SlideShare a Scribd company logo

Sri monthly presentation 2015

Download as PPT, PDF
Akash Rajguru
Akash Rajguru

The document discusses STIX (Structured Threat Information eXpression), a language for specifying and sharing cyber threat information. It describes a STIX CybOX Creator tool that generates CybOX XML files from email to express cyber observables. The tool uses Python libraries to read email from Gmail and produce XML output using the STIX and CybOX specifications to structure threat intelligence in a standard, machine-readable format.

Technology
1 of 19
STIX CYBOX CREATOR Dr. Brian Lee Akash Rajguru
SRI Monthly Presentation2015 | Dr. Brian Lee, Akash Rajguru Advanced Persistent Threat
Cyber Threat Intelligence Analysis driven understanding of: •What activity are we seeing? •What threat I should look for in my network and systems and why? •Where has this threat been seen? •What does it do? •What weaknesses does this threat exploit? •Who is responsible for this threat? •What can I do about it? SRI Monthly Presentation2015 | Dr. Brian Lee, Akash Rajguru
SRI Monthly Presentation2015 | Dr. Brian Lee, Akash Rajguru Taxonomy of Threat Intelligence
Threat Intelligence Sharing •Cyber threat information sharing is not new •But it is atomic and very limited in sophistication Atomic because the information about threat is relatively very less . Limited in sophistication because it is unstructured and less expressive. SRI Monthly Presentation2015 | Dr. Brian Lee, Akash Rajguru
Problem faced by Cyber Security Experts • Most sharing is unstructured and human-to-human does not cover broad dimension of cyber threat information sharing SRI Monthly Presentation2015 | Dr. Brian Lee, Akash Rajguru
SRI Monthly Presentation2015 | Dr. Brian Lee, Akash Rajguru Threat Intelligence Sharing Mechanisms
STIX as a Solution Structured Threat Information eXpression STIX aims to enable sharing of more expressive cyber threat information as well as other full-spectrum of cyber threat information. SITX is a language developed for: Specify, Capture, Characterize, Communicate Cyber Threat Information SRI Monthly Presentation2015 | Dr. Brian Lee, Akash Rajguru
SRI Monthly Presentation2015 | Dr. Brian Lee, Akash Rajguru STIX as a Solution
Implementations Initial implementation has been done in XMl Schema •Ubiquitous, portable and structured STIX can also be implemented using JSON SRI Monthly Presentation2015 | Dr. Brian Lee, Akash Rajguru
Enabling Utilities Utilities provided enable’s easier prototyping and use of the language. Utilities consist of: •Programmatic Language (python) bindings for STIX, cyBox, etc. •High-level API’s for common needs/activities. SRI Monthly Presentation2015 | Dr. Brian Lee, Akash Rajguru
Product build on STIX Specification Product name: STIX CYBOX CREATOR OVERVIEW The STIX CybOX creator is a python based GUI application which generates CybOX xml output from rfc822 email. the email is read from gmail IMAP server and the CybOX output file is created. file is created in xml format. SRI Monthly Presentation2015 | Dr. Brian Lee, Akash Rajguru
What is CybOX Cyber Observable eXpression It is a base construct within the STIX. Language for communicating standardized information about Cyber observable (basically it a Schema for representing cyber observables). Examples: Information about file (name, size, hash, etc.), a registry key value, a service being stared. SRI Monthly Presentation2015 | Dr. Brian Lee, Akash Rajguru
Dependencies • Python-cybox - A python library for cybox • Http://cybox.Readthedocs.Org/en/latest/installation.Ht ml • Python IMAP client library • Pip install imapclient SRI Monthly Presentation2015 | Dr. Brian Lee, Akash Rajguru
Architecture SRI Monthly Presentation2015 | Dr. Brian Lee, Akash Rajguru
LIVE DEMO SRI Monthly Presentation2015 | Dr. Brian Lee, Akash Rajguru
Where to Learn More STIX Website ( Whitepapers, documentation, schemas, etc.) http://stix.mitre.org STIX GitHub site (bindings, APIs, utilities) https://github.com/STIXProject SRI Monthly Presentation2015 | Dr. Brian Lee, Akash Rajguru
Thank You QUESTIONS? SRI Monthly Presentation2015 | Dr. Brian Lee, Akash Rajguru
References • HTTPS:// WWW.RSACONFERENCE.COM/WRITABLE/PRESENTATIONS/FILE_UPLOAD/DSP-R31.PDF • HTTPS://WWW.YOUTUBE.COM/WATCH?V=XM3QHSZHUAA • HTTP://STIXPROJECT.GITHUB.IO/SUPPORTERS/ • HTTP://STIXPROJECT.GITHUB.IO/DOCUMENTATION/ • HTTP://STIXPROJECT.GITHUB.IO/ABOUT/ • HTTPS://CYBOX.MITRE.ORG/DOCUMENTS/CYBER%20OBSERVABLE %20EXPRESSION%20%28CYBOX%29%20USE%20CASES%20-%20%28ITSAC %202011%29%20-%20SEAN%20BARNUM.PDF SRI Monthly Presentation2015 | Dr. Brian Lee, Akash Rajguru

Recommended

Sri monthly presentation 2016
Sri monthly presentation 2016Sri monthly presentation 2016
Sri monthly presentation 2016Akash Rajguru
 
ATAGTR2017 Security Test Driven Development (STDD)
ATAGTR2017 Security Test Driven Development (STDD)ATAGTR2017 Security Test Driven Development (STDD)
ATAGTR2017 Security Test Driven Development (STDD)Agile Testing Alliance
 
ATAGTR2017 Test the REST
ATAGTR2017 Test the REST ATAGTR2017 Test the REST
ATAGTR2017 Test the REST Agile Testing Alliance
 
Ast in CI/CD by Ofer Maor
Ast in CI/CD by Ofer MaorAst in CI/CD by Ofer Maor
Ast in CI/CD by Ofer MaorDevSecCon
 
From rogue one to rebel alliance by Peter Chestna
From rogue one to rebel alliance by Peter ChestnaFrom rogue one to rebel alliance by Peter Chestna
From rogue one to rebel alliance by Peter ChestnaDevSecCon
 
ATAGTR2017 Security Testing / IoT Testing in Real World
ATAGTR2017 Security Testing / IoT Testing in Real WorldATAGTR2017 Security Testing / IoT Testing in Real World
ATAGTR2017 Security Testing / IoT Testing in Real WorldAgile Testing Alliance
 
ABB Summer Co-op 2015
ABB Summer Co-op 2015ABB Summer Co-op 2015
ABB Summer Co-op 2015Rudy Libertini
 
A Secure DevOps Journey
A Secure DevOps JourneyA Secure DevOps Journey
A Secure DevOps JourneySonatype
 

Recommended

Sri monthly presentation 2016
Sri monthly presentation 2016Sri monthly presentation 2016
Sri monthly presentation 2016Akash Rajguru
 
ATAGTR2017 Security Test Driven Development (STDD)
ATAGTR2017 Security Test Driven Development (STDD)ATAGTR2017 Security Test Driven Development (STDD)
ATAGTR2017 Security Test Driven Development (STDD)Agile Testing Alliance
 
ATAGTR2017 Test the REST
ATAGTR2017 Test the REST ATAGTR2017 Test the REST
ATAGTR2017 Test the REST Agile Testing Alliance
 
Ast in CI/CD by Ofer Maor
Ast in CI/CD by Ofer MaorAst in CI/CD by Ofer Maor
Ast in CI/CD by Ofer MaorDevSecCon
 
From rogue one to rebel alliance by Peter Chestna
From rogue one to rebel alliance by Peter ChestnaFrom rogue one to rebel alliance by Peter Chestna
From rogue one to rebel alliance by Peter ChestnaDevSecCon
 
ATAGTR2017 Security Testing / IoT Testing in Real World
ATAGTR2017 Security Testing / IoT Testing in Real WorldATAGTR2017 Security Testing / IoT Testing in Real World
ATAGTR2017 Security Testing / IoT Testing in Real WorldAgile Testing Alliance
 
ABB Summer Co-op 2015
ABB Summer Co-op 2015ABB Summer Co-op 2015
ABB Summer Co-op 2015Rudy Libertini
 
A Secure DevOps Journey
A Secure DevOps JourneyA Secure DevOps Journey
A Secure DevOps JourneySonatype
 
Devops: Security's big opportunity by Peter Chestna
Devops: Security's big opportunity by Peter ChestnaDevops: Security's big opportunity by Peter Chestna
Devops: Security's big opportunity by Peter ChestnaDevSecCon
 
API Security - Everything You Need to Know To Protect Your APIs
API Security - Everything You Need to Know To Protect Your APIsAPI Security - Everything You Need to Know To Protect Your APIs
API Security - Everything You Need to Know To Protect Your APIsAaronLieberman5
 
ATAGTR2017 Cost-effective Security Testing Approaches for Web, Mobile & Enter...
ATAGTR2017 Cost-effective Security Testing Approaches for Web, Mobile & Enter...ATAGTR2017 Cost-effective Security Testing Approaches for Web, Mobile & Enter...
ATAGTR2017 Cost-effective Security Testing Approaches for Web, Mobile & Enter...Agile Testing Alliance
 
Application Security at DevOps Speed - DevOpsDays Singapore 2016
Application Security at DevOps Speed - DevOpsDays Singapore 2016Application Security at DevOps Speed - DevOpsDays Singapore 2016
Application Security at DevOps Speed - DevOpsDays Singapore 2016Stefan Streichsbier
 
DevSecOps - It can change your life (cycle)
DevSecOps - It can change your life (cycle)DevSecOps - It can change your life (cycle)
DevSecOps - It can change your life (cycle)Qualitest
 
Project Flogo: Serverless Integration, Powered by Flogo and Lambda
Project Flogo: Serverless Integration, Powered by Flogo and LambdaProject Flogo: Serverless Integration, Powered by Flogo and Lambda
Project Flogo: Serverless Integration, Powered by Flogo and LambdaLeon Stigter
 
The Rise of DevSecOps - Fabian Lim - DevSecOpsSg
The Rise of DevSecOps - Fabian Lim - DevSecOpsSgThe Rise of DevSecOps - Fabian Lim - DevSecOpsSg
The Rise of DevSecOps - Fabian Lim - DevSecOpsSgDevSecOpsSg
 
Integrating DevOps and Security
Integrating DevOps and SecurityIntegrating DevOps and Security
Integrating DevOps and SecurityStijn Muylle
 
DevSecOps - Building Rugged Software
DevSecOps - Building Rugged SoftwareDevSecOps - Building Rugged Software
DevSecOps - Building Rugged SoftwareSeniorStoryteller
 
DevSecCon London 2017: How far left do you want to go with security? by Javie...
DevSecCon London 2017: How far left do you want to go with security? by Javie...DevSecCon London 2017: How far left do you want to go with security? by Javie...
DevSecCon London 2017: How far left do you want to go with security? by Javie...DevSecCon
 
Le 12 pratiche - Un introduzione a XP (Mini Italian Agile Day)
Le 12 pratiche - Un introduzione a XP (Mini Italian Agile Day)Le 12 pratiche - Un introduzione a XP (Mini Italian Agile Day)
Le 12 pratiche - Un introduzione a XP (Mini Italian Agile Day)Andrea Francia
 
Security in a Continuous Delivery World
Security in a Continuous Delivery WorldSecurity in a Continuous Delivery World
Security in a Continuous Delivery WorldDinis Cruz
 
Careers in Security
Careers in SecurityCareers in Security
Careers in SecurityJason Chan
 
SecDevOps: The New Black of IT
SecDevOps: The New Black of ITSecDevOps: The New Black of IT
SecDevOps: The New Black of ITCloudPassage
 
Shifting left – embedding security into the devops pipeline by Mike d. Kail
Shifting left – embedding security into the devops pipeline by Mike d. KailShifting left – embedding security into the devops pipeline by Mike d. Kail
Shifting left – embedding security into the devops pipeline by Mike d. KailDevSecCon
 
Monitoring via Datadog
Monitoring via DatadogMonitoring via Datadog
Monitoring via DatadogKnoldus Inc.
 
DevSecCon Singapore 2019: An attacker's view of Serverless and GraphQL apps S...
DevSecCon Singapore 2019: An attacker's view of Serverless and GraphQL apps S...DevSecCon Singapore 2019: An attacker's view of Serverless and GraphQL apps S...
DevSecCon Singapore 2019: An attacker's view of Serverless and GraphQL apps S...DevSecCon
 
Windows 8 - Technical Overview
Windows 8 - Technical OverviewWindows 8 - Technical Overview
Windows 8 - Technical OverviewAlan Richards
 
Outpost24 webinar - Securing DevOps in Cloud Environments
Outpost24 webinar - Securing DevOps in Cloud EnvironmentsOutpost24 webinar - Securing DevOps in Cloud Environments
Outpost24 webinar - Securing DevOps in Cloud EnvironmentsOutpost24
 
OpenSourceSecurityTools - UPDATED
OpenSourceSecurityTools - UPDATEDOpenSourceSecurityTools - UPDATED
OpenSourceSecurityTools - UPDATEDSparsh Raj
 
Introduction to Cybersecurity v2.1 - Course Overview.pptx
Introduction to Cybersecurity v2.1 - Course Overview.pptxIntroduction to Cybersecurity v2.1 - Course Overview.pptx
Introduction to Cybersecurity v2.1 - Course Overview.pptxkaushalmunish77
 
Markings of a Healthy OSS Project
Markings of a Healthy OSS ProjectMarkings of a Healthy OSS Project
Markings of a Healthy OSS ProjectClement Ho
 

More Related Content

What's hot

Devops: Security's big opportunity by Peter Chestna
Devops: Security's big opportunity by Peter ChestnaDevops: Security's big opportunity by Peter Chestna
Devops: Security's big opportunity by Peter ChestnaDevSecCon
 
API Security - Everything You Need to Know To Protect Your APIs
API Security - Everything You Need to Know To Protect Your APIsAPI Security - Everything You Need to Know To Protect Your APIs
API Security - Everything You Need to Know To Protect Your APIsAaronLieberman5
 
ATAGTR2017 Cost-effective Security Testing Approaches for Web, Mobile & Enter...
ATAGTR2017 Cost-effective Security Testing Approaches for Web, Mobile & Enter...ATAGTR2017 Cost-effective Security Testing Approaches for Web, Mobile & Enter...
ATAGTR2017 Cost-effective Security Testing Approaches for Web, Mobile & Enter...Agile Testing Alliance
 
Application Security at DevOps Speed - DevOpsDays Singapore 2016
Application Security at DevOps Speed - DevOpsDays Singapore 2016Application Security at DevOps Speed - DevOpsDays Singapore 2016
Application Security at DevOps Speed - DevOpsDays Singapore 2016Stefan Streichsbier
 
DevSecOps - It can change your life (cycle)
DevSecOps - It can change your life (cycle)DevSecOps - It can change your life (cycle)
DevSecOps - It can change your life (cycle)Qualitest
 
Project Flogo: Serverless Integration, Powered by Flogo and Lambda
Project Flogo: Serverless Integration, Powered by Flogo and LambdaProject Flogo: Serverless Integration, Powered by Flogo and Lambda
Project Flogo: Serverless Integration, Powered by Flogo and LambdaLeon Stigter
 
The Rise of DevSecOps - Fabian Lim - DevSecOpsSg
The Rise of DevSecOps - Fabian Lim - DevSecOpsSgThe Rise of DevSecOps - Fabian Lim - DevSecOpsSg
The Rise of DevSecOps - Fabian Lim - DevSecOpsSgDevSecOpsSg
 
Integrating DevOps and Security
Integrating DevOps and SecurityIntegrating DevOps and Security
Integrating DevOps and SecurityStijn Muylle
 
DevSecOps - Building Rugged Software
DevSecOps - Building Rugged SoftwareDevSecOps - Building Rugged Software
DevSecOps - Building Rugged SoftwareSeniorStoryteller
 
DevSecCon London 2017: How far left do you want to go with security? by Javie...
DevSecCon London 2017: How far left do you want to go with security? by Javie...DevSecCon London 2017: How far left do you want to go with security? by Javie...
DevSecCon London 2017: How far left do you want to go with security? by Javie...DevSecCon
 
Le 12 pratiche - Un introduzione a XP (Mini Italian Agile Day)
Le 12 pratiche - Un introduzione a XP (Mini Italian Agile Day)Le 12 pratiche - Un introduzione a XP (Mini Italian Agile Day)
Le 12 pratiche - Un introduzione a XP (Mini Italian Agile Day)Andrea Francia
 
Security in a Continuous Delivery World
Security in a Continuous Delivery WorldSecurity in a Continuous Delivery World
Security in a Continuous Delivery WorldDinis Cruz
 
Careers in Security
Careers in SecurityCareers in Security
Careers in SecurityJason Chan
 
SecDevOps: The New Black of IT
SecDevOps: The New Black of ITSecDevOps: The New Black of IT
SecDevOps: The New Black of ITCloudPassage
 
Shifting left – embedding security into the devops pipeline by Mike d. Kail
Shifting left – embedding security into the devops pipeline by Mike d. KailShifting left – embedding security into the devops pipeline by Mike d. Kail
Shifting left – embedding security into the devops pipeline by Mike d. KailDevSecCon
 
Monitoring via Datadog
Monitoring via DatadogMonitoring via Datadog
Monitoring via DatadogKnoldus Inc.
 
DevSecCon Singapore 2019: An attacker's view of Serverless and GraphQL apps S...
DevSecCon Singapore 2019: An attacker's view of Serverless and GraphQL apps S...DevSecCon Singapore 2019: An attacker's view of Serverless and GraphQL apps S...
DevSecCon Singapore 2019: An attacker's view of Serverless and GraphQL apps S...DevSecCon
 
Windows 8 - Technical Overview
Windows 8 - Technical OverviewWindows 8 - Technical Overview
Windows 8 - Technical OverviewAlan Richards
 
Outpost24 webinar - Securing DevOps in Cloud Environments
Outpost24 webinar - Securing DevOps in Cloud EnvironmentsOutpost24 webinar - Securing DevOps in Cloud Environments
Outpost24 webinar - Securing DevOps in Cloud EnvironmentsOutpost24
 
OpenSourceSecurityTools - UPDATED
OpenSourceSecurityTools - UPDATEDOpenSourceSecurityTools - UPDATED
OpenSourceSecurityTools - UPDATEDSparsh Raj
 

What's hot (20)

Devops: Security's big opportunity by Peter Chestna
Devops: Security's big opportunity by Peter ChestnaDevops: Security's big opportunity by Peter Chestna
Devops: Security's big opportunity by Peter Chestna
 
API Security - Everything You Need to Know To Protect Your APIs
API Security - Everything You Need to Know To Protect Your APIsAPI Security - Everything You Need to Know To Protect Your APIs
API Security - Everything You Need to Know To Protect Your APIs
 
ATAGTR2017 Cost-effective Security Testing Approaches for Web, Mobile & Enter...
ATAGTR2017 Cost-effective Security Testing Approaches for Web, Mobile & Enter...ATAGTR2017 Cost-effective Security Testing Approaches for Web, Mobile & Enter...
ATAGTR2017 Cost-effective Security Testing Approaches for Web, Mobile & Enter...
 
Application Security at DevOps Speed - DevOpsDays Singapore 2016
Application Security at DevOps Speed - DevOpsDays Singapore 2016Application Security at DevOps Speed - DevOpsDays Singapore 2016
Application Security at DevOps Speed - DevOpsDays Singapore 2016
 
DevSecOps - It can change your life (cycle)
DevSecOps - It can change your life (cycle)DevSecOps - It can change your life (cycle)
DevSecOps - It can change your life (cycle)
 
Project Flogo: Serverless Integration, Powered by Flogo and Lambda
Project Flogo: Serverless Integration, Powered by Flogo and LambdaProject Flogo: Serverless Integration, Powered by Flogo and Lambda
Project Flogo: Serverless Integration, Powered by Flogo and Lambda
 
The Rise of DevSecOps - Fabian Lim - DevSecOpsSg
The Rise of DevSecOps - Fabian Lim - DevSecOpsSgThe Rise of DevSecOps - Fabian Lim - DevSecOpsSg
The Rise of DevSecOps - Fabian Lim - DevSecOpsSg
 
Integrating DevOps and Security
Integrating DevOps and SecurityIntegrating DevOps and Security
Integrating DevOps and Security
 
DevSecOps - Building Rugged Software
DevSecOps - Building Rugged SoftwareDevSecOps - Building Rugged Software
DevSecOps - Building Rugged Software
 
DevSecCon London 2017: How far left do you want to go with security? by Javie...
DevSecCon London 2017: How far left do you want to go with security? by Javie...DevSecCon London 2017: How far left do you want to go with security? by Javie...
DevSecCon London 2017: How far left do you want to go with security? by Javie...
 
Le 12 pratiche - Un introduzione a XP (Mini Italian Agile Day)
Le 12 pratiche - Un introduzione a XP (Mini Italian Agile Day)Le 12 pratiche - Un introduzione a XP (Mini Italian Agile Day)
Le 12 pratiche - Un introduzione a XP (Mini Italian Agile Day)
 
Security in a Continuous Delivery World
Security in a Continuous Delivery WorldSecurity in a Continuous Delivery World
Security in a Continuous Delivery World
 
Careers in Security
Careers in SecurityCareers in Security
Careers in Security
 
SecDevOps: The New Black of IT
SecDevOps: The New Black of ITSecDevOps: The New Black of IT
SecDevOps: The New Black of IT
 
Shifting left – embedding security into the devops pipeline by Mike d. Kail
Shifting left – embedding security into the devops pipeline by Mike d. KailShifting left – embedding security into the devops pipeline by Mike d. Kail
Shifting left – embedding security into the devops pipeline by Mike d. Kail
 
Monitoring via Datadog
Monitoring via DatadogMonitoring via Datadog
Monitoring via Datadog
 
DevSecCon Singapore 2019: An attacker's view of Serverless and GraphQL apps S...
DevSecCon Singapore 2019: An attacker's view of Serverless and GraphQL apps S...DevSecCon Singapore 2019: An attacker's view of Serverless and GraphQL apps S...
DevSecCon Singapore 2019: An attacker's view of Serverless and GraphQL apps S...
 
Windows 8 - Technical Overview
Windows 8 - Technical OverviewWindows 8 - Technical Overview
Windows 8 - Technical Overview
 
Outpost24 webinar - Securing DevOps in Cloud Environments
Outpost24 webinar - Securing DevOps in Cloud EnvironmentsOutpost24 webinar - Securing DevOps in Cloud Environments
Outpost24 webinar - Securing DevOps in Cloud Environments
 
OpenSourceSecurityTools - UPDATED
OpenSourceSecurityTools - UPDATEDOpenSourceSecurityTools - UPDATED
OpenSourceSecurityTools - UPDATED
 

Similar to Sri monthly presentation 2015

Introduction to Cybersecurity v2.1 - Course Overview.pptx
Introduction to Cybersecurity v2.1 - Course Overview.pptxIntroduction to Cybersecurity v2.1 - Course Overview.pptx
Introduction to Cybersecurity v2.1 - Course Overview.pptxkaushalmunish77
 
Markings of a Healthy OSS Project
Markings of a Healthy OSS ProjectMarkings of a Healthy OSS Project
Markings of a Healthy OSS ProjectClement Ho
 
Owasp Summit - Wednesday evening briefing master
Owasp Summit - Wednesday evening briefing masterOwasp Summit - Wednesday evening briefing master
Owasp Summit - Wednesday evening briefing masterDinis Cruz
 
Conferencia principal: Evolución y visión de Elastic Security
Conferencia principal: Evolución y visión de Elastic SecurityConferencia principal: Evolución y visión de Elastic Security
Conferencia principal: Evolución y visión de Elastic SecurityElasticsearch
 
Bill curtis Beyond process - a challenge for SEPGs
Bill curtis Beyond process - a challenge for SEPGsBill curtis Beyond process - a challenge for SEPGs
Bill curtis Beyond process - a challenge for SEPGsSPIN Chennai
 
How would you handle and prevent fires from IoT forests?
How would you handle and prevent fires from IoT forests?How would you handle and prevent fires from IoT forests?
How would you handle and prevent fires from IoT forests?0 0
 
Blackboard Learn Deployment: A Detailed Update of Managed Hosting and SaaS De...
Blackboard Learn Deployment: A Detailed Update of Managed Hosting and SaaS De...Blackboard Learn Deployment: A Detailed Update of Managed Hosting and SaaS De...
Blackboard Learn Deployment: A Detailed Update of Managed Hosting and SaaS De...Blackboard APAC
 
