We're sorry but this page doesn't work properly without JavaScript enabled. Please enable it to continue.
Feedback

Maelstrom: Are you playing with a full desk?

9
 Zitieren
 Teilen
 Herunterladen
 Bestellen
Kein Logo verfügbarDEF CON
 Steiger, Shane

Formale Metadaten

Titel
Maelstrom: Are you playing with a full desk?
Untertitel
Using an Attack Lifecycle Game to Educate, Demonstrate and Evangelize
Serientitel
Anzahl der Teile
93
Autor
Lizenz
CC-Namensnennung 3.0 Unported:
Sie dürfen das Werk bzw. den Inhalt zu jedem legalen Zweck nutzen, verändern und in unveränderter oder veränderter Form vervielfältigen, verbreiten und öffentlich zugänglich machen, sofern Sie den Namen des Autors/Rechteinhabers in der von ihm festgelegten Weise nennen.
Identifikatoren
Herausgeber
Erscheinungsjahr
Sprache

Inhaltliche Metadaten

Fachgebiet
Genre
Abstract
As a defender, have you ever been asked ‘do they win?’ How about ‘what products or capabilities should I buy to even the odds?’ Mapping the functionality to a standard list of desired capabilities only gets you so far. And, many vendors require an organization to pay for a framework, or for access to a framework, to enable tactical and strategic campaigns. Wouldn’t it be great to have an open source way to pick strategies? So what do you do? Build out your own defensive campaigns based on research, taxonomies and gameification. Building the attacker’s point of view is our expertise (at a CON). We have plenty of research here to talk about that point of view. How about building out the defender’s point of view based on the attacker’s life cycle? Defenders can use this as a defensive ‘compliment’ to begin a legitimate defensive campaign. Maybe the defender could even ‘gamify’ the approach? An attacker’s approach, a defender’s approach and a progressive life cycle with a defender’s set of targets built on things we all know, love and hate: project management. I think we have a game! Build out rules, much like real life, then bring on the attackers, bring on the defenders and play a little game to educate, demonstrate and evangelize. Watch strategies played by both attackers and defenders. Switch sides and learn to be a Purple Teamer! Digitize it and watch the game play people or even play itself; the true rise of the machine. Wanna Play?! Bio: Shane began his professional career with a large food manufacturer where he helped build and secure SCADA/ICS systems across 90+ food manufacturing plants in the US. From there he spent 6 years helping to develop and build the functionality of a security team for a large pharmaceutical distributor. Currently, he is the Chief Endpoint Security Architect for a Fortune 50 technology company. His interests reside in cyber resiliency techniques, internet of things, building/breaking things and muscle cars. To think, his 25+ year passion for all things geeky started with hacking the school library computer and getting detention. Shane is also a licensed attorney. Please don't hold this against him.