Knowledge18 – Can You Prevent the Breach?

I had the opportunity to attend the Knowledge18 conference this past week, and from the registration to closing, I’ve never been to a show that’s had so much energy.

Knowledge18 staff would start the morning with a DJ playing music and with the staff energetically greeting attendees/sponsors while moving to the music. The Tripwire booth also had quite a unique scene where we tied ServiceNow’s ticketing to Willy Wonka’s chocolate factory giving out golden tickets.

I had the honor of being the world’s tallest Oompa Loompa at 6’3 – or it could be explained that similar to how the camera adds 10lbs, it also cuts off 3ft.

Mike TeeVee and myself were able to sneak away for a few sessions ranging from vulnerabilities in a CMDB to an attack simulation of trying to prevent a breach. Before you ask, the answer is yes, I was in full Oompa Loompa costume for the whole thing.

If you attended any sessions on May 10^th, you may of also ran into Willy Wonka as well. Out of all the great sessions I was able to attend, the attack simulation definitely stole the show in my eyes.

The attack simulation was aptly named “Can you prevent the breach?” For it, we used ServiceNow to work against a slew of attacker bots with defender bots to assist.

There were automated tickets being created for ServiceNow. You had to correctly diagnose the ticket for points, where the wrong answer resulted in losing points. The tickets were things like a CPU spike with a possible DDoS attack or data being transferred off the network; you had to figure out whether it was a false positive or not. The attacker bots resulted in tickets involving the exploitation of vulnerabilities or even an insider threat you had (Read more...)