David DeSanto

There is much to look forward to with TLS v1.3. New levels of security and performance will benefit everyone and address many issues with current encryption, despite the challenges. If you stay ahead of the process, you can transform changes into opportunities for improvement rather than problems that disrupt your business.

Drawing upon years of practical experience and using numerous examples and illustrative case studies, Threat Forecasting: Leveraging Big Data for Predictive Analysis discusses important topics, including the danger of using historic data as the basis for predicting future breaches, how to use security intelligence as a tool to develop threat forecasting techniques, and how to use threat data visualization techniques and threat simulation tools. Readers will gain valuable security insights into… Show more

Drawing upon years of practical experience and using numerous examples and illustrative case studies, Threat Forecasting: Leveraging Big Data for Predictive Analysis discusses important topics, including the danger of using historic data as the basis for predicting future breaches, how to use security intelligence as a tool to develop threat forecasting techniques, and how to use threat data visualization techniques and threat simulation tools. Readers will gain valuable security insights into unstructured big data, along with tactics on how to use the data to their advantage to reduce risk.

* Presents case studies and actual data to demonstrate threat data visualization techniques and threat simulation tools
* Explores the usage of kill chain modeling to inform actionable security intelligence
* Demonstrates a methodology that can be used to create a full threat forecast analysis for enterprise networks of any size Show less

The world of cybersecurity is extremely complex. The threat landscape is rapidly changing and it’s difficult to keep up with the adversary. Today we live in a world of full of information. Threat forecasting is finding the needle in the haystack. It is the ability to pull together unstructured data sets to be able to provide predictive analysis and forecast current and upcoming threats.

Enterprises are virtualizing mission critical applications and services within their data centers as well as moving them to the cloud. These changes bring new security risks as the security border is no longer tied to the physical world. This model of an on-premise/off-premise enterprise services model creates a new borderless infrastructure requiring new security practices to properly protect it.

Today’s satellite navigation systems rely on constellations of satellites operating in medium earth orbits in several orbital planes. Each satellite broadcasts a signal containing orbital data and the precise time at which the signal was broadcast. The precise time is generated by a very accurate atomic clock on board the satellite. A satellite navigation receiver is able to determine its position very accurately from this information, if it is receiving signals from four or more satellites… Show more

Today’s satellite navigation systems rely on constellations of satellites operating in medium earth orbits in several orbital planes. Each satellite broadcasts a signal containing orbital data and the precise time at which the signal was broadcast. The precise time is generated by a very accurate atomic clock on board the satellite. A satellite navigation receiver is able to determine its position very accurately from this information, if it is receiving signals from four or more satellites simultaneously. There are two types of satellite navigation system currently deployed – Regional Satellite Systems (RSS) or Global Navigation Satellite Systems (GNSS).

A cyber attack on the GNSS system could exploit the RF channels used by Receivers for GNSS signal reception, alternatively it could also (at least as easily) exploit the channel used by a Positioning, Navigation and Timing (PNT) system to report its position.

Once it is understood that the evolution of GNSS threats does not only have clear parallels with the way that IP threats have evolved, but shares many of the features of a connected network, it can be seen that many of the lessons learned by the Information Security community apply equally as well to the GNSS community. Show less

This presentation discussed recent GNSS events as well as the availability of hacking tools within this industry. The evolution of GNSS threats were outlined leading to the discussion of how the GNSS threats can be mapped into the Information Security threat landscape. This history of vulnerability disclosure within the Information Security community was outlined to give proper knowledge to nondisclosure, responsible disclosure and nondisclosure practices. This led to the foundation of how… Show more

This presentation discussed recent GNSS events as well as the availability of hacking tools within this industry. The evolution of GNSS threats were outlined leading to the discussion of how the GNSS threats can be mapped into the Information Security threat landscape. This history of vulnerability disclosure within the Information Security community was outlined to give proper knowledge to nondisclosure, responsible disclosure and nondisclosure practices. This led to the foundation of how the CVE system works today including its key components including CVSS scoring. A possible vulnerability reporting framework was introduced for the GNSS community based on responsible disclosure leveraging the current Information Security community and the CVE system. Finally, lessons the GNSS community can learn from the Information Security community were discussed. For more information, please refer to the full paper:

http://www.slideshare.net/Spirent/inc-2015-presentation-paper-gnss-receivers-and-the-cyber-threat-final Show less

The presentation started by covering the historical trends of some of the first web browsers to current day. The context of this research data demonstrated eye opening facts and statistics on how rich Internet content has become and the increased transaction rate across multiple web based applications and search engines. These facts are important in building a foundation, as these types of transaction statistics have never been talked about openly in a public forum. Connections per second (CPS)… Show more

The presentation started by covering the historical trends of some of the first web browsers to current day. The context of this research data demonstrated eye opening facts and statistics on how rich Internet content has become and the increased transaction rate across multiple web based applications and search engines. These facts are important in building a foundation, as these types of transaction statistics have never been talked about openly in a public forum. Connections per second (CPS) and Transactions per second (TPS) are often not taken into consideration within the context outside of pure performance metrics of an inline security device. The speakers discussed the percentage changes year over year to provide some guidance that participants in the session can take away and discuss with their security vendors when they are making future buying decisions. The speakers transitioned from this new perspective and focused on the research on next generation firewalls (NGFW) and the issues they uncovered with onboard secure socket layer (SSL) client side decryption. Before the speakers covered the research on SSL, they provided statistics and illustrations of the rapid growth of SSL within enterprise environments. This research on SSL coupled with CPS/TPS of web browsers dealing with just HTTP (i.e., non-encrypted) web traffic demonstrated just how big this issue is not only to their enterprise environments but how this plays an important role in being able to detect and/or block malware that is using SSL to distribute and/or to call back to a command and control server. All the information presented gave the proper context and understanding for the final section of the presentation that reviewed the performance results and capabilities of several industry leading next generation firewalls claiming they can perform SSL decryption inline. The results were eye opening and demonstrated that the security industry isn’t ready for onboard inline SSL decryption. Show less

As more and more enterprises move mission-critical services online and require continuous uptime to perform business transactions, the threat landscape has changed. Although distributed denial-of-service (DDoS) attacks technically are not new, they are more effective today than ever before. DDoS prevention solutions offer protection against the different categories of DDoS attack, and many vendors have entered the market in recent years. Download this brief for more on these attacks and the… Show more

As more and more enterprises move mission-critical services online and require continuous uptime to perform business transactions, the threat landscape has changed. Although distributed denial-of-service (DDoS) attacks technically are not new, they are more effective today than ever before. DDoS prevention solutions offer protection against the different categories of DDoS attack, and many vendors have entered the market in recent years. Download this brief for more on these attacks and the prevention solutions currently available. Show less