Quantcast
Channel: Blog | Dell
Viewing all articles
Browse latest Browse all 8970

Tales from the Black Hat NOC: I’ll Show You Mine, We Can Already See Yours

$
0
0
EMC logo

With the start of Black Hat 2016 merely a day away, white, black, and grey hats from around the world are whetting their appetites – eagerly waiting to show off and consume the fruit of an entire year’s research. Whether for education, research, bragging rights, or mal-intent, the Black Hat network will host anything from basic brute force attacks to the most sophisticated 0-day proof of concepts in volumes not seen anywhere else in the world.

With this level of network chaos forecasted for the next six days, a sophisticated visibility solution is required to gain insite and ensure the conference runs smoothly. And that is exactly what RSA’s Blackhat NOC volunteers are in the process of installing.

The RSA NetWitness Suite will provide full packet capture and session reconstruction, log aggregation, and automated analysis for the 2-4Gbps traversing the Black Hat network. Essentially, the Black Hat NOC is getting a very shiny flashlight for a very dark network.  The NOC analysts, many of whom are RSA volunteers, will use the solution to identify and understand potential attacks against the Black Hat infrastructure over the course of the conference. Just think of it as the NOC team looking over your shoulder, in a reassuring, non-creepy kinda way.

So, to all the hackers and crackers out there… since we will be seeing your work over this next week, we figured it’s only fair to show you ours.

IMG-20160729-WA0002

Black Hat Network Scope:

  • Average input: 2-4 Gbps
  • Input spikes: 10Gbps
  • Retention: 7 days

RSA NetWitness Suite:

  • High performance storage: 190TB
  • Automated executable analysis
  • Layer 2-7 parsing and application layer reconstruction
  • Log ingestion and SIEM functionality
  • Combined network session + log correlation

Happy hunting everybody – let the games begin!

Sincerely, your Black Hat NOC Volunteers

IMG_2092

 

 

The post Tales from the Black Hat NOC: I’ll Show You Mine, We Can Already See Yours appeared first on Speaking of Security - The RSA Blog and Podcast.


Viewing all articles
Browse latest Browse all 8970

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>