45 min listen
Unavailable
Currently unavailable
2016-021: Carbon Black's CTO Ben Johnson on EDR, the layered approach, and threat intelligence
Currently unavailable
2016-021: Carbon Black's CTO Ben Johnson on EDR, the layered approach, and threat intelligence
ratings:
Length:
58 minutes
Released:
May 29, 2016
Format:
Podcast episode
Description
Ben Johnson (@chicagoben on Twitter) has spent a good deal of time working on protecting client's endpoints. From his work at the NSA, to being the co-founder of Carbon Black (@carbonblack_inc). We managed to have him on to discuss EDR (#Endpoint Detection and Response), TTP (#Tactics, Techniques, and Procedures), and #Threat #Intelligence industry. Ben discusses with us the Layered Approach to EDR: 1. Hunting 2. Automation 3. Integration 4. Retrospection 5. Patterns of Attack/Detection 6. indicator-based detection 7. Remediation 8. Triage 9. Visibility We also discuss how VirusTotal's changes in policy regarding sharing of information is going to affect the threat intel industry. Ben also discusses his opinion of our "Moxie vs. Mechanisms" podcast, where businesses spend too much on shiny boxes vs. people. Brakesec apologizes for the audio issues during minute 6 and minute 22. Google Hangouts was not kind to us :( Direct Link: http://traffic.libsyn.com/brakeingsecurity/2016-021-Ben_Johnson-Carbon_black-Threat_intelligence.mp3 iTunes: https://itunes.apple.com/us/podcast/2016-021-carbon-blacks-cto/id799131292?i=1000369579669&mt=2 YouTube: https://youtu.be/I10R3BeGDs4 RSS: http://www.brakeingsecurity.com/rss Show notes: https://docs.google.com/document/d/12Rn-p1u13YlmOORTYiM5Q2uKT5EswVRUj4BJVX7ECHA/edit?usp=sharing (great info) https://roberthurlbut.com/blog/make-threat-modeling-work-oreilly-2016 Comments, Questions, Feedback: bds.podcast@gmail.com Support Brakeing Down Security Podcast on Patreon: https://www.patreon.com/bds_podcast #Twitter: @brakesec @boettcherpwned @bryanbrake #Facebook: https://www.facebook.com/BrakeingDownSec/ #Tumblr: http://brakeingdownsecurity.tumblr.com/ Player.FM : https://player.fm/series/brakeing-down-security-podcast #Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr #TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582/
Released:
May 29, 2016
Format:
Podcast episode
Titles in the series (100)
2020-018- Masha Sedova, bespoke security training, useful metrics to tailor training: Masha Sedova - Founder, Elevate Security Inability to measure human security behaviors leads to increased risk in our computing environments. For too long, we’ve accepted training completion and mock phishing data as a sufficient way to measure this... by BrakeSec Education Podcast