Firewalls, Network access control systems (NACs), Intrusion detection/prevention systems (IDS/IPS), dynamic malware analysis, endpoint security, two-factor authentication, application firewalls, sandboxes, decoys, security information and event management systems (SIEMs)… mitigation strategies have their own set of strengths and weakness. This “roundtable” session explains the current toolset to mitigate cyber-threats.


  • Worst case scenario
  • Security truisms
  • Blacklists
    • IP blacklists
    • Anti-malware defences
    • URL filtering (… and ad blocking too)
    • Block mail SPAM and spoofs
    • Application firewalls
  • Whitelists
    • NAC
    • Firewalls and access-lists
    • Application whitelisting
    • Application firewalls
    • Web content filtering
  • Better authentication
    • strong passphrases
    • certificates
    • cryptography
    • multi-factor authentication
    • permissions and the ‘need to know’ rule
    • admins (locale & domain) and roots
    • audit
  • Manage your assets
    • patch operating systems and applications
    • perform vulnerability scans
    • harden OS and application configurations
    • maintain a ‘master’ system image bank
    • backup and disaster recovery
    • keep detailed logs and network traffic captures
  • Misbehave i the new malware
    • New rule: do not block
    • Sandboxes and dynamic analysis
    • Honeypots and decoys
    • Exploit mitigation tools
    • Centralized log collection and analysis (aka SIEM)
    • Network/host-based anomaly detection
    • Heuristic A/V and HIPS
  • It’s all about the people
    • New profession: network analyst
    • User education
    • Skill assessment and training (of security teams)
    • Secure coding for developers
    • Penetration test


Main Speaker

Gil Rozenberg
Gil Rozenberg RedPill