Cybersecurity

From
Jump to: navigation, search

Youtube search... ...Google search


How to Plan for and Implement a Cybersecurity Strategy
Planning and implementing a security strategy to protect a hybrid of on-premises and cloud assets against advanced cybersecurity threats is one of the greatest challenges facing information security organizations today. Join Lex Thomas as he welcomes back Mark Simos to the show as they discuss how Microsoft has built a robust set of strategies and integrated capabilities to help you solve these challenges so that you can build a better understanding how to build an identity security perimeter around your assets. What does a Cybersecurity architecture guide look like? What does the Cybersecurity landscape look like? What does the evolution of IT and Microsoft Security look like? What does a platform security approach look like? Can you describe the benefits of an Integrated Security Experience? How do you measure security success?

Nicolas Papernot - Private Machine Learning with PATE - Cybersecurity With The Best 2017
Cybersecurity With The Best hosted over 40 speakers and hundreds of attendees from all over the world on a single platform on October 14-15, 2017. Nicolas Papernot is a PhD student in Computer Science and Engineering advised by Dr. Patrick McDaniel at the Pennsylvania State University. His research interests lie at the intersection of computer security and deep learning. He is supported by a Google PhD Fellowship in Security.

Confessions of a cyber spy hunter | Eric Winsborrow | TEDxVancouver
With over 20 years of experience leading high technology companies out of Silicon Valley, Eric has played a part in shaping the industry as an executive at heavyweights like McAfee, Symantec, and Cisco. Today, he is the CEO of ZanttZ, a company that is developing stealth cyber security technology solutions. Eric and his company are at the forefront of the latest developments in the world of global espionage, and the merging of man and machine. He attests that the Hollywood-created image of the daring secret agent sneaking into a foreign government's laser protected server room to steal top secret information couldn't be further from modern reality. In fact, the "James Bond" of the 21st century doesn't just use a computer, he is the computer. This talk was given at a TEDx event using the TED conference format but independently organized by a local community. Learn more at https://www.ted.com/tedx

Wiretapping the Secret Service can be easy and fun | Bryan Seely | TEDxKirkland
In 2014, Bryan Seely hacked the Secret Service and the FBI, and then turned himself in to alert authorities to the problem. He'll tell you what you can do about it in his very entertaining talk. Bryan Seely has garnered a great deal of national attention in the last year. He recognized there were some critical problems with the websites we use most often. He learned that not only is our personal security threatened, but so is our national security. To prove his point, Seely hacked the Secret Service and the FBI last year, and then turned himself in to alert authorities to the problem. He'll tell you what you can do about it in his very entertaining talk. This talk was given at a TEDx event using the TED conference format but independently organized by a local community. Learn more at http://ted.com/tedx

Evolution of AI Bots for Real-Time Adaptive Security
Thomas Caldwell, Sr. Director, WEBROOT AI bots historically emerged as chatbots. Early versions were rule-based, adding NLP and machine learning turned them into AI-based bots to be used in sales and support. Thousands of times faster than humans without fatigue, these AI bots have arrived. They are now being applied to Real-Time Adaptive Security. Analyzing cross domain context, events and weeding out false positives in milliseconds.

AI gets smart about cybersecurity
Read the CNET cybersecurity article here - http://cnet.co/2gxtOGn Cyberattacks have become more sophisticated and more dangerous. Here's how Las Vegas stays safe. Subscribe to CNET: http://cnet.co/2heRhep Check out our playlists: http://cnet.co/2g8kcf4 Like us on Facebook: http://www.facebook.com/cnet

How Israel Rules The World Of Cyber Security | VICE on HBO
U.S. intelligence agencies accuse Russia of hacking the 2016 presidential election, a Ben Ferguson travels to Tel Aviv to find out how Israel is on its way to becoming the world's top cyber superpower. Subscribe to VICE News here: http://bit.ly/Subscribe-to-VICE-News Check out VICE News for more: http://vicenews.com Follow VICE News here: Facebook: https://www.facebook.com/vicenews

Machine Learning Techniques for Cyber Security
An introduction to machine learning and its applications in cyber-security. Presented by Vahid Behzadan for the OWASP Nettacker team.

