Presented on Friday 16th September 2022 at 44CON 2022
Log4J was a merry Christmas call for many teams around the world. This talk will share our story of how we were among the first to respond to in-the-wild attacks, helping the community manage and understand how to prepare for such an incident.
Log4J did not catch us unaware, but we did not connect the dots at first. Who would have guessed that chatter of a new vulnerability in Minecraft is related to a wave of coinminer incidents we responded to?
This talk will cover the line between threat intelligence, responding to cyber incidents, releasing open-source tools, and helping our customers and the community!
We will not focus on the technical analysis of the vulnerability (there are plenty of talks like that already). Instead, our focus is on how an organization prepares for such incidents ahead of time. For example, laying the pieces in place to be ready for the unknown (e.g., being aware of vulnerabilities in vendor appliances before they are!)
Guy Barnhart-Magen
With nearly 25 years of experience in the cyber-security industry, Guy held various positions in both corporates and startups.
As the CTO for the Cyber crisis management firm Profero, he focuses on making incident response fast and scalable, harnessing the latest technologies and a cloud-native approach.
He recently led Intel’s Predictive Threat Analysis group, which focused on the security of machine learning systems and trusted execution environments. At Intel, he defined the global AI security strategy and roadmap. He spoke at dozens of events on the research he and the group have done on Security for AI systems and published several whitepapers on the subject.
Guy is the BSidesTLV chairman and CTF lead, a Public speaker in well-known global security events (SAS, t2, 44CON, BSidesLV, and several DefCon villages, to name a few), and the recipient of the Cisco “black belt” security ninja honor – Cisco’s highest cybersecurity advocate rank.
He started as a software developer for several security startups and spent eight years in the IDF. After completing his Electrical Engineering and Applied Mathematics degrees, he focused on security research in real-world applications.
He joined NDS (later acquired by Cisco). He led the *Anti-Hacking, Cryptography, and Supply Chain Security* Groups (~25 people in USA and Israel).
Ещё видео!