hector
play

Hector Open Source Security Intelligence Platform University of - PowerPoint PPT Presentation

Sep 02, 2023 •489 likes •751 views

Hector Open Source Security Intelligence Platform University of Pennsylvania School of Arts & Sciences Ubani A Balogun & Justin Klein Keane Security Intelligence HECTOR was developed out of a desire to leverage security

  1. Hector Open Source Security Intelligence Platform University of Pennsylvania School of Arts & Sciences Ubani A Balogun & Justin Klein Keane

  2. Security Intelligence ● HECTOR was developed out of a desire to leverage security intelligence ● Goal of a metrics driven security program ○ Very much inspired by Risk.io and Shostack and Stewart's New School of Information Security ● Security intelligence is the infosec analog of business intelligence

  3. Goals ● Spot emerging trends and react to them ● Understand and analyze existing assets ● Compare threat intelligence to infrastructure ● Measure and remediate vulnerability ● Track security expenditure ● Gap Analysis

  4. Data Sources ● Internal incident reporting ● Kojoney2 medium interaction SSH honeypot ● Darknet sensors measure unsolicited traffic ● OSSEC host based intrusion detection ● Extensible scanning architecture (Nmap, Ncrack, Hydra, Nikto, PhantomJS, Bing, etc.) ● RSS feeds of open source information

  5. Big Data ● Structured data is at the core of HECTOR ● Currently powered by a MySQL database ● Live instance has > 3 million records ● Structured data allows for structured analysis ○ Takes a lot of up from planning work

  6. What’s in the mix? ● Twitter Bootstrap ● jQuery ● Chart.js ● jVectorMap ● DataTables ● jQuery Tag Cloud ● More open source goodies...

  7. Dashboard

  8. Incident Reports

  9. Incident Report Analytics Where should I invest security resources?

  10. Incident Insights

  11. Kojoney & Darknet Sensors What do malicious actors want from our systems?

  12. Kojoney Insights

  13. Kojoney Insights

  14. Darknet Insights

  15. Malicious IP Database

  16. Scans What’s on our network?

  17. PhantomJS Scan

  18. Articles

  19. Free Tags Tying all the raw data together

  20. Tag Insights

  21. Other features ● Create Host & Support Groups ● Nessus & other vulnerability scans ● Non admin user profiles ● Footprints integration ● Malware sample collection ● Feature requests always welcome!

  22. Code ● All code is open source ● Tracked via internal GitLab instance ● Public repo at https://github. com/madirish/hector

  23. Contact ● Justin Klein Keane <jukeane@sas.upenn. edu> ● Ubani A Balogun <ubani@sas.upenn.edu>

  24. Questions?

Recommend

HECToR, the CoE and Large- Scale Application Performance on CLE David Tanqueray, Jason

HECToR, the CoE and Large- Scale Application Performance on CLE David Tanqueray, Jason

HECToR, the CoE and Large- Scale Application Performance on CLE David Tanqueray, Jason Beech-Brandt, Kevin Roy*, Martyn Foster, Cray Centre of Excellence for HECToR Topics HECToR The Centre of Excellence Activities CASINO SBLI DLPOLY

463 views • 22 slides
C o ff eeScrip t Hector Correa hector@hectorcorrea.com Monday, June 18, 12 Agenda What is

C o ff eeScrip t Hector Correa hector@hectorcorrea.com Monday, June 18, 12 Agenda What is

A decaf introduction to C o ff eeScrip t Hector Correa hector@hectorcorrea.com Monday, June 18, 12 Agenda What is CoffeeScript Why CoffeeScript Code Samples (client and server side) Q&amp;A Monday, June 18, 12 Whats not in

767 views • 34 slides
A Chabauty-Coleman bound for surfaces in abelian threefolds Hector Pasten Pontificia Universidad

A Chabauty-Coleman bound for surfaces in abelian threefolds Hector Pasten Pontificia Universidad

A Chabauty-Coleman bound for surfaces in abelian threefolds Hector Pasten Pontificia Universidad Cat olica de Chile Joint work with Jerson Caro Columbia Automorphic Forms and Arithmetic Seminar October 02 of 2020 Hector Pasten (PUC)

528 views • 25 slides
Towards Representing What Readers of Fiction Believe Toryn Q. Klassen and Hector J. Levesque and

Towards Representing What Readers of Fiction Believe Toryn Q. Klassen and Hector J. Levesque and

Towards Representing What Readers of Fiction Believe Toryn Q. Klassen and Hector J. Levesque and Sheila A. McIlraith { toryn ,hector,sheila } @cs.toronto.edu Department of Computer Science University of Toronto November 6, 2017 1 / 26 Story

625 views • 26 slides
Hector Spring School 2015 Presentation Notes Slide #1: the photo is of Lookout Mountain which is

