[prev in list] [next in list] [prev in thread] [next in thread] 

List:       isn
Subject:    [ISN] Salted Hash: Live from DerbyCon 5.0 (Day 1)
From:       InfoSec News <alerts () infosecnews ! org>
Date:       2015-09-28 7:00:25
Message-ID: alpine.DEB.2.02.1509280700150.14558 () infosecnews ! org
[Download RAW message or body]

http://www.csoonline.com/article/2986763/security-awareness/salted-hash-live-from-derbycon-5-0-day-1.html

By Steve Ragan
Salted Hash
CSO Online
Sept 25, 2015

DerbyCon 5.0 has officially started, and it didn't take long before the 
halls were flooded with hackers looking to catch-up with their peers as 
they headed to the first talk of the day.

On Thursday, I had the chance to catch-up with a number of people who 
resonated with the thought process of yesterday's post. The point being, 
insider threats aren't what you think they are, and the core issue isn't a 
malicious user – it's a clueless user. In addition, when dealing with 
insider-based issues, policies that prohibit or hinder workflow will 
create more problems than they solve.

Today, the topic is threat intelligence. I learned something interesting 
recently, if you gather a group of hackers and researchers around a table 
and ask them to define threat intelligence, the conversation will quickly 
spins into a rage fueled discussion about sales-driven security (meaning 
InfoSec products that are pitched and sold with no real security value).

[...]



--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/

[prev in list] [next in list] [prev in thread] [next in thread]