ashar

joined 1 year ago
MODERATOR OF
 

Will Machine Learning Replace The WAF? - John Graham-Cumming

Based on 20 years of experience using machine learning and keyword/pattern based systems this talk will look at the impact of machine learning on WAFs and how it can be used to effectively block malicious HTTP traffic.

John Graham-Cumming is CTO of Cloudflare and is a computer programmer and author. He studied mathematics and computation at Oxford and stayed for a doctorate in computer security. As a programmer, he has worked in Silicon Valley and New York, the UK, Germany, and France. His open source POPFile program won a Jolt Productivity Award in 2004

1
Global AppSec 2024 Lisbon (lisbon.globalappsec.org)
[–] [email protected] 5 points 2 months ago

“Displacement”? Can we just be clear and call it ‘ethnic cleansing’

[–] [email protected] 5 points 2 months ago

All points on that curve, at the same time just now, for undefined values of now.

[–] [email protected] 2 points 2 months ago

Strangely enough the people who make up largest market for drugs are never stopped and searched because they are rich middle class people.

[–] [email protected] 2 points 2 months ago

“Sudan and other places”.

Dude !

 

SLEUTHCON is a forum for identifying and exploring cybercrime and financially-motivated threats. This conference will highlight the work done by cybersecurity researchers, defenders, academics, law enforcement, and others.

Speakers on the website

Sleuthcon 2023 videos

2
submitted 3 months ago* (last edited 3 months ago) by [email protected] to c/[email protected]
[–] [email protected] 2 points 3 months ago

The killings were on purpose. They knew full well what they were doing.

[–] [email protected] 4 points 3 months ago

What is his name? We need to know more about this guy.

 

Hacking a Satellite for Fun and Profit

Mario Polino @ mhackeroni

A light-hearted and entertaining dive into our victorious adventure at Hack-A-Sat! Our presentation takes you on a ride through the challenges and triumphs of hacking into an orbiting satellite, the Moonlighter. What is a Capture The Flag What is Hack-A-Sat How Qualification works How to Organize a CTF Team The competition The preparation of the team for the competition Same challenge example and solution.

Mario Polino has been a hacker and CTF player since 2008. He has a PhD in Computer Security from Politecnico di Milano. Mario worked as a researcher at Politecnico, publishing scientific papers on binary and malware analysis and ML for cybersecurity.

Mario has been the captain of Politecnico's team, Tower of Hanoi (https://toh.necst.it/about/, winner of ruCTF 2019), and is the captain of the Italian team mhackeroni (https://mhackeroni.it/ 5 times DEF CON CTF Finalist). Mario coaches Team Italy (https://teamitaly.eu/), the national Italian hacking team, and Team Europe (https://teameurope.site/), the hacking team selected among all European nations.

0
BSides Joburg 2024 (bsidesjoburg.co.za)
 

Born in 2009, BSides Security Conferences are community-driven events for cybersecurity professionals. They offer a welcoming space for individuals to present research, ideas, and experiences, fostering dialogue and collaboration beyond the limitations of larger conferences.

Schedule

Videos on YouTube

 

The Fault in Our Metrics: Rethinking How We Measure Detection & Response | A Conversation with Allyn Stott

Podcast Redefining CyberSecurity with Sean Martin

In this episode of The Redefining CyberSecurity Podcast, host Sean Martin converses with Allyn Stott, who shares his insights on rethinking how we measure detection and response in cybersecurity. The episode explores the nuances of cybersecurity metrics, emphasizing that it's not just about having metrics, but having the right metrics that truly reflect the effectiveness and efficiency of a security program.

Stott discusses his journey from red team operations to blue team roles, where he has focused on detection and response. His dual perspective provides a nuanced understanding of both offensive and defensive security strategies. Stott highlights a common issue in cybersecurity: the misalignment of metrics with organizational goals. He points out that many teams inherit metrics that may not accurately reflect their current state or objectives. Instead, metrics should be strategically chosen to guide decision-making and improve security posture. One of his key messages is the importance of understanding what specific metrics are meant to convey and ensuring they are directly actionable.

In his framework, aptly named SAVER (Streamlined, Awareness, Vigilance, Exploration, Readiness), Stott outlines a holistic approach to security metrics. Streamlined focuses on operational efficiencies achieved through better tools and processes. Awareness pertains to the dissemination of threat intelligence and ensuring that the most critical information is shared across the organization. Vigilance involves preparing for and understanding top threats through informed threat hunting. Exploration encourages the proactive discovery of vulnerabilities and security gaps through threat hunts and incident analysis. Finally, Readiness measures the preparedness and efficacy of incident response plans, emphasizing the coverage and completeness of playbooks over mere response times.

Martin and Stott also discuss the challenge of metrics in smaller organizations, where resources may be limited. Stott suggests that simplicity can be powerful, advocating for a focus on key risks and leveraging publicly available threat intelligence. His advice to smaller teams is to prioritize understanding the most significant threats and tailoring responses accordingly.

The conversation underscores a critical point: metrics should not just quantify performance but also drive strategic improvements. By asking the right questions and focusing on actionable insights, cybersecurity teams can better align their efforts with their organization's broader goals.

For those interested in further insights, Stott mentions his upcoming talks at B-Sides Las Vegas and Blue Team Con in Chicago, where he will expand on these concepts and share more about his Threat Detection and Response Maturity Model.

In conclusion, this episode serves as a valuable guide for cybersecurity professionals looking to refine their approach to metrics, making them more meaningful and aligned with their organization's strategic objectives.

 

Learn from leading hardware security researchers & professionals and discuss the latest & most innovative research on attacking and defending hardware. Connect with industry peers. Join us for a bigger, bolder, and better hardwear.io

Schedule with video and presentation links

Playlist

 

A totally free, english spoken conference dedicated to free software & security. Talks & workshops delivered by experts. High quality talks

2024 edition hosts 21 talks covering 10 Security topics (WebPKI, DFIR & TI, Reverse, Network Detectection etc). Talks are all delivered by experts.

Schedule

Talks with slides

[–] [email protected] 8 points 3 months ago (3 children)

The Israeli army also does this with Palestinian prisoners. Israel has the worlds largest skin bank for some reason.

[–] [email protected] 4 points 3 months ago

Labour have kept changing policies all over the place so have been difficult to predict.

[–] [email protected] 7 points 3 months ago

The resolutions were quashed in committee.

 

16 videos

[–] [email protected] 0 points 4 months ago

Anyone who fights an occupation is resistance. This is fairly obvious.

[–] [email protected] 2 points 4 months ago

The bullet entered his skull from just above the ear and lodged inside. There is no damage, however the surgeon could not find Trump's brain. ¯\_(ツ)_/¯

[–] [email protected] 3 points 4 months ago

It is not eviction, it is ethnic cleansing.

view more: ‹ prev next ›