This feed includes all episodes of Paul's Security Weekly, Enterprise Security Weekly, Business Security Weekly, Application Security Weekly, and Security Weekly News! Your one-stop shop for all things Security Weekly!
…
continue reading
Content provided by Black Hat/ CMP Media, Inc. and Jeff Moss. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Black Hat/ CMP Media, Inc. and Jeff Moss or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Similar to Black Hat Briefings, USA 2007 [Audio] Presentations from the security conference.
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
A weekly podcast show about Indian startups, entrepreneurs, and more! Hosted by Neil Patel & Friends
…
continue reading
Daily update on current cyber security threats
…
continue reading
Get ready for a weekly dose of all things Enterprise Software and Cloud Computing! Join us as we dive into topics including Kubernetes, DevOps, Serverless, Security and Coding. Plus, we’ll keep you entertained with plenty of off-topic banter and nonsense. Don’t worry if you miss the latest industry conference - we’ve got you covered with recaps of all the latest news from AWS, Microsoft Azure, Google Cloud Platform (GCP) and the Cloud Native Computing Foundation (CNCF).
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
Every Friday and Sunday, Slate’s popular daily news podcast What Next brings you TBD, a clear-eyed look into the future. From fake news to fake meat, algorithms to augmented reality, Lizzie O’Leary is your guide to the tech industry and the world it’s creating for us to live in.
…
continue reading
Material is a weekly discussion about the Google and Android universe. Your intrepid hosts try to answer the question, “What holds up the digital world?” The answer, so far, is that it’s Google all the way down. Hosted by Andy Ihnatko and Florence Ion.
…
continue reading
Big tech is transforming every aspect of our world. But how? And at what cost? This season of Land of the Giants – The Twitter Fantasy – will tell the story of Twitter (X) at a crucial moment for the platform, exactly one year after Elon Musk took over. Hosted by Vox senior correspondent Peter Kafka, the four-episode season will survey the company's outsize influence on politics and culture. How did Twitter become the Internet’s town square, for better and for worse? And where is it heading, ...
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
))
Eric Monti & Dan Moniz: Defeating Extrusion Detection
Manage episode 153226742 series 1085097
Content provided by Black Hat/ CMP Media, Inc. and Jeff Moss. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Black Hat/ CMP Media, Inc. and Jeff Moss or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Todays headlines are rife with high profile information leakage cases affecting major corporations and government institutions. Most of the highest-profile leakage news has about been stolen laptops (VA, CPS), or large-scale external compromises of customer databases (TJX).
On a less covered, but much more commonplace basis, sensitive
financial data, company secrets, and customer information move in and out of networks and on and off of company systems all the time. Where it goes can be hard to pin down.
How can a company prevent (let alone detect) Alice taking a snapshot of the customer database or financial projections and posting them on internet forums or even dumping them to a floppy disk?
This, understandably, has a lot of people worried.
In response, many organizations have begun looking for technologies to detect and prevent sensitive information from leaving their networks, servers, workstations, and even buildings. For some time a product space for ""Extrusion Detection"" products has existed. But now the space is exploding and as tends to happen, security problems abound.
Some ""Extrusion Detections"" products rely on network gateway IPS/IDS approaches, whereas others work in a way more closely resembling host-based IDS/IPS. The main difference is that instead of detecting/preventing malicious information from entering a company's perimeter, they focus on keeping assets *inside*.
We've been evaluating a number of products in this space and have run across a large number of vulnerabilities. They range from improper evidence handling, to inherent design issues, all the way to complete compromise of an enterprise, using the Extrusion Detection framework itself as the vehicle.
…
continue reading
On a less covered, but much more commonplace basis, sensitive
financial data, company secrets, and customer information move in and out of networks and on and off of company systems all the time. Where it goes can be hard to pin down.
How can a company prevent (let alone detect) Alice taking a snapshot of the customer database or financial projections and posting them on internet forums or even dumping them to a floppy disk?
This, understandably, has a lot of people worried.
In response, many organizations have begun looking for technologies to detect and prevent sensitive information from leaving their networks, servers, workstations, and even buildings. For some time a product space for ""Extrusion Detection"" products has existed. But now the space is exploding and as tends to happen, security problems abound.
Some ""Extrusion Detections"" products rely on network gateway IPS/IDS approaches, whereas others work in a way more closely resembling host-based IDS/IPS. The main difference is that instead of detecting/preventing malicious information from entering a company's perimeter, they focus on keeping assets *inside*.
We've been evaluating a number of products in this space and have run across a large number of vulnerabilities. They range from improper evidence handling, to inherent design issues, all the way to complete compromise of an enterprise, using the Extrusion Detection framework itself as the vehicle.
