PatrowlHears and Survival tips for prioritizing threats
Key | Action |
---|---|
K or space | Play / Pause |
M | Mute / Unmute |
C | Select next subtitles |
A | Select next audio track |
V | Show slide in full page or toggle automatic source change |
left arrow | Seek 5s backward |
right arrow | Seek 5s forward |
shift + left arrow or J | Seek 10s backward |
shift + right arrow or L | Seek 10s forward |
control + left arrow | Seek 60s backward |
control + right arrow | Seek 60s forward |
shift + down arrow | Decrease volume |
shift + up arrow | Increase volume |
shift + comma | Decrease playback rate |
shift + dot or shift + semicolon | Increase playback rate |
end | Seek to end |
beginning | Seek to beginning |
Share this media
HLS video stream
You can use an external player to play this stream (like VLC).
HLS video streamWhen subscribed to notifications, an email will be sent to you for all added annotations.
Your user account has no email address.
Information on this media
Links:
Number of views:
20Creation date:
July 5, 2021Speakers:
Nicolas MattioccoLicense:
CC BY-SA v4Description
PatrOwl community provides scalable, free and open-source solutions for orchestrating Security Operations and providing Threat Intelligence feeds. A new tool has been publicly released for supporting these challenges: PatrowlHears is an advanced and real-time Vulnerability Intelligence platform, including CVE, exploits and threats news monitoring.
Solutions must be found to face the overall growing threat of attacks, talent shortage and cost optimization challenges in cybersecurity. The current trend is to rely on automation and orchestration of security operations.
The fact is automating SecOps activities leads to manage more security alerts. The downside is that potentially a bunch of new security alerts every day. By the way, with hundreds of vulnerabilities with critical or high severity to deal with, the daily security reports look like a shining Christmas tree. It could definitely lead to jaded teams or, even worse, bad decisions in vulnerability handling.
Obviously, it is not realistic to hope that all vulnerabilities will be fixed. A line have to be drawn by the business owners according with the security teams. Prioritization is an essential success factor for improving efficiency and continue to provide the highest quality and relevant service in security incident response and vulnerability management. Because the CVSS score is not enough, which are the relevant metrics ? How to collect them ? Which decision should be made ? How to review efficiency of this process and adapt it ?
This talk is about to share insights on a risk-based methodology in vulnerability management and a new open-source tool PatrowlHears. This approach is enabled by a balanced usage of SecOps automation to keep us updated for vulnerabilities, exploits and other threat information, and prioritization using vulnerability metrics, threat topicality and asset criticality. Also, it will be discussed on examples of events that should conduct us to consider reprioritization of a vulnerability handling.
Nicolas is an information security expert since 13 years and was involved in various security consulting engagements, from penetration tests to global risk assessments and security operations implementation. Today, he is currently working as a red teamer and in automating security operations at a large scale with PatrOwl solutions.Other media in the channel "2021"
- 46 views, 3 this yearMeet Piotr, a firmware emulation tool for trainers and researchersJuly 7th, 2021
- 25 viewsORAMFS: Achieving Storage-Agnostic PrivacyJuly 7th, 2021
- 11 views, 1 this yearIn Search of Lost Time: A Review of JavaScript Timers in BrowsersJuly 7th, 2021
- 42 views, 4 this yearRevisiting the Art of Encoder-Fu for novel shellcode obfuscation techniquesJuly 7th, 2021
- 15 views, 2 this yearATT&CKing Kubernetes: A technical deep dive into the new ATT&CK for ContainersJuly 7th, 2021
- 26 views, 2 this yearSecurity alerting made easy using PythonJuly 7th, 2021