DEF CON 29 Recon Village - Ben S - Future of Asset Management

preview_player
Показать описание
Future of Asset Management
  1. DEFCONConference
  2. DEF
  3. CON
  4. DEFCON
  5. DEF CON
  6. hacker conference
Рекомендации по теме
DEF CON 29 0:42:02

DEF CON 29 Recon Village - Nick Roy - OSINT and the Hermit Kingdom

DEF CON 29 0:45:17

DEF CON 29 Recon Village - Ryan Elkins - How to Build Cloud Based Recon Automation at Scale

DEF CON 29 0:30:18

DEF CON 29 Recon Village - Rae - Using OSINT to Aid in Human Trafficking and Smuggling Cases

DEF CON 29 0:28:15

DEF CON 29 Recon Village - Mishaal Khan - People Hunting A Pentesters Perspective

DEF CON 29 0:20:47

DEF CON 29 Recon Village - Manabu Niseki - Adversary Infrastructure Tracking with Mihari

DEF CON 29 0:29:02

DEF CON 29 Recon Village - MasterChen - Can I Make My Own Social Threat Score

DEF CON 29 0:29:16

DEF CON 29 Recon Village - Ladislav Baco - How Vigilant Researchers Can Uncover APT Attacks

DEF CON 29 0:29:45

DEF CON 29 Recon Village - Andy Dennis - Using Passive DNS for gathering Business Intelligence

DEF CON 29 0:41:07

DEF CON 29 Recon Village - Ben S - Future of Asset Management

DEF CON 29 0:47:04

DEF CON 29 Recon Village - Mauro Eldritch - Venator Hunting & Smashing Trolls on Twitter

So You Want 0:23:10

So You Want to OPSEC, Eh? - Ritu Gil - Recon Village @DEFCON 29

DEF CON Safe 0:45:21

DEF CON Safe Mode Recon Village - Levi - Ambly the Darknet Spider

People Hunting: A 0:28:15

People Hunting: A Pentesters Perspective - Mishaal Khan - Recon Village @DEFCON 29

DEF CON 29 0:15:38

DEF CON 29 Recon Village - Tushar Verma - The Bug Hunter’s Recon Methodology

Recon Village Talks 6:00:44

Recon Village Talks - DEFCON 29

DEF CON 29 0:23:10

DEF CON 29 Recon Village - Ritu Gil - So You Want to OPSEC, Eh

DEF CON 27 0:24:52

DEF CON 27 - Recon Village - Chris Kirsch - Using OSINT for Competitive Intelligence

OSINT and the 0:42:02

OSINT and the Hermit Kingdom - Nick Roy - Recon Village @DEFCON 29

Adversary Infrastructure Tracking 0:20:47

Adversary Infrastructure Tracking with Mihari - Manabu Niseki - Recon Village @DEFCON 29

Using Passive DNS 0:29:45

Using Passive DNS for gathering Business Intelligence - Andy Dennis - Recon Village @DEFCON 29

Future of Asset 0:41:07

Future of Asset Management - Ben S (Nahamsec) - Recon Village @DEFCON 29

DEF CON 29 0:26:12

DEF CON 29 Adversary Village - Shantanu Khandelwal - Red Team Credentials Recon: OLD with a TWIST

Can I Make 0:29:02

Can I Make My Own Social Threat Score? - MasterChen - Recon Village @DEFCON 29

DEF CON 31 0:00:25

DEF CON 31 Recon Village Interview

Комментарии
Автор

Great presentation - I do a similar process to do a quick and dirty vuln scan on my employer's externally facing sites. Get domains, get hosts from crt.sh, resolve ip addresses, and then get Shodan ports and vulns from the ip. I script it in python because 3000 domains. Run it all night and do the analysis in the morning.

sueyoung
Автор

You left out something: don’t overly punish your fucker uppers. If a vulnerability is discovered and then tied to an employee, resist the temptation to “make an example” of them. That will only serve to incentivize your workers to cover their own ass before the company’s.

Instead, you want to foster an environment where a fucker upper feels safe reporting their mistakes or corner-cuts before they grow into vulnerabilities.

leovalenzuela