UD team at NoNameCon 2019: outcomes and materials
NoNameCon was epic this year! We loved to see the growth of our community and contribute with speeches sharing our expertise! There were 3 speakers from UnderDefense, 2 Villages and 12 UD teamers who attended the conference.
The UD Villages were some challengeable spots for conference visitors to try out yourselves in the capture-the-flag-like activities for red and blue teamers.
Village 1 Game of SOC
We’ve decided to prepare a similar competition to Boss of the SOC event held by our partner Splunk and find those who virtuously detect threats and respond to incidents. The participants were able to test various capabilities of Splunk SIEM for log collection, correlation rules writing and data visualization.
Splunk – the platform for data collection and analytics – had a great interest from the audience to test and learn lots of cool features to “Shine a light on your greatest untapped asset”. Also, we shared our experience of how Splunk Enterprise Security can help a company manage the security operations. View The Essential Guide to Security on how to get started using the Splunk platform to solve security challenges.
The participants were able to compare Splunk with other platforms and ask our Splunk Experts bothersome questions and receive answers. “You will never know if you do not compare” – say our UD analysts. “ The best way to know whether Splunk fits your needs is to test the platform”.
Village 2 Hack the Train
Our CTF “Hack the train” was a great chance to investigate a Web Application for possible flows and gain control over the platform. Our Analysts have compiled the workshop on the base of our experience dealing with different case scenarios helping our clients to secure their products.
Watch some of the previews of how does it look like at our YouTube channel!
“Automation in modern Incident Detection & Response (IDR) process”
Incident Detection & Response requires People – to Think, Tools – to provide data and analytics and Processes – to avoid fuckups and assure the quality. But with more alerts, the analysis takes more time, decisions and moreover – actions need to be taken immediately. Attackers actively use automation, so Defenders should also optimize their processes.
In the presentation, we’d like to share some of the lessons learned. Our focus would be on practical moments, the challenges we faced and the simple working solutions we discovered
“Will you detect it or not? How to check if security team is ready before the incident happens”
Before the real incident happens, security team must test their detection capabilities in different ways. An overview of MITRE ATT&CK Matrix, test environments and other friends of Blue Team. Obstacles, unexpected discoveries, lack of information, a flood of logs, new technologies – you will meet them all if you want to build an effective defense team.
“MacOS Security threats”
Small talk about the latest MacOS malware. Security patches and their issues. Examples both with well-known malware samples and with samples from own experience. This speech is like a brunch about how your Mac becomes exploited, with real cases of malware, known vulnerabilities, and self-made PoC.
Get the Help You Need
Cybersecurity is our core expertise. Let’s get in touch and you will learn more about how UnderDefense can benefit your organization
Risk based cyber resiliencyCustomer view: Guest blog by Michael Rezek, VP, Cybersecurity Strategy at Accedian It’s may be possible to spend less on cybersecurity and get more protectionWhat we have witnessed over the last couple of decades as the traditional approach...
Detecting reconnaissance activity in your networkBy Bogdan VennykOne of the main services we provide at UnderDefense is 24x7 Monitoring with our Security Operation Center (SOC) and a critical part of great SOC is ..., RIGHT! - its detection capabilities. That is why...
Black Friday. How To Avoid Major Cybersecurity RisksBy Iryna YamborskaBlack Friday is coming! Pleasant time of hot sales. Pleasant not only to those people who prepare Christmas gifts but also to hackers who want to make money on the desire of users to buy cheaper...