当前位置:首页 > 报告详情

人人都想主宰(数据)世界.pdf

上传人: 可*** 编号:991900 2025-12-07 22页 5.86MB

1、Everyone Wants to Rule the World(of data)John Stoner(Civ)+John E.Stoner(Army)Global Principal Security StrategistJohn Stoner(Civ)Focuses on improving analyst capabilities in Security Operations,Threat Hunting,Incident Response,Detection Engineering and Threat Intelligence Blogs on threat hunting and

2、 security operations and has built multiple APT threat emulations for blue team capture the flag eventsPresented and led workshops at various industry symposia including FIRST,BSides,SANS Summits,WiCyS,Way West Hacking Fest,AISA,NSECand DefCon Packet Hacking VillageEnjoys listening to what former te

3、ammates referred to as 80s sad-timey musicSenior Security ConsultantJohn E Stoner(Army)John Stoner has over 25 years of experience in the national security,SLED and defense sectors,with 15 focused in cybersecurity.He has worked as a CTI analyst,Technical PM,chief of analytics and as a cyber instruct

4、or.He holds A+,Net+,CISD,CASP,FITSP-M-NG,PMP and CISSP certifications.As a Google Senior Security Consultant,he helps clients across verticals with a variety of cybersecurity issues.He is as a DEFCON G00N.John also co-instructs a Cyber Threat Intelligence workshop at BSides NoVa,and volunteers at ca

5、reer villages and is active in VetSec,The Diana Initiative,and WiCyS.Johns musical tastes are heavier,akin to“screamo metal.”TOCWho is everyone?What does“All the data”mean?TIPs and SIEMsPriority Intelligence RequirementsNormalization and data processing Balance of the dataCyber Intelligence Engineer

6、ingPutting concepts to action-Volt TyphoonSummaryWorld Where We LiveMission/Business ReqsThreatHuntingVulnerabilityManagementIncidentResponseCTISecurityOperationsWhat do we mean all the data?StrategicPerformance metricsGRCAssessmentsCertificationsIntelligence ReportingTacticalRaw Logs(syslog,json,xm

word格式文档无特别注明外均可编辑修改,预览文件经过压缩,下载原文更清晰!
三个皮匠报告文库所有资源均是客户上传分享,仅供网友学习交流,未经上传用户书面授权,请勿作商用。
根据报告的内容,全文主要围绕网络安全和数据管理展开,以下是关键点: 1. **作者背景**:John Stoner(民)和John E. Stoner(陆军)是网络安全领域的专家,拥有丰富的经验和认证。 2. **数据管理**:强调“所有数据”的重要性,区分战略、战术和操作层面的数据需求。 3. **网络安全工程**:介绍网络安全工程(CIE)与威胁情报(CTI)的关系,强调数据收集、处理和自动化。 4. **SIEMs与TIPs**:讨论SIEM和TIPs在数据管理中的作用,确保数据访问和满足情报需求。 5. **优先情报需求**:强调将优先情报需求(PIRs)与业务目标对齐,关注相关威胁和可操作情报。 6. **数据平衡**:讨论内部和外部数据的平衡,以及数据规范化和标准化的重要性。 7. **案例研究**:通过“Volt Typhoon”案例研究,展示如何将概念付诸实践。 8. **总结**:强调数据并非全部有用,需要平衡、标准和团队协作。
"如何平衡内外数据?" "CTI与CIE有何区别?" "优先情报需求怎么定?"
客服
商务合作
小程序
服务号
折叠