Scribd Logo
Upload

Welcome to Scribd!

  • How To Respond A Rully

    Uploaded by

    Adnan Qossim
    2 views10 pages
    This document outlines five levels of addressing cybersecurity threats: Level 0 involves basic human instinct and awareness of risk. Level 1 focuses on basic security measures like antivirus and firewalls. Level 2 adds analysis of security logs and events. Level 3 extends detection and response capabilities to endpoints and networks. Level 4 coordinates threat hunting and incident response in a security command center. Level 5 incorporates artificial intelligence to help or fully automate analysis and defense.

    Original Description:

    Original Title

    how_to_respond_a_rully

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document outlines five levels of addressing cybersecurity threats: Level 0 involves basic human instinct and awareness of risk. Level 1 focuses on basic security measures like antivirus and firewalls. Level 2 adds analysis of security logs and events. Level 3 extends detection and response capabilities to endpoints and networks. Level 4 coordinates threat hunting and incident response in a security command center. Level 5 incorporates artificial intelligence to help or fully automate analysis and defense.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    2 views10 pages

    How To Respond A Rully

    Uploaded by

    Adnan Qossim
    This document outlines five levels of addressing cybersecurity threats: Level 0 involves basic human instinct and awareness of risk. Level 1 focuses on basic security measures like antivirus and firewalls. Level 2 adds analysis of security logs and events. Level 3 extends detection and response capabilities to endpoints and networks. Level 4 coordinates threat hunting and incident response in a security command center. Level 5 incorporates artificial intelligence to help or fully automate analysis and defense.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 10

    Challenges in

    Cybersecurity
    Implementation
    How to address
    How to respond
    to THREAT

    By A. Rully
    • Security Related
    Word Cloud
    Five Level of Addressing Threat

    Level 0: Level 1: Level 2:


    Instinct Basic Analysis

    Level 3: Level 4: Level 5:


    Extended Center AI
    L0: Human Instinct
    • Living in digital world, but:
    • Unaware of the risk
    • Aware but don’t care
    • Aware and prepare something
    • Just live up with the risk
    L1: Basic Security
    • Malware detection and prevention • Support System
    • Anti-Virus • NAC
    • Perimeter defense • IAM
    • FW • AM
    • IDS • VA/VM
    • WAF • etc
    • IPS
    • Anti-DDOS
    • etc
    L2: Analysis of Security Related Information

    • Log analysis (segmented/individual)


    • syslog, winlog, any log that have security implications
    • Security Information and Event Management (SIEM)
    • Gather all log and information related to security
    L3: Extended Detection & Response
    • Incident Response (start from Morris Worm)
    • First CSIRT in Carnegie University in 1988
    • Extended Detection and Response (XDR)
    • Endpoint Detection and Response (EDR)
    • Network Detection and Response (NDR)
    L4: SCC (Security Command Center)

    • Consolidate threat hunting with human analysts


    • Attack vector mapping
    • Attack Detection
    • Malware analysis
    • Center for Incident Detection and Response
    • Security components are coordinated and orchestrated
    • Some parts are automated
    L5: Goes AI (ML)
    • AI help security/incident analyst
    • Augment human analysis: Generative AI ((LLM)
    • Automated defense
    • Fully AI (when?)
    • Arm race with attacker
    Which level
    are you?

    You might also like