Getting SecOps Foundations Right with Techniques, Tactics, and Procedures Zero (TTP0)

TTP0 is a new community project created by SecOps (Security Operations) practitioners for SecOps practitioners. Just like a blueprint is required to design, build and operate any facility, TTP0 provides the starting point for building or assessing a security program from the ground up. It focuses on resetting the basics of a security program to ensure a solid foundation. SecOps requires a vision, strategy, and tactical abilities to guide the team and thought leadership to demonstrate effectiveness. Is this guidance a governance or regulation requirement, risks evaluation or leader preference? In this talk, Rob Gresham and Ismael Valenzuela will discuss how TTP0 provides the foundation from mission, vision and strategy to aid you in determining which technique is best for the organization, while focusing on individual tactical capabilities along with the procedures that synchronize operations with the business. Using a modular, Lego-based approach,  we will prove how TTP0 can provide the necessary building blocks to design, build and operate from a 2 man SOC team to a 1,000 person SOC entity!

Slides:


Speaking at BlackHat USA 2018

What is best that speaking at BlackHat USA? Doing it twice! I’m excited to announce that I’ll be speaking at BH USA for the 3rd time in the last 3 years. This time, in addition to speaking on how to integrate cyber threat intelligence in Security Operations with my colleague and friend Christiaan Beek, I’ll be presenting the latest version of my rastrea2r open source project at BlackHat Arsenal.

If you’re at BH USA this year, please stop by and say hi!

 

 

 

 

 

 

 

 

BlackHat USA 2018 – https://www.blackhat.com/us-18/presenters/Ismael-Valenzuela.html

BlackHat USA 2017 – https://www.blackhat.com/us-17/sponsored-sessions/Ismael-Valenzuela.html

BlackHat USA 2016 – https://www.blackhat.com/us-16/presenters/Ismael-Valenzuela.html

Slides from my Android Forensics talk at the Symposium for Android Security in Malaga

I have just uploaded to the Papers & Presentations section the slides for my talk on “Latest Advances in Android Forensics” (in Spanish) at the 1st International Symposium for Android Security held in Malaga last week:

Continue reading “Slides from my Android Forensics talk at the Symposium for Android Security in Malaga”