Semi Supervised Learning In An Adversarial Environment
DataWorks Summit

How the Future of Cybersecurity Depends on AI/ML
SparkCognition's Director of Cybersecurity, Rick Pither, discusses the role of artificial intelligence and machine learning in the cyber security landscape. For more information on AI in cybersecurity visit: http://bit.ly/2Vdzj0j

How big data and AI saved the day: critical IP almost walked out the door
Cybersecurity threats have evolved beyond what traditional SIEMs and firewalls can detect. We present case studies highlighting how: An advanced manufacturer was able to identify new insider threats, enabling them to protect their IP A media company’s security operations center was able to verify they weren’t the source of a high-profile media leak. The common thread across these real-world case studies is how businesses can expand their threat analysis using security analytics powered by artificial intelligence in a big data environment. Cybersecurity threats increasingly require the aggregation and analysis of multiple data sources. Siloed tools and technologies serve their purpose, but can’t be applied to look across the ever-growing variety and volume of traffic. Big data technologies are a proven solution to aggregating and analyzing data across enormous volumes and varieties of data in a scalable way. However, as security professionals well know, more data doesn’t mean more leads or detection. In fact, all too often more data means slower threat hunting and more missed incidents. The solution is to leverage advanced analytical methods like machine learning. Machine learning is a powerful mathematical approach that can learn patterns in data to identify relevant areas to focus. By applying these methods, we can automatically learn baseline activity and detect deviations across all data sources to flag high-risk entities that behave differently from their peers or past activity. Speaker Roy Wilds Principal Data Scientist Interset

Introduction to Graphistry
Graphistry transforms the speed and depth of modern investigations. This unique investigation platform allows analysts to bring together all of their tools and data into a single environment where they can see connections, outliers, progression, and scope of security events. Key capabilities include: - Automatically connects and queries across any and all data sources including SIEMs, Spark, Hadoop, threat feeds, or any source with an API. - Displays data as interactive and intuitive graphs that allow analysts to quickly see important connections, follow leads, and pivot to new data sources on the fly. - Allows analysts to save and share complete investigation workflows as Visual Playbooks that can be reused and embedded wherever they are needed. Learn more at http://www.graphistry.com

"Security: Computing in an Adversarial Environment," Carrie Gates
Apr. 12, 2012: "Security: Computing in an Adversarial Environment," presented by Carrie Gates, CA Labs; moderated by Christopher W. Clifton, Purdue University. Security is inherently different from other aspects of computing due to the presence of an adversary. As a result, identifying and addressing security vulnerabilities requires a different mindset from traditional engineering. Proper security engineering—or the lack of it!—affects everything from website scripts to supply chain management to electronic health records to social networks to mobile phones...and the list goes on. Security is further complicated by the translation of social notions—such as identity and trust— into an online world. Worse, security itself is often viewed by both developers and users as the adversary! This learning webinar will introduce the fundamentals of security, describe the security mindset, and highlight why achieving security is difficult. What you'll learn: The security mindset what it is, why it's needed The social side of security usability, adoption, identity, trust A deeper dive on insider threat as a case study what it is, how to detect it, how to prevent it Presenter: Carrie Gates, Senior Vice President and Director of Research, CA Labs Dr. Gates has opened new avenues for collaboration in the field of cyber security for CA Technologies by leveraging government programs that further research between CA Labs and academia. She has given over 20 invited talks internationally, authored more than 40 peer-reviewed publications related to information security, and co-authored an amendment on cloud security research for the America Competes Act that was signed into law in December 2010. In October 2010, Dr. Gates was recognized for her work with a Women of Influence award from CSO magazine. Moderator: Christopher W. Clifton, Associate Professor of Computer Science, Purdue University Dr. Clifton works on data privacy, particularly with respect to analysis of private data.



