Hackers of India

Should all ciso promote hall of fame” within their organizations

By  Shomiron Das Gupta   Hariprasad Chede   Keyur Desai   Subramanian Kumaraswamy  on 02 Mar 2018 @ Nullcon


Presentation Material

AI Generated Summarymay contain errors

Here is a summary of the content:

The speaker discusses the importance of detecting and responding to zero-day attacks, which are unknown vulnerabilities that can be exploited by hackers. They emphasize the need for a layered security strategy that includes detection technology and operational discipline.

To identify outliers, such as elite hackers, the speaker suggests using a Red Team Blue Team concept, where a “red team” simulates an attack on the organization to test its defenses. This approach helps identify potential vulnerabilities and provides signals for improving security.

The speaker also highlights the importance of studying past attacks and building a model that can identify outliers based on identity-based correlation. This involves mapping events to user identities and detecting abnormal patterns.

However, the speaker acknowledges that even with these measures in place, zero-day attacks can still occur. They stress the need for organizations to assess their current state of vulnerabilities and invest in expertise from external sources to improve their security posture.

The conversation concludes with a discussion on the challenges of detecting elite hackers and the importance of staying vigilant and proactive in the face of unknown threats.