top level domain incident response recovery checklist
play

Top Level Domain Incident Response Recovery Checklist - PowerPoint PPT Presentation

Jan 02, 2023 •113 likes •209 views

Top Level Domain Incident Response Recovery Checklist Dave Piscitello VP Security and ICT Coordina7on ICANN Collabora7ve Effort ICANN

  1. Top ¡Level ¡Domain ¡Incident ¡ Response ¡“Recovery” ¡Checklist ¡ ¡ ¡ Dave ¡Piscitello ¡ VP ¡Security ¡and ¡ICT ¡Coordina7on ¡ ICANN ¡

  2. Collabora7ve ¡ ¡ Effort ¡ • ICANN ¡security ¡ team ¡ • MarkMonitor ¡ • The ¡affected ¡ registry ¡ opera7ons ¡staff ¡ • NSRC ¡ • Farsight ¡ hEps://www.flickr.com/photos/slagheap/ ¡

  3. Disclaimers ¡ • High ¡level: ¡ ¡ We ¡Are ¡ ¡ Not ¡ ¡ – not ¡exhaus7ve ¡ AEorneys ¡ • Not ¡legal ¡advice ¡ ¡ • Not ¡a ¡policy ¡document ¡ but we know 
 our tech…

  4. Guidelines ¡ • List ¡of ¡ac7ons ¡a ¡registry ¡operator ¡should ¡ consider ¡if ¡an ¡authorita7ve ¡name ¡service ¡is ¡ compromised ¡ ¡ Immediate ¡ Interim ¡ Long ¡term ¡

  5. What ¡we ¡ cover ¡ • Inves7ga7ons ¡Basics ¡ – Preserving ¡the ¡scene ¡ – Basic ¡forensics ¡ – Repor7ng ¡criminal ¡acts ¡ ¡ hEps://www.flickr.com/photos/projectexplora7on/ ¡

  6. Restoring ¡ Service ¡ • Building ¡from ¡scratch ¡ ¡ while ¡“hardening” ¡ ¡ during ¡this ¡process ¡ • Recovery ¡or ¡restora7on ¡ ¡ hEps://www.flickr.com/photos/buildingblog/ ¡ of ¡other ¡affected ¡services ¡ • Event ¡monitoring ¡ considera7ons ¡ • Intrusion ¡detec7on ¡and ¡ mi7ga7on ¡considera7ons ¡ hEps://www.flickr.com/photos/mosmanlibrary/ ¡

  7. Improvement ¡ Mistakes ¡ have ¡the ¡ ¡ power ¡to ¡ turn ¡you ¡ into ¡ ¡ something ¡ beEer ¡than ¡ before ¡

  8. Call ¡for ¡ Backup ¡ • ICANN ¡ISSSR ¡may ¡ ¡ be ¡able ¡to ¡assist ¡you ¡ directly ¡ ¡ • Or ¡we ¡can ¡invite ¡ ¡ hEps://www.flickr.com/photos/donkeyhotey/ ¡ trusted ¡experts ¡ • Assistance ¡may ¡already ¡be ¡in ¡place ¡ – OpSec ¡community ¡already ¡monitors ¡most ¡of ¡DNS ¡ infrastructure ¡

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Above My Pay Grade: Incident Response at the National Level Jason Healey Atlantic Council

Above My Pay Grade: Incident Response at the National Level Jason Healey Atlantic Council

Above My Pay Grade: Incident Response at the National Level Jason Healey Atlantic Council Traditional Incident Response But at the national level, incident response is a different game Implications for Misunderstandings between geeks and

541 views • 27 slides
Incident Response & Evidence Incident Response & Evidence Incident Response &

Incident Response & Evidence Incident Response & Evidence Incident Response &

Incident Response & Evidence Incident Response & Evidence Incident Response & Evidence Incident Response & Evidence Management Management Management Management CIPS Brandon Chapter November 28 2002 Dr. Marc Rogers PhD,

629 views • 27 slides
GE Incident Response Insight Awareness Advantage Sean Mason Director, Incident Response

GE Incident Response Insight Awareness Advantage Sean Mason Director, Incident Response

GE Incident Response Insight Awareness Advantage Sean Mason Director, Incident Response Investing in new talent & capabilities Incident response Cyber intelligence Digital forensics Security architecture Identity management

609 views • 42 slides
Incident Response to Social Engineering Attacks: Domain Hijacking Ramses Martinez Director of

Incident Response to Social Engineering Attacks: Domain Hijacking Ramses Martinez Director of

Incident Response to Social Engineering Attacks: Domain Hijacking Ramses Martinez Director of Information Security Date: June 22, 2010 Background More and more attacks are exploiting business logic using social engineering attacks. Low