Deep Learning For Realtime Malware Detection - Domenic Puzio and Kate Highnam
Domain generation algorithm (DGA) malware makes callouts to unique web addresses to avoid detection by static rules engines. To counter this type of malware, we created an ensemble model that analyzes domains and evaluates if they were generated by a machine and thus potentially malicious. The ensemble consists of two deep learning models – a convolutional neural network and a long short-term memory network, both which were built using Keras and Tensorflow. These deep networks are flexible enough to learn complex patterns and do not require manual feature engineering. Deep learning models are also very difficult for malicious actors to reverse engineer, which makes them an ideal fit for cyber security use cases. The last piece of the ensemble is a natural-language processing model to assess whether the words in the domain make sense together. These three models are able to capture the structure and content of a domain, determining whether or not it comes from DGA malware with very high accuracy. These models have already been used to catch malware that vendor tools did not detect. Our system analyzes enterprise-scale network traffic in real time, renders predictions, and raises alerts for cyber security analysts to evaluate. Domenic Puzio is a Data Engineer with Capital One. He graduated from the University of Virginia with degrees in Mathematics and Computer Science. On his current project he is a core developer of a custom platform for ingesting, processing, and analyzing Capital One’s cyber-security data sources. Built entirely from opensource tools (NiFi, Kafka, Storm, Elasticsearch, Kibana), this framework processes hundreds of millions of events per hour. Currently, his focus is on the creation and productionization of machine learning models that provide enrichment to the data being streamed through the system. He is a contributor to two Apache projects. Kate Highnam has a background in Computer Science and Business, focusing on security, embedded devices, and accounting. At the University of Virginia, her thesis was a published industrial research paper containing an attack scenario and repair algorithm for drones deployed on missions with limited ground control contact. After joining Capital One as a Data Engineer, Kate has developed features within an internal DevOps Pipeline and Data Lake governance system. Currently, she builds machine learning models to assist cybersecurity experts and enhance defenses.

Fraud Detection

Thwart Fraud Using Graph Enhanced Artificial Intelligence
Amy Hodler, Analytics Program Manager at Neo4j and Scott Heath, Graph Practice Lead at Expero: This webinar will help you understand how successful financial services, banks and retailers are using graph technology and embedding intelligence to quickly identify risk and fraud patterns as they evolve. Fraudsters are now using more sophisticated and dynamic methods for credit card, money laundering and other types of fraud. Leveraging graph technology will allow you to see beyond individual data points and uncover difficult-to-detect patterns. Hear how to maximize time and resources with graph technology vs. traditional approaches.

AI has helped us prevent billions in fraud: Mastercard’s Ed McLaughlin
Mastercard President of Operations and Technology Ed McLaughlin discusses the upcoming artificial intelligence conference at the White House and how his company is utilizing AI.

Build A Complete Project In Machine Learning | Credit Card Fraud Detection 2019 | Eduonix
Look what we have for you! Another complete project in Machine Learning! In today's tutorial, we will be building a Credit Card Fraud Detection System from scratch! It is going to be a very interesting project to learn! It is one of the 10 projects from our course For this project, we will be using the several methods of Anomaly detection with Probability Densities. Artificial Intelligence and Machine Learning E-degree - http://bit.ly/34tCH6S We will be implementing the two major algorithms namely, 1. A local out wire factor to calculate anomaly scores. 2. Isolation forced algorithm. To get started we will first build a dataset of over 280,000 credit card transactions to work on! Get access similar 5 more projects here in this with certification- http://bit.ly/2Q2dX3Q You can access the source code of this tutorial here: https://github.com/eduonix/creditcardML You can even check FREE course on Predict Board Game Reviews with Machine Learning on http://bit.ly/2Wm2uKW Learn Machine Learning By Building Projects -http://bit.ly/2ZNkK5T Machine Learning For Absolute Beginners -http://bit.ly/2Q2pNe7

Leveraging Machine Learning for Fraud Analytics (Cloud Next '18)
We will showcase how we can build advance accelerators for Fraud Analytics solutions leveraging Google Stack. We will demonstrate how these accelerators fill the gaps that exists within other Fraud Analytics solutions currently available in the market today and how it can offer several benefits including real-time processing, increased accuracy, scalable database and high performance. MLAI102 Event schedule http://g.co/next18 Watch more Machine Learning & AI sessions here → http://bit.ly/2zGKfcg Next ‘18 All Sessions playlist http://bit.ly/Allsessions Subscribe to the Google Cloud channel! → http://bit.ly/NextSub


MITRE ATT&CK™

Youtube search... ...Google search

knowledge base of adversary tactics and techniques based on real-world observations. The ATT&CK™ knowledge base is used as a foundation for the development of specific threat models and methodologies in the private sector, in government, and in the cybersecurity product and service community.




