In this session, HD Moore, Founder and CEO at runZero, focused on the identification of devices bridging multiple networks, the deterioration of network segmentation, and the impact this has on security models such as zero trust. HD discussed the exploitation of segmentation weaknesses during penetration tests and how unsecured VPN technologies can widen the attack surface. He also discussed his platform, RunZero, its capabilities, and best practices for minimizing device-specific attack surfaces.
Links:
In this session of Defender Fridays, Justin Varner discussed the automation of contextual analysis for real-time breach alerts, introducing siphon technology as a move toward intentional tripwires, such as detecting unusual AWS key usage. He highlighted the integration of tools like GreyNoise, RunZero, and Tines to create a more comprehensive approach to incident response. The conversation focused on using automation and specialized tools to refine security operations and strengthen incident response capabilities.
Links:
Eric Capuano, Director of Training at LimaCharlie, shared insights about using adversary emulation as a method for training defense mechanisms in cybersecurity. He highlighted how tools like ChatGPT can streamline creating these scenarios by generating realistic threat simulations. Besides the technical aspects, Eric also addressed the ethical considerations of using AI tools for adversarial purposes, stressing the critical need to test detection rules against emulated attacks.
Links:
LimaCharlie
440 N Barranca Ave #5258,
Covina, CA 91723
Subscribe to our monthly newsletter and stay up-to-date on all things LimaCharlie