425 views • 15 slides
Incident Response: Goals of Incident Management Steps to Preparation Risk Assessment

Incident Response: Goals of Incident Management Steps to Preparation Risk Assessment

6/19/2015 Incidents Are Not Necessarily Emergencies Incident Laboratory Incidences and An event thats likely to have adverse consequences Emergency Response Programs Emergency Unanticipated circumstances resulting in

564 views • 5 slides
Introduction to Incident Response Renana Friedlich, National Incident Response Leader March 2016

Introduction to Incident Response Renana Friedlich, National Incident Response Leader March 2016

Introduction to Incident Response Renana Friedlich, National Incident Response Leader March 2016 Agenda Evaluation of Cybersecurity risks The attackers playbook Case study What can you do today Page 2 Evaluation of

622 views • 12 slides
BIRT BIRT Liaisons Incident Response Incident Follow-Up Q&A 1 2 PURPOSE OF

BIRT BIRT Liaisons Incident Response Incident Follow-Up Q&A 1 2 PURPOSE OF

5/20/2014 COURSE OUTLINE Purpose Building Incident Response Team Expectations BIRT BIRT Liaisons Incident Response Incident Follow-Up Q&A 1 2 PURPOSE OF BIRT PURPOSE OF BIRT Prepare units to respond to a

342 views • 4 slides
Incident Response and Information Sharing A Practical Approach Rapha el Vinot - TLP:GREEN May

Incident Response and Information Sharing A Practical Approach Rapha el Vinot - TLP:GREEN May

Incident Response and Information Sharing A Practical Approach Rapha el Vinot - TLP:GREEN May 22, 2015 The Computer Incident Response Center Luxembourg (CIRCL) is a government-driven initiative designed to provide a systematic response

407 views • 13 slides
Agile Incident Response: Operating through Ongoing Confrontation Kevin Mandia Who Am I?

Agile Incident Response: Operating through Ongoing Confrontation Kevin Mandia Who Am I?

Agile Incident Response: Operating through Ongoing Confrontation Kevin Mandia Who Am I? Professorial Lecturer Carnegie Mellon University 95-856 Incident Response Master of Information System Management The George Washington

1.29k views • 60 slides
BALTIC SEA MARITIME INCIDENT RESPONSE GROUP PROJECT BALTIC SEA MARITIME INCIDENT RESPONSE GROUP

BALTIC SEA MARITIME INCIDENT RESPONSE GROUP PROJECT BALTIC SEA MARITIME INCIDENT RESPONSE GROUP

BALTIC SEA MARITIME INCIDENT RESPONSE GROUP PROJECT BALTIC SEA MARITIME INCIDENT RESPONSE GROUP PROJECT MIRG OOERATIONAL GUIDELINES The project developed the following operational guidelines: 1. Assessing the Safety Status of a Vessel

598 views • 16 slides
Planning for the Worst: The Role of Incident Response, Before Youve Had an Incident Sponsored

Planning for the Worst: The Role of Incident Response, Before Youve Had an Incident Sponsored

Planning for the Worst: The Role of Incident Response, Before Youve Had an Incident Sponsored By: Planning for the Worst: The Role of Incident Response, Before Youve Had an Incident Visit www.advisenltd.com at the end of this webinar to

498 views • 18 slides
UHN Recovery Planning for Programs: Principles and Checklist Clinical Activity Working Group

UHN Recovery Planning for Programs: Principles and Checklist Clinical Activity Working Group

UHN Recovery Planning for Programs: Principles and Checklist Clinical Activity Working Group Executive Lead: Fayez Quereshy Co-Chairs: Terri-Stuart McEwan, Barry Rubin Process to develop a UHN-wide Clinical Activity Recovery Plan as of April 27,

348 views • 6 slides
Post-Expira,on Domain Name Recovery PDP WG ICANN

Post-Expira,on Domain Name Recovery PDP WG ICANN

Post-Expira,on Domain Name Recovery PDP WG ICANN San Francisco March 2011 Background To what extent should registrants be able to reclaim their domain names after they

389 views • 21 slides
Detection and Incident Response With osquery Javier Marcos @javutin $ whoami Security

Detection and Incident Response With osquery Javier Marcos @javutin $ whoami Security

Detection and Incident Response With osquery Javier Marcos @javutin $ whoami Security Engineer/Incident Responder Open source contributor (github.com/javuto) Former IBM, Facebook, Uber and Airbnb Current BitMEX Agenda Part 1:

981 views • 59 slides
PhiGARo: Automatic Phishing Detection and Incident Response Framework Martin Husk, Jakub

