Eric Monti & Dan Moniz: Defeating Extrusion Detection Black Hat Briefings, USA 2007 [Audio] Presentations From The Security Conference. podcast

Indhold leveret af Black Hat/ CMP Media, Inc. and Jeff Moss. Alt podcastindhold inklusive episoder, grafik og podcastbeskrivelser uploades og leveres direkte af Black Hat/ CMP Media, Inc. and Jeff Moss eller deres podcastplatformspartner. Hvis du mener, at nogen bruger dit ophavsretligt beskyttede værk uden din tilladelse, kan du følge processen beskrevet her https://da.player.fm/legal.

Black Hat Briefings, USA 2007 [Audio] Presentations from the security conference. «
Eric Monti & Dan Moniz: Defeating Extrusion Detection

18+ y ago 1:23:38

Del

MP3•Episode hjem

Todays headlines are rife with high profile information leakage cases affecting major corporations and government institutions. Most of the highest-profile leakage news has about been stolen laptops (VA, CPS), or large-scale external compromises of customer databases (TJX).
On a less covered, but much more commonplace basis, sensitive
financial data, company secrets, and customer information move in and out of networks and on and off of company systems all the time. Where it goes can be hard to pin down.
How can a company prevent (let alone detect) Alice taking a snapshot of the customer database or financial projections and posting them on internet forums or even dumping them to a floppy disk?
This, understandably, has a lot of people worried.
In response, many organizations have begun looking for technologies to detect and prevent sensitive information from leaving their networks, servers, workstations, and even buildings. For some time a product space for ""Extrusion Detection"" products has existed. But now the space is exploding and as tends to happen, security problems abound.
Some ""Extrusion Detections"" products rely on network gateway IPS/IDS approaches, whereas others work in a way more closely resembling host-based IDS/IPS. The main difference is that instead of detecting/preventing malicious information from entering a company's perimeter, they focus on keeping assets *inside*.
We've been evaluating a number of products in this space and have run across a large number of vulnerabilities. They range from improper evidence handling, to inherent design issues, all the way to complete compromise of an enterprise, using the Extrusion Detection framework itself as the vehicle.

89 episoder

#Tech #Blackhat Briefings And Training #Blackhat Usa 2006 #Black Hat Vegas #Blackhat Vegas #Hacking #Computer Security #Speeches #Presentations #Spoken Word #Video #Audio #Tech News #Jeff Moss #Podcasting #Conventions