Traditionally, defense has been approached without enough emphasis on countering real world attack behaviors. This presentation will cover new network defense techniques from an attack perspective, specifically focusing on building detection systems around initial compromise, persistence/C2, and lateral movement. It will discuss practical methods of alerting on both host and network level persistence, what works (and what doesn’t!) with network traffic anomaly analysis, and useful approaches for correlating weak and strong attack signals. Finally, this presentation will demonstrate effective ways to reduce organizational attack surface, simulate realistic adversaries, and increase cost for attackers.
Zane Lackey is the Director of Security Engineering at Etsy and a member of the Advisory Council to the US State Department-backed Open Technology Fund. Prior to Etsy, Zane was a Senior Security Consultant at iSEC Partners. He has been featured in notable media outlets such as the BBC, Associated Press, Forbes, Wired, CNET, Network World, and SC Magazine. A frequent speaker at top industry conferences, he has presented at BlackHat, RSA, Microsoft BlueHat, Toorcon, SANS, OWASP, QCon, and has given invited lectures at NYU, UC Davis, and Reykjavik University. He is a contributing author of Mobile Application Security (McGraw-Hill), a co-author of Hacking Exposed: Web 2.0 (McGraw-Hill), and a contributing author/technical editor of Hacking VoIP (No Starch Press). He holds a Bachelor of Arts in Economics with a minor in Computer Science from the University of California, Davis.