89 episodes
Eric Monti & Dan Moniz: Defeating Extrusion Detection
Black Hat Briefings, USA 2007 [Audio] Presentations from the security conference.
Share
Manage episode 153226742 series 1085097
Content provided by Black Hat/ CMP Media, Inc. and Jeff Moss. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Black Hat/ CMP Media, Inc. and Jeff Moss or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Todays headlines are rife with high profile information leakage cases affecting major corporations and government institutions. Most of the highest-profile leakage news has about been stolen laptops (VA, CPS), or large-scale external compromises of customer databases (TJX).
On a less covered, but much more commonplace basis, sensitive
financial data, company secrets, and customer information move in and out of networks and on and off of company systems all the time. Where it goes can be hard to pin down.
How can a company prevent (let alone detect) Alice taking a snapshot of the customer database or financial projections and posting them on internet forums or even dumping them to a floppy disk?
This, understandably, has a lot of people worried.
In response, many organizations have begun looking for technologies to detect and prevent sensitive information from leaving their networks, servers, workstations, and even buildings. For some time a product space for ""Extrusion Detection"" products has existed. But now the space is exploding and as tends to happen, security problems abound.
Some ""Extrusion Detections"" products rely on network gateway IPS/IDS approaches, whereas others work in a way more closely resembling host-based IDS/IPS. The main difference is that instead of detecting/preventing malicious information from entering a company's perimeter, they focus on keeping assets *inside*.
We've been evaluating a number of products in this space and have run across a large number of vulnerabilities. They range from improper evidence handling, to inherent design issues, all the way to complete compromise of an enterprise, using the Extrusion Detection framework itself as the vehicle.
…
continue reading
On a less covered, but much more commonplace basis, sensitive
financial data, company secrets, and customer information move in and out of networks and on and off of company systems all the time. Where it goes can be hard to pin down.
How can a company prevent (let alone detect) Alice taking a snapshot of the customer database or financial projections and posting them on internet forums or even dumping them to a floppy disk?
This, understandably, has a lot of people worried.
In response, many organizations have begun looking for technologies to detect and prevent sensitive information from leaving their networks, servers, workstations, and even buildings. For some time a product space for ""Extrusion Detection"" products has existed. But now the space is exploding and as tends to happen, security problems abound.
Some ""Extrusion Detections"" products rely on network gateway IPS/IDS approaches, whereas others work in a way more closely resembling host-based IDS/IPS. The main difference is that instead of detecting/preventing malicious information from entering a company's perimeter, they focus on keeping assets *inside*.
We've been evaluating a number of products in this space and have run across a large number of vulnerabilities. They range from improper evidence handling, to inherent design issues, all the way to complete compromise of an enterprise, using the Extrusion Detection framework itself as the vehicle.
89 episodes
All episodes
×
Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.
Similar to Black Hat Briefings, USA 2007 [Audio] Presentations from the security conference.
This feed includes all episodes of Paul's Security Weekly, Enterprise Security Weekly, Business Security Weekly, Application Security Weekly, and Security Weekly News! Your one-stop shop for all things Security Weekly!
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
A weekly podcast show about Indian startups, entrepreneurs, and more! Hosted by Neil Patel & Friends
…
continue reading
Daily update on current cyber security threats
…
continue reading
Get ready for a weekly dose of all things Enterprise Software and Cloud Computing! Join us as we dive into topics including Kubernetes, DevOps, Serverless, Security and Coding. Plus, we’ll keep you entertained with plenty of off-topic banter and nonsense. Don’t worry if you miss the latest industry conference - we’ve got you covered with recaps of all the latest news from AWS, Microsoft Azure, Google Cloud Platform (GCP) and the Cloud Native Computing Foundation (CNCF).
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
Every Friday and Sunday, Slate’s popular daily news podcast What Next brings you TBD, a clear-eyed look into the future. From fake news to fake meat, algorithms to augmented reality, Lizzie O’Leary is your guide to the tech industry and the world it’s creating for us to live in.
…
continue reading
Material is a weekly discussion about the Google and Android universe. Your intrepid hosts try to answer the question, “What holds up the digital world?” The answer, so far, is that it’s Google all the way down. Hosted by Andy Ihnatko and Florence Ion.
…
continue reading
Big tech is transforming every aspect of our world. But how? And at what cost? This season of Land of the Giants – The Twitter Fantasy – will tell the story of Twitter (X) at a crucial moment for the platform, exactly one year after Elon Musk took over. Hosted by Vox senior correspondent Peter Kafka, the four-episode season will survey the company's outsize influence on politics and culture. How did Twitter become the Internet’s town square, for better and for worse? And where is it heading, ...
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
