Homemade Ramen & Threat Intelligence

Transcript

1. HOMEMADE RAMEN & THREAT INTEL A recipe for both

2. SCOTT J ROBERTS Instructor: SANS FOR578 Cyber Threat Intelligence Author:

   Intelligence Driven Incident Response

3. METAPHOR WARNING!!!

4. WHAT IS RAMEN?

5. WHAT IS THREAT INTELLIGENCE?

6. THE GOAL Understand the combination of tools, inputs, process, &

   people that lead to creating a threat intelligence capability.

7. THE TOOLS

8. “SOMETHING (SUCH AS AN INSTRUMENT OR APPARATUS) USED IN PERFORMING

   AN OPERATION OR NECESSARY IN THE PRACTICE OF A VOCATION OR PROFESSION” Merriam-Webster: Tool (Def 2a)

9. THE TOOLS FOR RAMEN

10. TOOLS ➤ Tongs ➤ Ladle ➤ “Spider” ➤ Knives &

    Cutting Boards ➤ “Base Infrastructure:” Pots & Pans, Stove Top Burner

11. INFRARED THERMOMETER Aka Kitchen Laser Gun

12. THE TOOLS FOR CTI

13. TIP: YETI

14. WORKBENCH: MALTEGO

15. DETECTIONS: YARA & SNORT

16. 3RD PARTY SOURCES: PASSIVE TOTAL & SHODAN

17. KEY: FITTING INTO YOUR ENVIRONMENT

18. “ “Remember, it is never the knife's fault.” – Daniel

    Boulud

19. THE INGREDIENTS

20. “SOMETHING THAT ENTERS INTO A COMPOUND OR IS A COMPONENT

    PART OF ANY COMBINATION OR MIXTURE” Merriam-Webster: Ingredient

21. THE INGREDIENTS FOR RAMEN

22. BROTH BASE ➤ 1 cup rough diced red delicious apple

    (about 1) ➤ 1 cup rough diced garlic (about 3 heads) ➤ 1 cup rough diced ginger ➤ 1 medium yellow onion ➤ 1/2 rack pork baby back ribs ➤ 12 cups water ➤ 1 cup soy sauce

23. NOODLES

24. BROTH EXTRAS ➤ 1 sheet kombu ➤ handfull rough choped

    dry shiitake mushrooms ➤ 1 half a diced sweet potato ➤ Ends of 1 bunch green onions

25. SERVING EXTRAS ➤ Slow Poached Eggs ➤ Nori/Wakame ➤ Siracha

    ➤ Sweet Potato ➤ Grilled Sweet Potato

26. THE INGREDIENTS FOR THREAT INTELLIGENCE

27. YOUR OWN INCIDENTS

28. YOUR TEAMS

29. VENDOR REPORTS

30. HONEYPOTS

31. PEERS/SHARING COMMUNITIES

32. 3RD PARTY PAID INTELLIGENCE

33. “ Real food doesn't have ingredients, real food is ingredients.

    –Jamie Oliver

34. THE RECIPE

35. “A SET OF INSTRUCTIONS FOR MAKING SOMETHING FROM VARIOUS INGREDIENTS”

    Merriam-Webster: Recipe (2)

36. THE RECIPE FOR RAMEN

37. STEPS FOR RAMEN ➤ Bring water (Optional add dry shiitakes

    and nori) to a simmer ➤ Add other ingredients (except noodles) and bring to a boil ➤ Reduce heat and simmer 2.5-3 hours (reduced to about half) ➤ Prepare noodles and serve with extras

38. THE RECIPE FOR THREAT INTELLIGENCE

39. INTELLIGENCE CYCLE

40. F3EAD EXPLOIT ANALYZE DISSEMINATE FIND FIX FINISH

41. LESSONS LEARNED & PRACTICE

42. “ “Today’s innovation is tomorrow’s tradition.” –Lidia Bastianich

43. THE COOKS

44. GREAT COOKS EAT (CONSUME)

45. GREAT COOKS COOK (CREATE)

46. GREAT COOKS LEARN (GROWTH)

47. “ “Cook, cook, and cook. Keep your hands as involved

    in the kitchen and as much as you can and don’t seek glamour.” –Gaggan Anand

48. THE OUTPUT

49. PICTURE OF RAMEN

50. INTELLIGENCE PRODUCTS

51. RFIS

52. SHORT FORM REPORTS

53. LONG FORM REPORTS

54. CONCLUSION

55. TAKEAWAYS ➤ Think about your tools ➤ Get to know

    and understand your inputs ➤ Focus on honing your processes ➤ Grow your people

56. RAMEN RECIPE ➤ 1 cup rough diced red delicious apple

    (about 1) ➤ 1 cup rough diced garlic (about 3 heads) ➤ 1 cup rough diced ginger ➤ 1 medium yellow onion ➤ 1/2 rack pork baby back ribs ➤ 12 cups water ➤ 1 cup soy sauce ➤ Bring water to a simmer ➤ Add other ingredients and bring to a boil ➤ Reduce heat to low and simmer 2.5-3 hours ➤ Remove ribs & discard veggies, shred pork, & prepare ramen noodles ➤ Plate w/ noodles, broth, pork, & extras then serve ➤ Good extras ideas include Slow Poached Eggs, Nori/Wakame, Siracha, Grilled Sweet Potato

57. THANKS

58. “ “Usually, one’s cooking is better than one thinks it

    is.” –Julia Child