Threat Modeling All Day!
Threat Modeling All Day!Threat Modeling All Day!
Threat Modeling All Day!Steven Carlson
 
Open ILRI
Open ILRIOpen ILRI
Open ILRIILRI
 
IoT-Fundamentals-And-Digital-Tranformation-Repaired.pptx
IoT-Fundamentals-And-Digital-Tranformation-Repaired.pptxIoT-Fundamentals-And-Digital-Tranformation-Repaired.pptx
IoT-Fundamentals-And-Digital-Tranformation-Repaired.pptxAurelia JQ
 
Trusted, Transparent and Fair AI using Open Source
Trusted, Transparent and Fair AI using Open SourceTrusted, Transparent and Fair AI using Open Source
Trusted, Transparent and Fair AI using Open SourceAnimesh Singh
 
TIC-TOC: Disrupt the Threat Management Conversation with Dominique Singer and...
TIC-TOC: Disrupt the Threat Management Conversation with Dominique Singer and...TIC-TOC: Disrupt the Threat Management Conversation with Dominique Singer and...
TIC-TOC: Disrupt the Threat Management Conversation with Dominique Singer and...SaraPia5
 
Building a Cyber Threat Intelligence Knowledge Management System (Paris Augus...
Building a Cyber Threat Intelligence Knowledge Management System (Paris Augus...Building a Cyber Threat Intelligence Knowledge Management System (Paris Augus...
Building a Cyber Threat Intelligence Knowledge Management System (Paris Augus...Vaticle
 
Scale14x Patterns and Practices for Open Source Project Success
Scale14x Patterns and Practices for Open Source Project SuccessScale14x Patterns and Practices for Open Source Project Success
Scale14x Patterns and Practices for Open Source Project SuccessStephen Walli
 
Bridging the Security Testing Gap in Your CI/CD Pipeline
Bridging the Security Testing Gap in Your CI/CD PipelineBridging the Security Testing Gap in Your CI/CD Pipeline
Bridging the Security Testing Gap in Your CI/CD PipelineDevOps.com
 
ICION 2016 - Cyber Security Governance
ICION 2016 - Cyber Security GovernanceICION 2016 - Cyber Security Governance
ICION 2016 - Cyber Security GovernanceCharles Lim
 
Phishing Intelligence Engine - BlueHat v17
Phishing Intelligence Engine - BlueHat v17Phishing Intelligence Engine - BlueHat v17
Phishing Intelligence Engine - BlueHat v17Greg Foss
 
Palestra de abertura: Evolução e visão do Elastic Security
Palestra de abertura: Evolução e visão do Elastic SecurityPalestra de abertura: Evolução e visão do Elastic Security
Palestra de abertura: Evolução e visão do Elastic SecurityElasticsearch
 
Building Your Information Security Program: Frameworks & Metrics
Building Your Information Security Program: Frameworks & MetricsBuilding Your Information Security Program: Frameworks & Metrics
Building Your Information Security Program: Frameworks & MetricsRob Arnold
 
RSA 2018- What’s Hot in the Cyber Security Space
RSA 2018- What’s Hot in the Cyber Security SpaceRSA 2018- What’s Hot in the Cyber Security Space
RSA 2018- What’s Hot in the Cyber Security SpaceSBWebinars
 

Similar to Sri monthly presentation 2015 (20)

Introduction to Cybersecurity v2.1 - Course Overview.pptx
Introduction to Cybersecurity v2.1 - Course Overview.pptxIntroduction to Cybersecurity v2.1 - Course Overview.pptx
Introduction to Cybersecurity v2.1 - Course Overview.pptx
 
Markings of a Healthy OSS Project
Markings of a Healthy OSS ProjectMarkings of a Healthy OSS Project
Markings of a Healthy OSS Project
 
Owasp Summit - Wednesday evening briefing master
Owasp Summit - Wednesday evening briefing masterOwasp Summit - Wednesday evening briefing master
Owasp Summit - Wednesday evening briefing master
 
Conferencia principal: Evolución y visión de Elastic Security
Conferencia principal: Evolución y visión de Elastic SecurityConferencia principal: Evolución y visión de Elastic Security
Conferencia principal: Evolución y visión de Elastic Security
 
Bill curtis Beyond process - a challenge for SEPGs
Bill curtis Beyond process - a challenge for SEPGsBill curtis Beyond process - a challenge for SEPGs
Bill curtis Beyond process - a challenge for SEPGs
 
How would you handle and prevent fires from IoT forests?
How would you handle and prevent fires from IoT forests?How would you handle and prevent fires from IoT forests?
How would you handle and prevent fires from IoT forests?
 
Blackboard Learn Deployment: A Detailed Update of Managed Hosting and SaaS De...
Blackboard Learn Deployment: A Detailed Update of Managed Hosting and SaaS De...Blackboard Learn Deployment: A Detailed Update of Managed Hosting and SaaS De...
Blackboard Learn Deployment: A Detailed Update of Managed Hosting and SaaS De...
 