PhiGARo: Automatic Phishing Detection and Incident Response Framework Martin Husk, Jakub

PhiGARo: Automatic Phishing Detection and Incident Response Framework Martin Husk, Jakub egan {husakm|cegan}@ics.muni.cz ECTCM 2014 Fribourg, Switzerland Outline Introduction, Phishing incident response, PhiGARo (phishing

270 views • 23 slides
Cyber Up! Digital Forensics & Incident Response Tobi West Principal Investigator Coastline

Cyber Up! Digital Forensics & Incident Response Tobi West Principal Investigator Coastline

Cyber Up! Digital Forensics & Incident Response Tobi West Principal Investigator Coastline College NSF Grant Award #1800999 Agenda Background on Coastline College Need for Incident Response Professionals Overview Advisory

571 views • 14 slides
TECHNOLOGY PLYMOUTH PUBLIC SCHOOLS 2017-2018 INTRODUCTIONS cc: Larah McElroy -

TECHNOLOGY PLYMOUTH PUBLIC SCHOOLS 2017-2018 INTRODUCTIONS cc: Larah McElroy -

TECHNOLOGY PLYMOUTH PUBLIC SCHOOLS 2017-2018 INTRODUCTIONS cc: Larah McElroy - https://www.flickr.com/photos/9028010@N03 AGENDA Virtual Reality/STEAM Elementary Technology Curriculum Middle School Technology Standards Resource

611 views • 35 slides
Class of 2019 Innovation Academy Rapid Fire Project Presentations Transforming Local Government

Class of 2019 Innovation Academy Rapid Fire Project Presentations Transforming Local Government

Class of 2019 Innovation Academy Rapid Fire Project Presentations Transforming Local Government Conference 1 cc: Charlottes Photo Gallery https://www.flickr.com/photos/63546643@N04 About the Innovation Academy OUR SIGNATURE CIRRICULUM

646 views • 49 slides
Cross University Collaboration Howard Errey @howard61 howard.errey@rmit.edu.au View

Cross University Collaboration Howard Errey @howard61 howard.errey@rmit.edu.au View

Cross University Collaboration Howard Errey @howard61 howard.errey@rmit.edu.au View presentation at http://bit.ly/1EuMRAO Projects If you climb on top of a job, trying to master it, the work will suffocate. Let it take you, play with it,

572 views • 30 slides
Modelling Confidence in Extraction of Place Tags from Flickr Omair Z Chaudhry 1 , William A

Modelling Confidence in Extraction of Place Tags from Flickr Omair Z Chaudhry 1 , William A

Modelling Confidence in Extraction of Place Tags from Flickr Omair Z Chaudhry 1 , William A Mackaness 2 1 Manchester Metropolitan University, Chester Street, Manchester Tel.+44 (0) 161 247 1574 Email: O.Chaudhry@mmu.ac.uk 2 University of

407 views • 7 slides
New Library Spaces Flickr Commons / The Edge Anna Raunik MetLib 2010 Queensland memory: today

New Library Spaces Flickr Commons / The Edge Anna Raunik MetLib 2010 Queensland memory: today

New Library Spaces Flickr Commons / The Edge Anna Raunik MetLib 2010 Queensland memory: today for tomorrow Increase visibility of State Library online content http://www.flickr.com/commons Increasing the visibility of SLQ online content

657 views • 50 slides
Altmetrics and the evolution of scholarly impact assessment Lily Troia | Altmetric | August 2017

Altmetrics and the evolution of scholarly impact assessment Lily Troia | Altmetric | August 2017

Altmetrics and the evolution of scholarly impact assessment Lily Troia | Altmetric | August 2017 lily@altmetric.com | @lilytroia altmetrics Indicators of online engagement that complement traditional citation impact metrics. Wh What does

836 views • 54 slides
C User Guide C Introduction to Flickr What is Flickr? How do I create my account?

C User Guide C Introduction to Flickr What is Flickr? How do I create my account?

BRCC Flickr Site C User Guide C Introduction to Flickr What is Flickr? How do I create my account? Uploading photos Joining the Bognor Regis Camera Club Group Flickr site-based competitions C What is Flickr?

516 views • 20 slides
Photo by woodleywonderworks - Creative Commons Attribution License

Photo by woodleywonderworks - Creative Commons Attribution License

Photo by woodleywonderworks - Creative Commons Attribution License https://www.flickr.com/photos/73645804@N00 Created with Haiku Deck Animoto Video: Tournament Photos http://video214.com/play/aI15Aa4bqP8BJXEM1dQ8Tg /s/dark Photo by

556 views • 29 slides

More recommend