38

45th_TF-CSIRT_Meeting_CSUC_Poznan_2014

Tags:

Embed Size (px)

Citation preview

Page 1: 45th_TF-CSIRT_Meeting_CSUC_Poznan_2014
Page 2: 45th_TF-CSIRT_Meeting_CSUC_Poznan_2014

CSUC-CSIRT: Security services for Catalan R&E community

[email protected]@jordiguijarro@cloudadms

Poznan, 21/05/2015

Page 3: 45th_TF-CSIRT_Meeting_CSUC_Poznan_2014
Page 4: 45th_TF-CSIRT_Meeting_CSUC_Poznan_2014

Agenda

Introduction Introduction CSUC-CSIRT Context Our ServicesEcosystem of toolsIn the near futureQ&A

Page 5: 45th_TF-CSIRT_Meeting_CSUC_Poznan_2014

New Catalan Universities services consortium (formerly known as CESCA)

Page 6: 45th_TF-CSIRT_Meeting_CSUC_Poznan_2014

OUR VISION

Page 7: 45th_TF-CSIRT_Meeting_CSUC_Poznan_2014

Focused to Research and Education agents

Page 8: 45th_TF-CSIRT_Meeting_CSUC_Poznan_2014

Focused to Research and Education agents

Page 9: 45th_TF-CSIRT_Meeting_CSUC_Poznan_2014

Regional R&E Networks

Page 10: 45th_TF-CSIRT_Meeting_CSUC_Poznan_2014

Our services

Page 11: 45th_TF-CSIRT_Meeting_CSUC_Poznan_2014
Page 12: 45th_TF-CSIRT_Meeting_CSUC_Poznan_2014

“CSUC” and Security

Serveis

In Operation from 2003Services

• Equip de Resposta a Incidents de l'Anella Científica (ERIAC)

•Proactive detection

•Incident Handling

•Network focused

Listening to the NET: SMARTxAC

ERIAC: Security Response Team

SMARTxAC

Page 13: 45th_TF-CSIRT_Meeting_CSUC_Poznan_2014

Security Services: CSUC-CSIRT

http://www.csuc.cat/en/communications/security/incident-response-team

Page 14: 45th_TF-CSIRT_Meeting_CSUC_Poznan_2014

Security incidents statistics

2012 2013 2014

Abusive content 40% 20% 33%

Availability 2% 5% 6%

Fraud 7% 14% 7%

Malware 19% 27% 24%

Information rec.. 4% 5% 4%

Data Security 5% 5% 2%

Intrusion 4% 2% 6%

Intrusion Attempt 16% 8% 8%

Other 3% 12% 10%

Total Crítical High Medium Low

2012 660 2% 11% 19% 68%

2013 410 3% 4% 13% 79%

2014 689 12% 2% 10% 76%

0

20

40

60

80

100

120

140

G F M A M J J A S O N D

Page 15: 45th_TF-CSIRT_Meeting_CSUC_Poznan_2014

¿Inside our DNA?

Page 16: 45th_TF-CSIRT_Meeting_CSUC_Poznan_2014

NOW -> CERTSI

Collaboration

Page 17: 45th_TF-CSIRT_Meeting_CSUC_Poznan_2014

Collaboration

Page 18: 45th_TF-CSIRT_Meeting_CSUC_Poznan_2014

New challenges - “Hybrid Clouds”

Page 19: 45th_TF-CSIRT_Meeting_CSUC_Poznan_2014
Page 20: 45th_TF-CSIRT_Meeting_CSUC_Poznan_2014

Ecosystem of tools

Page 21: 45th_TF-CSIRT_Meeting_CSUC_Poznan_2014

HOMEMADEFEEDS

HUB

Ecosystem of tools

Page 22: 45th_TF-CSIRT_Meeting_CSUC_Poznan_2014

Nfsen + Cymru “power” -> Flow Sonar

Page 23: 45th_TF-CSIRT_Meeting_CSUC_Poznan_2014

Logs correlation

Page 24: 45th_TF-CSIRT_Meeting_CSUC_Poznan_2014

External feeds placed together

Page 25: 45th_TF-CSIRT_Meeting_CSUC_Poznan_2014

External feeds placed together

Page 26: 45th_TF-CSIRT_Meeting_CSUC_Poznan_2014

SmartxAC Platform

SMARTxAC is the collaboration between UPC BarcelonaTech (CCABA) and CSUC

Page 27: 45th_TF-CSIRT_Meeting_CSUC_Poznan_2014

Architecture

Page 28: 45th_TF-CSIRT_Meeting_CSUC_Poznan_2014

Apps detection

Page 29: 45th_TF-CSIRT_Meeting_CSUC_Poznan_2014

Apps Classification

Page 30: 45th_TF-CSIRT_Meeting_CSUC_Poznan_2014

Top N

Page 31: 45th_TF-CSIRT_Meeting_CSUC_Poznan_2014

Autozoom

Page 32: 45th_TF-CSIRT_Meeting_CSUC_Poznan_2014

Security anomalies detection

Page 33: 45th_TF-CSIRT_Meeting_CSUC_Poznan_2014

Flows search

Page 34: 45th_TF-CSIRT_Meeting_CSUC_Poznan_2014

Eyes for our constituency

Page 35: 45th_TF-CSIRT_Meeting_CSUC_Poznan_2014

HOMEMADEFEEDS

HUB

Proactive monitoring workflow and tools

Page 36: 45th_TF-CSIRT_Meeting_CSUC_Poznan_2014

Close to University (be viral!)

Master in Security Technologies

Page 37: 45th_TF-CSIRT_Meeting_CSUC_Poznan_2014

Near Future

New Audit Services New Audit Services RT → RTIRMore focus to DNS DDOS 'headache'

And continuously listening the NET ;-)

Page 38: 45th_TF-CSIRT_Meeting_CSUC_Poznan_2014

Dzięki!Dzięki!Thanks!Thanks!Gracias!Gracias!Gràcies! Gràcies! [email protected] ([email protected])

Q & A time

Note: ERI -> CSIRT in Catalan


Physical Modelling Synthesis Overview

Physical Modelling Synthesis Overview

Documents
One Flew Over the Cuckoo's Nest

One Flew Over the Cuckoo's Nest

Documents
Who Killed God

Who Killed God

Documents
Improve the Color Quality Of Your Monitor

Improve the Color Quality Of Your Monitor

Documents
Steve Jobs' Commencement Speech at Stanford

Steve Jobs' Commencement Speech at Stanford

Documents
Personality Development

Personality Development

Documents
Rubik's cube solution

Rubik's cube solution

Documents
I Am a Holocaust Denier and I Am Unafraid

I Am a Holocaust Denier and I Am Unafraid

Documents
The Dutch Republic In International Trade

The Dutch Republic In International Trade

Documents
Life Is Just A Dream - Or Is It?

Life Is Just A Dream - Or Is It?

Documents
Chapter 24

Chapter 24

Documents
Chapter 23

Chapter 23

Documents
Barclays1

Barclays1

Documents
Venture Capital

Venture Capital

Documents
Oedipus The King: The Ideal Tragic Play

Oedipus The King: The Ideal Tragic Play

Documents
Explore The Levels of Creation

Explore The Levels of Creation

Documents
How Computer Monitors Work

How Computer Monitors Work

Documents
European Colinization of Latin America

European Colinization of Latin America

Documents
Chapter-01

Chapter-01

Documents
Jan Van Eyck and the Man In A Red Turban

Jan Van Eyck and the Man In A Red Turban

Documents
Heidegger Kritik

Heidegger Kritik

Documents
Fortran

Fortran

Documents
Disclaimer

Disclaimer

Documents
The Last Carnival I Ever Saw

The Last Carnival I Ever Saw

Documents
Compressing And Decompressing Folders

Compressing And Decompressing Folders

Documents
Aesops Fables

Aesops Fables

Documents
Plato - Symposium

Plato - Symposium

Documents
Introduction to Six Sigma

Introduction to Six Sigma

Documents
United States Constitution

United States Constitution

Documents
Star Wars Trivia!

Star Wars Trivia!

Documents