SEC550: Active Defense, Offensive Countermeasures and Cyber Deception

A session at SANS Security East 2017

A Washington Post article on the rise of cyber attacks reported that "behind the scenes, talk among company officials increasingly turns to an idea once considered so reckless that few would admit to even considering it: Going on the offensive. Or, in the parlance of cybersecurity consultants, 'hacking back.'" That's just one example of the considerable media coverage recently about using Active Defenses to combat cyber threats. There are those who thirst for vengeance and want to directly attack the attackers. Others believe that any sort of active response directed at an attacker is wrong or legally dicey. We believe the answer is somewhere in between. The current threat landscape is shifting. Traditional defenses are failing us. We need to develop new strategies to defend ourselves. Even more importantly, we need to better understand who is attacking us and why. You may be able to immediately implement some of the measures we discuss in this course, while others may take a while. Either way, consider what we discuss as a collection of tools at your disposal when you need them to annoy attackers, determine who is attacking you, and, finally, attack the attackers. SEC550: Active Defense, Offensive Countermeasures and Cyber Deception is based on the Active Defense Harbinger Distribution live Linux environment funded by the Defense Advanced Research Projects Agency (DARPA). This virtual machine is built from the ground up for defenders to quickly implement Active Defenses in their environments. The course is very heavy with hands-on activities - we won't just talk about Active Defenses, we will work through labs that will enable you to quickly and easily implement what you learn in your own working environment.

About the speaker

This person is speaking at this event.
Bryce Galbraith

The world isn't run by weapons anymore, or energy, or money. It's run by little ones and zeroes, little bits of data. It's all just electrons. bio from Twitter

Sign in to add slides, notes or videos to this session

Tell your friends!

When

Date Mon 9th January 2017

Short URL

lanyrd.com/sffttk

Official session page

www.sans.org/u/jHC

View the schedule

Share

See something wrong?

Report an issue with this session