Hector Spring School 2015 Presentation Notes Slide #1: the photo is of Lookout Mountain which is

YMCA Calgary Camp Chief Hector Hector Spring School 2015 Presentation Notes Slide #1: the photo is of Lookout Mountain which is the first mountain on your left as you - are driving on the Trans Canada highway to the west - our site is located

477 views • 8 slides
Hector Spring School 2014 Presentation Notes Slide #1: the photo is of Lookout Mountain which is

Hector Spring School 2014 Presentation Notes Slide #1: the photo is of Lookout Mountain which is

YMCA Calgary Camp Chief Hector Hector Spring School 2014 Presentation Notes Slide #1: the photo is of Lookout Mountain which is the first mountain on your left as you - are driving on the Trans Canada highway to the west - our site is located

267 views • 8 slides
Evaluation of Query Rewriting Approaches for OWL 2 Hector Perez-Urbina, Edgar Rodriguez-Diaz,

Evaluation of Query Rewriting Approaches for OWL 2 Hector Perez-Urbina, Edgar Rodriguez-Diaz,

Evaluation of Query Rewriting Approaches for OWL 2 Hector Perez-Urbina, Edgar Rodriguez-Diaz, Michael Grove, George Konstantinidis, and Evren Sirin { hector, edgar, mike, evren}@clarkparsia.com SSWS+HPCSW 2012 Clark &amp; Parsia, LLC

183 views • 16 slides
Course on Automated Planning: Intro to Planning Hector Geffner ICREA &amp; Universitat Pompeu

Course on Automated Planning: Intro to Planning Hector Geffner ICREA &amp; Universitat Pompeu

Course on Automated Planning: Intro to Planning Hector Geffner ICREA &amp; Universitat Pompeu Fabra Barcelona, Spain Hector Geffner, Course on Automated Planning, Rome, 7/2010 1 Planning: Motivation How to develop systems or agents

367 views • 21 slides
Course on Automated Planning: Planning as Heuristic Search Hector Geffner ICREA &amp; Universitat

Course on Automated Planning: Planning as Heuristic Search Hector Geffner ICREA &amp; Universitat

Course on Automated Planning: Planning as Heuristic Search Hector Geffner ICREA &amp; Universitat Pompeu Fabra Barcelona, Spain Hector Geffner, Course on Automated Planning, Rome, 7/2010 1 From Strips Problem P to State Model S ( P ) A Strips

284 views • 9 slides
Course on Automated Planning: Planning as SAT Hector Geffner ICREA &amp; Universitat Pompeu Fabra

Course on Automated Planning: Planning as SAT Hector Geffner ICREA &amp; Universitat Pompeu Fabra

Course on Automated Planning: Planning as SAT Hector Geffner ICREA &amp; Universitat Pompeu Fabra Barcelona, Spain Hector Geffner, Course on Automated Planning, Rome, 7/2010 1 Logics Logics come in many forms and shapes, like propositional

415 views • 22 slides
Skyrama: Art Directing a Social Game Hector Moran Head of Art, Sproing Interactive Media About

Skyrama: Art Directing a Social Game Hector Moran Head of Art, Sproing Interactive Media About

Skyrama: Art Directing a Social Game Hector Moran Head of Art, Sproing Interactive Media About Myself Hector Moran: Head of Art at Sproing Brief Work history Streamline Studios Sproing Various Freelance and teaching gigs

1.02k views • 42 slides
On the effectiveness of Full-ASLR on 64-bit Linux Hector Marco-Gisbert , Ismael Ripoll Universit`

On the effectiveness of Full-ASLR on 64-bit Linux Hector Marco-Gisbert , Ismael Ripoll Universit`

On the effectiveness of Full-ASLR on 64-bit Linux Hector Marco On the effectiveness of Full-ASLR on 64-bit Linux Hector Marco-Gisbert , Ismael Ripoll Universit` at Polit` ecnica de Val` encia (Spain) In-Depth Security Conference (DeepSec)

1.05k views • 62 slides
HECTOR MAGICC is the current way GCAM emissions are

HECTOR MAGICC is the current way GCAM emissions are

HECTOR MAGICC is the current way GCAM emissions are translated into climate changes In-house C ++ version But its old code; difficult to

318 views • 9 slides
On the effectiveness of NX, SSP, RenewSSP and ASLR against stack buffer overflows Hector

On the effectiveness of NX, SSP, RenewSSP and ASLR against stack buffer overflows Hector

On the effectiveness of NX, SSP, RenewSSP and ASLR against stack buffer overflows Hector Marco On the effectiveness of NX, SSP, RenewSSP and ASLR against stack buffer overflows Hector Marco-Gisbert , Ismael Ripoll Universit` at Polit` ecnica

528 views • 35 slides
On Our Best Behaviour Hector J. Levesque Dept. of Computer Science University of Toronto RE