Putting MITRE ATT&CK™ into Action with What You Have, Where You Are presented by Katie Nickels
MITRE ATT&CK™ has become widely adopted in the community as a way to frame adversary behaviors and improve defenses. But how can you use it for your team with what you have, where you are? Katie Nickels will break down the ATT&CK knowledge base so you understand how you can put it into action. She will explain the philosophy and approach behind ATT&CK™, then dive into how you can use it, whether you’re a one-person shop or an advanced security operations center. Katie will cover how you can use ATT&CK™ for detection, threat intelligence, assessments, and red teaming, with a focus on actionable takeaways to help your team move toward a threat-informed defense. Speaker: Katie Nickels, ATT&CK™ Threat Intelligence Lead at The MITRE Corporation Katie Nickels is the ATT&CK™ Threat Intelligence Lead at The MITRE Corporation, where she focuses on applying cyber threat intelligence to ATT&CK™ and sharing why that’s useful. She has worked in Security Operations Centers and cyber threat intelligence for nearly a decade, hailing from a liberal arts background with degrees from Smith College and Georgetown University. With more than a dozen publications to her name, Katie has shared her expertise with presentations at BSides LV, the FIRST CTI Symposium, multiple SANS Summits, and other events. She is also a SANS instructor for FOR578: Cyber Threat Intelligence and was a member of the 2019 SANS CTI Summit Advisory Board. Katie was the 2018 recipient of the President's Award from the Women's Society of Cyberjutsu and serves as the Program Manager for the Cyberjutsu Girls Academy.

Measuring and Improving Cyber Defense Using the MITRE ATT&CK™ Framework
Through the ATT&CK™ framework, MITRE has generated a gold mine of information about the most important tactics and techniques used by attackers and how the blue team can detect and prevent these actions. Blocking atomic attack indicators such as domain names and IP addresses might work in the short term, but understanding the higher-level tactics in ATT&CK™ helps the blue team identify and anticipate attacker activity at a higher level of abstraction, slowing attackers down and giving defenders a fighting chance. Attendees at this webcast will learn: -Why the framework is so important to security teams -How the matrix is evolving -What challenges users need to address to use the ATT&CK™ framework -How to use ATT&CK™ to improve operations -What best practices and tools are key to successfully using the framework John Hubbard is a certified SANS instructor and the author of two courses: SEC450: Blue Team Fundamentals: Security Operations and Analysis and SEC455: SIEM Design & Implementation. As a security operations center (SOC) consultant and speaker, John specializes in security operations, threat hunting, network security monitoring, SIEM design and defensive process optimization. His mission to improve blue teams led him to partner with SANS to help develop the next generation of defensive talent around the world.

DeTT&CT: Mapping Your Blue Team To MITRE ATT&CK™ - Ruben Bouman and Marcus Bakker
Cooper

MITRE ATT&CK™ Framework
MITRE ATT&CK™ is a knowledge base that helps model cyber adversaries' tactics and techniques – and then shows how to detect or stop them. Updated February 5, 2019

Building MITRE ATT&CK™ Technique Detection into Your Security Monitoring Environment
Randy Franklin Smith of Ultimate Windows Security and Brian Coulson of LogRhythm introduce viewers to MITRE ATT&CK™, which is a knowledge base that features adversary tactics and techniques. In this webinar, you will: - Learn about various ways to use ATT&CK, specifically in relation to designing, enhancing, assessing, and maintaining your security monitoring efforts. - Hear Brian discuss LogRhythm Labs’ project that includes aligning the ATT&CK™ matrix with log sources. - Walk through an example of the MITRE attack process from start to finish while focusing on rule development and alignment in the LogRhythm NextGen SIEM Platform.

Mapping Your Network to Mitre ATT&CK™ to Visualize Threats, Logging, and Detection w/ Wade Wells
Wild West Hackin' Fest Find out about upcoming Hackin' Casts, training, and in-person & virtual infosec conferences at https://www.wildwesthackinfest.com 0:00 - Hotel California 0:42 - The Mitre ATT&CK™ Map 3:21 - Three Tools 3:52 - OK But Why? 4:40 - So Hot Right Now 5:26 - Challenge Accepted 7:00 - Mitre ATT&CK™ Navigator 9:14 - DeTT&CT 18:23 - My Network's Setup Example 20:34 - Atomic Red Team 23:43 - End Credits 24:12 - Q&A Extended Edition Using open-source tools, Wade will describe how to map, test and display your network logging/detections to the Mitre ATT&CK™ framework while also comparing it to threat actors TTP’s.

Data Center Security

Youtube search... ...Google search

Inside Azure datacenter architecture with Mark Russinovich | BRK3097
Join Mark Russinovich, Azure CTO, to learn how Microsoft Azure enables intelligent, modern, and innovative applications at scale in the cloud, on-premises, and on the edge. Microsoft Azure has achieved massive, global scale, with more than 50 announced regions consisting of over 100 datacenters, and it is growing fast. It delivers the promise of cloud computing, including high-availability, extreme performance, and security, by custom designing software and hardware to work best together. Mark takes you on a tour of Azure datacenter architecture and implementation innovations, describing everything from Azure global infrastructure, to how we enable large-scale enterprise scenarios on both cloud and edge, and more. Microsoft Learn for Azure -- https://aka.ms/IntrotoAzure Find your Tech Community http://aka.ms/FindyourTechCommunity Fast Track -- https://aka.ms/FastrackforAzure

Google Data Center Security: 6 Layers Deep
Security is one of the most critical elements of our data centers’ DNA. With dozens of data centers globally, security operations means managing a massively complex network. Follow Stephanie Wong, as she journeys to the core of a data center, to show you the six layers of physical security designed to thwart unauthorized access. She’ll meet experts along the way to explore the inner workings of the technology and systems that make Google Cloud one of the most robust enterprise risk management platforms. Data Centers (Data & Security) → http://goo.gle/2LmkzF3 Google Cloud (Trust & Security)→ http://goo.gle/3dFDQNT Follow Stephanie on Twitter→ @swongful Subscribe to Google Cloud Platform → https://goo.gle/GCP Product: Data Center

Inside a Google data center
Watch our newest 2020 Data Center Tour → https://goo.gle/CloudData Joe Kava, VP of Google's Data Center Operations, gives a tour inside a Google data center, and shares details about the security, sustainability and the core architecture of Google's infrastructure.

The MOST SECURE data center in the world (The underground cloud)
The most protected data center in the world is located 150 feet below Kansas City, in the caves known as Subtropolis. Everyone seems to know of a unique location for us to explore next. Let us know YOURS at: http://www.offthecuf.com A Flutter Brothers Production Music by Robert Pirogovsky, http://www.robertpirogovsky.com/ Created by Chris and Harris With help from Eric Ford #Technology #thecloud #tech Subscribe to our newsletter: https://www.offthecuf.com/joinus

The World’s Most Secure Buildings
From underground military bunkers and gold reserves to historic and rarely accessed religious archives, we've unlocked the world’s most secure buildings. For more by The B1M subscribe now: http://ow.ly/GxW7y Go Behind The B1M. Click "JOIN" here - https://bit.ly/2Ru3M6O The B1M Merch store - teespring.com/stores/theb1m Footage and images courtesy of Sarah Scoles, U.S. Air Force, Google Earth,United States Department of Defence, Trevor Hughes, Senior Sergeant Bob Simons of the United States Air Force, Centro Televisivo Vaticano Archivio, John Coffman, Travis Good, Scott Holmes, Federal Reserve Bank of New York, Emil Nordin, Jonathan Nackstrand, Jonas Krantz, Roger Schederin, Ake E-Son Lindman, United States National Parks Services, Official White House Photos by Chuck Kennedy, Andrea Hanks and Pete Souza View this video and more at - https://www.TheB1M.com Like us on Facebook - http://www.facebook.com/TheB1M

Top 5 Biggest Data Centres in the World
With over five billion people connected to the internet, as of 2019, and the need for data storage and processing growing at an exponential rate, the past decade has seen data centres grow to the size of small cities. Here are the five biggest data centres in the world. WATCH AND ENJOY !!!