data Location knowledge of systems and data Behavioral data Automated and integrated tools and ability to command other administrative and IT units Ability to setup and adjust layers of defenses based on threat trends Blue Team Advantages

4 Blue Team Disadvantages
Asymmetric warfare – In terms of manpower Take the assumption that 0.1% of all attackers on the Internet are targeting VCU Need to defend all ways in, versus the attacker Important to identify what is important Minimize the ways you can get to the important things Sometime fighting the internal forces and politics Importance of organizational culture and hierarchy Accountability and responsibility Managing expectations at all levels Blue Team Disadvantages

5 Basic defenses (Endpoint AV, Firewall, Network Segmentation, etc)
System event and security logs Network packet captures / flow data Security Information Event Management Systems IPS / IDS devices Behavior Analytics tools (UBA) User training tools Internal Policies and Baselines Tools of trade

6 Example Security Onion Open Source Network Security Monitoring Distro
Based off of Ubuntu ELSA Snorby / Sguil / Squirt IDS engines (Snort / Suricata) Bro CAPME (Full Pcap) Example

Download ppt "Deep Dive into the Blue VCU Infosec Team."

Similar presentations

Addressing IPv6 Vulnerabilities on Small Business Networks Bradley HainesVincent Pullano University of Cincinnati College of Education, Criminal Justice,

Addressing IPv6 Vulnerabilities on Small Business Networks Bradley HainesVincent Pullano University of Cincinnati College of Education, Criminal Justice,
1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.

1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.
Guide to Network Defense and Countermeasures Second Edition

Guide to Network Defense and Countermeasures Second Edition
1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.

1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.
The Most Analytical and Comprehensive Defense Network in a Box.

The Most Analytical and Comprehensive Defense Network in a Box.
FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.

FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.
Guide to Network Defense and Countermeasures Second Edition

Guide to Network Defense and Countermeasures Second Edition
The State of Security Management By Jim Reavis January 2003.

The State of Security Management By Jim Reavis January 2003.
Intrusion Detection CS-480b Dick Steflik. Hacking Attempts IP Address Scans scan the range of addresses looking for hosts (ping scan) Port Scans scan.

Intrusion Detection CS-480b Dick Steflik. Hacking Attempts IP Address Scans scan the range of addresses looking for hosts (ping scan) Port Scans scan.
MIGRATION FROM SCREENOS TO JUNOS based firewall

MIGRATION FROM SCREENOS TO JUNOS based firewall
Controls for Information Security

Controls for Information Security
IBM Security Network Protection (XGS)

IBM Security Network Protection (XGS)
NETWORK SECURITY.

NETWORK SECURITY.
Host Intrusion Prevention Systems & Beyond

Host Intrusion Prevention Systems & Beyond
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.

Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.
Department Of Computer Engineering

Department Of Computer Engineering
INTRUSION DETECTION SYSTEM

INTRUSION DETECTION SYSTEM
INTRUSION DETECTION SYSTEMS Tristan Walters Rayce West.

INTRUSION DETECTION SYSTEMS Tristan Walters Rayce West.
Module 8: Implementing Administrative Templates and Audit Policy.

Module 8: Implementing Administrative Templates and Audit Policy.
Network Security Monitoring By Bea Wilds CS 522 6 Dec 06.

Network Security Monitoring By Bea Wilds CS Dec 06.

Similar presentations

Ads by Google