On Our Best Behaviour Hector J. Levesque Dept. of Computer Science University of Toronto RE

. . On Our Best Behaviour Hector J. Levesque Dept. of Computer Science University of Toronto RE Lecture 1 / 30 . . Thanks to my coauthors! Fahiem Bacchus Vaishak Belle Ron Brachman Phil Cohen Ernie Davis Jim Delgrande Giuseppe de

428 views • 14 slides
Down From the Top of Its Game The Story of Infocom, Inc. Hector Briceno, Wesley Chao, Andrew

Down From the Top of Its Game The Story of Infocom, Inc. Hector Briceno, Wesley Chao, Andrew

Down From the Top of Its Game The Story of Infocom, Inc. Hector Briceno, Wesley Chao, Andrew Glenn, Stanley Hu, Ashwin Krishnamurthy, Bruce Tsuchida December 13, 2000 Outline of Presentation Founding and Background Technical

620 views • 30 slides
Bioenergy Prospects in Mexico: Biorefineries at the West Region Hector M. Nu nez Center for

Bioenergy Prospects in Mexico: Biorefineries at the West Region Hector M. Nu nez Center for

Bioenergy Prospects in Mexico: Biorefineries at the West Region Hector M. Nu nez Center for Research and Teaching in Economics Centro de Investigaci on y Docencia Econ omicas CIDE, M exico Nov 14, 2017 35th USAEE/IAEE North

399 views • 20 slides
Hector F . Gonzalez, M.D., M.P .H. Director of Health City of Laredo Health Department

Hector F . Gonzalez, M.D., M.P .H. Director of Health City of Laredo Health Department

Hector F . Gonzalez, M.D., M.P .H. Director of Health City of Laredo Health Department Improper or poor tire disposal can create a countless health and safety problems. The Need: Prevention of vector breeding sources. Eliminate and

620 views • 18 slides
Localization Nischal K N System Overview Mapping Hector Mapping Localization Path Planning

Localization Nischal K N System Overview Mapping Hector Mapping Localization Path Planning

F1/10 th Autonomous Racing Localization Nischal K N System Overview Mapping Hector Mapping Localization Path Planning Control System Overview Mapping Hector Mapping Adaptive Monte Localization Carlo Localization Path Planning

921 views • 61 slides
CAMP CHIEF HECTOR YMCA Sunship Earth CAMP CHIEF

CAMP CHIEF HECTOR YMCA Sunship Earth CAMP CHIEF

CAMP CHIEF HECTOR YMCA Sunship Earth CAMP CHIEF HECTOR YMCA Sunship Earth The Camp Chief Hector YMCA The Camp Chief Hector YMCA is the unique

276 views • 26 slides
Action Selection for MDPs: Anytime AO* vs. UCT Blai Bonet 1 and Hector Geffner 2 1 Universidad

Action Selection for MDPs: Anytime AO* vs. UCT Blai Bonet 1 and Hector Geffner 2 1 Universidad

Action Selection for MDPs: Anytime AO* vs. UCT Blai Bonet 1 and Hector Geffner 2 1 Universidad Sim on Bol var 2 ICREA &amp; Universitat Pompeu Fabra AAAI, Toronto, Canada, July 2012 Online MDP Planning and UCT Offline infinite-horizon MDP

476 views • 21 slides
Factored Probabilistic Belief Tracking Blai Bonet 1 and Hector Geffner 2 1 Universidad Sim on

Factored Probabilistic Belief Tracking Blai Bonet 1 and Hector Geffner 2 1 Universidad Sim on

Factored Probabilistic Belief Tracking Blai Bonet 1 and Hector Geffner 2 1 Universidad Sim on Bol var, Caracas, Venezuela 2 ICREA &amp; Universitat Pompeu Fabra, Barcelona, Spain IJCAI. New York, USA. July 2016. Motivation Partially

407 views • 19 slides
Cray Centre of Excellence for HECToR This talk is not about how to get maximum performance from

Cray Centre of Excellence for HECToR This talk is not about how to get maximum performance from

Thomas Edwards, Kevin Roy Cray Centre of Excellence for HECToR This talk is not about how to get maximum performance from a Lustre file system. Plenty of information about tuning Lustre Performance Previous CUGs Lustre User Groups

778 views • 32 slides
Learning and Representation for Generalized Planning Hector Geffner ICREA &amp; Universitat

Learning and Representation for Generalized Planning Hector Geffner ICREA &amp; Universitat

Learning and Representation for Generalized Planning Hector Geffner ICREA &amp; Universitat Pompeu Fabra Barcelona, Spain Research thread is joint work with Blai Bonet, Guillem Franc` es, Giuseppe de Giacomo, . . . Latest in thread: Learning

649 views • 29 slides

More recommend