Threat Modeling All Day!
Threat Modeling All Day!Threat Modeling All Day!
Threat Modeling All Day!
 
Open ILRI
Open ILRIOpen ILRI
Open ILRI
 
IoT-Fundamentals-And-Digital-Tranformation-Repaired.pptx
IoT-Fundamentals-And-Digital-Tranformation-Repaired.pptxIoT-Fundamentals-And-Digital-Tranformation-Repaired.pptx
IoT-Fundamentals-And-Digital-Tranformation-Repaired.pptx
 
Trusted, Transparent and Fair AI using Open Source
Trusted, Transparent and Fair AI using Open SourceTrusted, Transparent and Fair AI using Open Source
Trusted, Transparent and Fair AI using Open Source
 
TIC-TOC: Disrupt the Threat Management Conversation with Dominique Singer and...
TIC-TOC: Disrupt the Threat Management Conversation with Dominique Singer and...TIC-TOC: Disrupt the Threat Management Conversation with Dominique Singer and...
TIC-TOC: Disrupt the Threat Management Conversation with Dominique Singer and...
 
Building a Cyber Threat Intelligence Knowledge Management System (Paris Augus...
Building a Cyber Threat Intelligence Knowledge Management System (Paris Augus...Building a Cyber Threat Intelligence Knowledge Management System (Paris Augus...
Building a Cyber Threat Intelligence Knowledge Management System (Paris Augus...
 
Scale14x Patterns and Practices for Open Source Project Success
Scale14x Patterns and Practices for Open Source Project SuccessScale14x Patterns and Practices for Open Source Project Success
Scale14x Patterns and Practices for Open Source Project Success
 
Bridging the Security Testing Gap in Your CI/CD Pipeline
Bridging the Security Testing Gap in Your CI/CD PipelineBridging the Security Testing Gap in Your CI/CD Pipeline
Bridging the Security Testing Gap in Your CI/CD Pipeline
 
ICION 2016 - Cyber Security Governance
ICION 2016 - Cyber Security GovernanceICION 2016 - Cyber Security Governance
ICION 2016 - Cyber Security Governance
 
Phishing Intelligence Engine - BlueHat v17
Phishing Intelligence Engine - BlueHat v17Phishing Intelligence Engine - BlueHat v17
Phishing Intelligence Engine - BlueHat v17
 
Palestra de abertura: Evolução e visão do Elastic Security
Palestra de abertura: Evolução e visão do Elastic SecurityPalestra de abertura: Evolução e visão do Elastic Security
Palestra de abertura: Evolução e visão do Elastic Security
 
Building Your Information Security Program: Frameworks & Metrics
Building Your Information Security Program: Frameworks & MetricsBuilding Your Information Security Program: Frameworks & Metrics
Building Your Information Security Program: Frameworks & Metrics
 
RSA 2018- What’s Hot in the Cyber Security Space
RSA 2018- What’s Hot in the Cyber Security SpaceRSA 2018- What’s Hot in the Cyber Security Space
RSA 2018- What’s Hot in the Cyber Security Space
 

More from Akash Rajguru

Final Year presentation
Final Year presentationFinal Year presentation
Final Year presentationAkash Rajguru
 
Akash final-year-project report
Akash final-year-project reportAkash final-year-project report
Akash final-year-project reportAkash Rajguru
 
B.Eng-Final Year Project interim-report
B.Eng-Final Year Project interim-reportB.Eng-Final Year Project interim-report
B.Eng-Final Year Project interim-reportAkash Rajguru
 
Akash rajguru project report sem VI
Akash rajguru project report sem VIAkash rajguru project report sem VI
Akash rajguru project report sem VIAkash Rajguru
 
Akash rajguru project report sem v
Akash rajguru project report sem vAkash rajguru project report sem v
Akash rajguru project report sem vAkash Rajguru
 
4th semester project report
4th semester project report4th semester project report
4th semester project reportAkash Rajguru
 
Education akash bsit1110
Education akash bsit1110Education akash bsit1110
Education akash bsit1110Akash Rajguru
 

More from Akash Rajguru (8)

Final Year presentation
Final Year presentationFinal Year presentation
Final Year presentation
 
Akash final-year-project report
Akash final-year-project reportAkash final-year-project report
Akash final-year-project report
 
B.Eng-Final Year Project interim-report
B.Eng-Final Year Project interim-reportB.Eng-Final Year Project interim-report
B.Eng-Final Year Project interim-report
 
Akash rajguru project report sem VI
Akash rajguru project report sem VIAkash rajguru project report sem VI
Akash rajguru project report sem VI
 
Akash rajguru project report sem v
Akash rajguru project report sem vAkash rajguru project report sem v
Akash rajguru project report sem v
 
4th semester project report
4th semester project report4th semester project report
4th semester project report
 
Project
ProjectProject
Project
 
Education akash bsit1110
Education akash bsit1110Education akash bsit1110
Education akash bsit1110
 

Recently uploaded

"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfSeasiaInfotech2
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 

Recently uploaded (20)

"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdf
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 

Sri monthly presentation 2015

  • 1. STIX CYBOX CREATOR Dr. Brian Lee Akash Rajguru
  • 2. SRI Monthly Presentation2015 | Dr. Brian Lee, Akash Rajguru Advanced Persistent Threat
  • 3. Cyber Threat Intelligence Analysis driven understanding of: •What activity are we seeing? •What threat I should look for in my network and systems and why? •Where has this threat been seen? •What does it do? •What weaknesses does this threat exploit? •Who is responsible for this threat? •What can I do about it? SRI Monthly Presentation2015 | Dr. Brian Lee, Akash Rajguru
  • 4. SRI Monthly Presentation2015 | Dr. Brian Lee, Akash Rajguru Taxonomy of Threat Intelligence
  • 5. Threat Intelligence Sharing •Cyber threat information sharing is not new •But it is atomic and very limited in sophistication Atomic because the information about threat is relatively very less . Limited in sophistication because it is unstructured and less expressive. SRI Monthly Presentation2015 | Dr. Brian Lee, Akash Rajguru
  • 6. Problem faced by Cyber Security Experts • Most sharing is unstructured and human-to-human does not cover broad dimension of cyber threat information sharing SRI Monthly Presentation2015 | Dr. Brian Lee, Akash Rajguru
  • 7. SRI Monthly Presentation2015 | Dr. Brian Lee, Akash Rajguru Threat Intelligence Sharing Mechanisms
  • 8. STIX as a Solution Structured Threat Information eXpression STIX aims to enable sharing of more expressive cyber threat information as well as other full-spectrum of cyber threat information. SITX is a language developed for: Specify, Capture, Characterize, Communicate Cyber Threat Information SRI Monthly Presentation2015 | Dr. Brian Lee, Akash Rajguru
  • 9. SRI Monthly Presentation2015 | Dr. Brian Lee, Akash Rajguru STIX as a Solution
  • 10. Implementations Initial implementation has been done in XMl Schema •Ubiquitous, portable and structured STIX can also be implemented using JSON SRI Monthly Presentation2015 | Dr. Brian Lee, Akash Rajguru
  • 11. Enabling Utilities Utilities provided enable’s easier prototyping and use of the language. Utilities consist of: •Programmatic Language (python) bindings for STIX, cyBox, etc. •High-level API’s for common needs/activities. SRI Monthly Presentation2015 | Dr. Brian Lee, Akash Rajguru
  • 12. Product build on STIX Specification Product name: STIX CYBOX CREATOR OVERVIEW The STIX CybOX creator is a python based GUI application which generates CybOX xml output from rfc822 email. the email is read from gmail IMAP server and the CybOX output file is created. file is created in xml format. SRI Monthly Presentation2015 | Dr. Brian Lee, Akash Rajguru
  • 13. What is CybOX Cyber Observable eXpression It is a base construct within the STIX. Language for communicating standardized information about Cyber observable (basically it a Schema for representing cyber observables). Examples: Information about file (name, size, hash, etc.), a registry key value, a service being stared. SRI Monthly Presentation2015 | Dr. Brian Lee, Akash Rajguru
  • 14. Dependencies • Python-cybox - A python library for cybox • Http://cybox.Readthedocs.Org/en/latest/installation.Ht ml • Python IMAP client library • Pip install imapclient SRI Monthly Presentation2015 | Dr. Brian Lee, Akash Rajguru
  • 15. Architecture SRI Monthly Presentation2015 | Dr. Brian Lee, Akash Rajguru
  • 16. LIVE DEMO SRI Monthly Presentation2015 | Dr. Brian Lee, Akash Rajguru
  • 17. Where to Learn More STIX Website ( Whitepapers, documentation, schemas, etc.) http://stix.mitre.org STIX GitHub site (bindings, APIs, utilities) https://github.com/STIXProject SRI Monthly Presentation2015 | Dr. Brian Lee, Akash Rajguru
  • 18. Thank You QUESTIONS? SRI Monthly Presentation2015 | Dr. Brian Lee, Akash Rajguru
  • 19. References • HTTPS:// WWW.RSACONFERENCE.COM/WRITABLE/PRESENTATIONS/FILE_UPLOAD/DSP-R31.PDF • HTTPS://WWW.YOUTUBE.COM/WATCH?V=XM3QHSZHUAA • HTTP://STIXPROJECT.GITHUB.IO/SUPPORTERS/ • HTTP://STIXPROJECT.GITHUB.IO/DOCUMENTATION/ • HTTP://STIXPROJECT.GITHUB.IO/ABOUT/ • HTTPS://CYBOX.MITRE.ORG/DOCUMENTS/CYBER%20OBSERVABLE %20EXPRESSION%20%28CYBOX%29%20USE%20CASES%20-%20%28ITSAC %202011%29%20-%20SEAN%20BARNUM.PDF SRI Monthly Presentation2015 | Dr. Brian Lee, Akash Rajguru