Original abstract:

Knock Knock … wake up, Neo. Have you ever considered taking the Blue Pill? Being fully compliant, ignoring threats of real life, enjoying warm & fuzzy cyber banalities and just sitting back hoping for trust? Would that not just fix all of our IR problems?

We have been there. We felt good, until our new boss has forced us to try the Red Pill … and we realized how deep the rabbit-hole goes. The Swisscom CSIRT has been redesigned from scratch in 2014, to diverge from a compliance-driven to a threat-driven approach. This has led to new ways of thinking, questioning established methods and introducing innovative ideas.

During this presentation we'll cover organizational as well as technical aspects. This includes pDNS, Red Teaming, Bug Bounty, ChatOps, Threat Intelligence and others. We will share our various experiences, illustrate possible pitfalls and reveal the vulnerabilities of Agent Smith.

Full presentation at prezi.com: