En Málaga o en Nueva York: Cómo ‘hackear’ tu carrera en ciberseguridad (Spanish)

Presentado en CyberCamp 18, Málaga, el 30 de Noviembre de 2018 (ver agenda y ponentes)

Full recording of the presentation in English: https://www.youtube.com/watch?v=bUaVt3rjSwc&t=6991s (my talk starts at minute ’59).

Si hace 20 años, cuando trabajaba como desarrollador web para una pequeña ‘.com’ en Málaga, me hubiesen dicho que tendría la oportunidad de diseñar, construir y gestionar el programa de ciberseguridad de la red hospitalaria de la ciudad de Nueva York, el de un Banco en Dubai o el de una empresa de software con sede en Sydney, presentar mis proyectos en BlackHat, diseñar productos de seguridad para McAfee, liderar iniciativas de seguridad en Intel y formar a profesionales de Microsoft, Amazon, NASA o FBI, ¿qué crees que habría pensado? Obviamente… ¡que era imposible!

Pero, ¿no es en eso en lo que consiste la filosofía ‘hacker’? Hacer posible, lo imposible. Y todo empieza por ‘hackearte’ a ti mismo, crear tus oportunidades y sacar el máximo provecho de aquellas que se presentan. ¿Quieres saber cómo? En esta sesión compartiré recomendaciones y experiencias útiles, tanto para aquellos que quieren desarrollar su carrera en ciberseguridad, como aquellos que quieren impulsarla y desarrollar todo su potencial.

Slides:


Grabación completa del día Viernes, 30 de Noviembre. Mi presentación comienza en el minuto ’59:

Entrevista en el Diario Sur con motivo de la conferencia:

https://www.diariosur.es/tecnologia/ismael-valenzuela-estar-20181201222152-nt.html

Getting SecOps Foundations Right with Techniques, Tactics, and Procedures Zero (TTP0)

TTP0 is a new community project created by SecOps (Security Operations) practitioners for SecOps practitioners. Just like a blueprint is required to design, build and operate any facility, TTP0 provides the starting point for building or assessing a security program from the ground up. It focuses on resetting the basics of a security program to ensure a solid foundation. SecOps requires a vision, strategy, and tactical abilities to guide the team and thought leadership to demonstrate effectiveness. Is this guidance a governance or regulation requirement, risks evaluation or leader preference? In this talk, Rob Gresham and Ismael Valenzuela will discuss how TTP0 provides the foundation from mission, vision and strategy to aid you in determining which technique is best for the organization, while focusing on individual tactical capabilities along with the procedures that synchronize operations with the business. Using a modular, Lego-based approach,  we will prove how TTP0 can provide the necessary building blocks to design, build and operate from a 2 man SOC team to a 1,000 person SOC entity!

Slides:


Intelligence Driven Defense: Successfully Embedding Cyber Threat Intel in Security Operations

“I thought all I had to do was show the data and people would understand. It doesn’t work. You have to tell a story” – Cliff Stoll.

Easier said than done, right? Being able to tell a compelling story that can answer key questions like: who is attacking us, what is their motivation, were they here before, how do they operate, what is the impact to our business, and will they come back, should be one of the ultimate goals of any effective blue team. However, being successful at embedding cyber threat intel in SecOps require something else: maintaining a solid understanding of the environment we are defending, as well as a systematic way to identify and prioritize applicable threats and assess impact, so we can respond appropriately to these attacks.

In this talk, Ismael Valenzuela, Certified SANS Instructor and GSE #132, will share lessons learned and practical tips on how blue teams can not only consume but also produce actionable and contextual threat intelligence using tools, processes, models and taxonomies that are available to the community.

Slides: