Threats

3117 - Deploying Deceptive Systems: Luring Attackers Out from the Dark

Wednesday, October 10
8:30 AM - 9:30 AM
Location: Floor 3: Mardi Gras H, G, F

A popular phrase often heard in information security today is "assume we've been compromised." That phrase implies that the attacker has bypassed the expensive next-gen firewall; they've defeated endpoint security; and they're moving laterally throughout the network. So how do we as defenders find them? Additional logging and user behavior analytics can absolutely help, but both are expensive and complex to deploy. This talk will focus on the benefits of honeypots and honeytokens and how they can enrich an organization's threat detection capabilities. We'll focus on the different types of honeypots available, strategic deployment of these systems, and how to glean threat intelligence from them. The primary focus will be free and open source solutions, but we will also briefly touch on commercial solutions.


 

Learning Objectives:

Kevin Gennuso, CISSP-ISSAP

Sr. Manager, Information Security
DICK'S Sporting Goods

Kevin Gennuso has worked in information security for nearly 20 years across verticals such as financial services, technology and retail. His background includes network and security architecture, application security, penetration testing and incident response. He has also led courses for SANS as a local mentor, and has spoken at various information security conferences such as BSides Pittsburgh, DerbyCon and Security Congress 2015.

Presentation(s):

Send Email for Kevin Gennuso


Assets

3117 - Deploying Deceptive Systems: Luring Attackers Out from the Dark

Audio

Audio

Presentation Slides

Slides

Video

Video


Attendees who have favorited this

Please enter your access key

The asset you are trying to access is locked. Please enter your access key to unlock.

Send Email for Deploying Deceptive Systems: Luring Attackers Out from the Dark