Security Intelligence

Edoardo Morassutto - 5CIA

https://slides.com/edomora97/sistemi/live

Security Intelligence Operations

  • SensorBase
  • Threat Operations Center
  • Dynamic Updates

Sensor Base

  • Data collected by CISCO devices
  • Over than 4TB of daily data
  • Over than 13 billion requests per day
  • Consider old data

Threat Operations Center

  • Machine Learning
  • Globally distributed

Follow the sun

Follow the moon

Dynamic Updates

  • CISCO Firewalls, IPS, Mail filters, ecc..
  • Every 3 to 5 minutes
  • Few and precise data

Some examples

  • A lot of sites that share the same Javascript hosted in Russia
  • Pages that cheat crawlers
  • Good reputation sites infected

</slides>

Edoardo Morassutto

Quinta C Informatica

ITST J.F. Kennedy - Pordenone

Source:

CISCO Network Accademy presentation by Rush Carskadden

Made with Slides.com