KNOWLEDGE SERIES

Active Defense: an holistic approach for defense quick wins

Vitor Ventura
Research Lead, Manager EMEA & Asia Outreach Team,
CISCO Talos

Vitor Ventura is a Cisco Talos security researcher and manager of the EMEA and Asia Outreach team. As a researcher, he investigated and published various articles on emerging threats. Most of the day Vitor is hunting for threats, reversing them but also looking for the geopolitical and/or economic context that better suits them. Vitor has spoken in conferences, like LabsCon, VirusBulletin, NorthSec, Recon, Recon Bruxels, Defcon’s Crypto and Privacy Village, among others. Prior to that he was IBM X-Force IRIS European manager and lead incident responder, and at IBM X-Force RED where he was a lead penetration tester. Vitor holds a BSc in Computer Science and multiple security related certifications like GREM (GIAC Reverse Engineer Malware), CISM (Certified Information Security Manager).

Not all steps in the cyber security roadmap are complex and involve the deployment of huge and cumbersome processes or tools. Some quick wins are possible by having an active defense posture, where the defenders actively use threat intelligence and their own environment telemetry to uncover potential compromises, is the next stage in the cyber security maturity road. Instead of waiting for detections to trigger, defenders can take initiative and hunt down threat actors inside their environment, putting a halt to their malicious activities before they can fully accomplish their goals.