Domainer elite blackhat5/29/2023 Other companies involved in the founding of the OCSF include DTEX, IBM Security, IronNet, JupitorOne, Rapid7, Salesforce, Securonix and Sumo Logic. Ryland added: “Customers tell us that their security teams are spending too much time and energy normalizing data across different tools rather than being able to focus on analyzing and responding to risks.” “Having a holistic view of security-related data across tools is essential for customers to effectively detect, investigate and mitigate security issues,” said Mark Ryland, director, office of the CISO at AWS. “This is a problem that the industry needed to come together to solve.” “Security leaders are wrestling with integration gaps across an expanding set of application, service and infrastructure providers, and they need clean, normalized and prioritized data to detect and respond to threats at scale,” said Patrick Coughlin, group vice president, security market, at Splunk. “The OCSF is an open-source effort aimed at delivering a simplified and vendor-agnostic taxonomy to help all security teams realize better, faster data ingestion and analysis without the time-consuming, up-front normalization tasks.”Įxperts from participating companies said there was a pressing need to start sharing key data in order to improve cybersecurity for all. “Detecting and stopping today’s cyberattacks requires coordination across cybersecurity tools, but unfortunately normalizing data from multiple sources requires significant time and resources,” the group stated in its joint press release. Agbabian is now a top executive at Splunk. The initiative is described as a continuation of Paul Agbabian’s Integrated Cyber Defense (ICD) Schema work done at Symantec, a division of Broadcom. In the companies’ joint press release, the OCSF is referred to as an “open standard that can be adopted in any environment, application or solution provider and fits with existing security standards and processes.” All members of the cybersecurity community are invited to utilize and contribute to the OCSF. The goal: to better share product-normalizing data in order to improve cybersecurity in general. The announcement by a group of cybersecurity companies-including Splunk, Amazon Web Services, Cloudflare, CrowdStrike, Palo Alto Networks, Okta, Trend Micro, Tanium and Zscaler, among others-revealed the launch of a new consortium called the Open Cybersecurity Schema Framework ( OCSF). I'm also interested in his statement about virus scanners - are they really useless? I use Chrome, MS Security Essentials, dont click on devious looking links.and I've had 1 infection flagged in the last 3 years (thanks Adobe).Black Hat USA 2022 started off with a bang Wednesday with a group of major cybersecurity companies unveiling the formation of a new open-source consortium to share key data and with DNSFilter separately saying it’s acquiring Guardian, a firewall and VPN platform. Not to mention that you can make a perfectly legal fortune (ethics aside) selling exploits to security firms which on-sell them to governments. Script kiddies aside, intuition tells me that the intersection of people who have the skill to write an 0-day and the inclination to be a blackhat is smaller than the intersection of skilled/honest people. Is this statement true? Are the top level blackhats more talented, driven, or greater in number than the top level whitehats? Obviously there is money to be made as a blackhat but not everyone has criminal inclinations. When a 0-day is released blackhats have used it for months. The thing you have to remember is the black hat world is 10 steps ahead of what’s commercially available. Is there existing research on this topic? Earlier in the piece he also claims this: I’d like to do some research into the time it takes from when blackhats find 0-days to whitehats find them.
0 Comments
Leave a Reply. |