Lecture: OpenData for IT security
In the last years, we encountered a multitude of scanning data (shodan, censys.io, ...) which helps us understand the internet. While this data is fantastic and the progress in scanning technology is mind-boggling, however, this data might be somewhat difficult in a privacy sense. Especially when IP addresses are to be considered PII data.
Knowing how "unhealthy" or vulnerable a network is, is doubtfully very valuable information for CERTs and people interested in maintaining a healthy and well functioning internet. CERTs need to know this in order to "clean up".
The presenter will explain an open source ETL data processing pipeline which allows us to fetch, process, aggregate IT security data and feed it into analytics engines which allows us to gain interesting insights - even only on aggregated data!
This concept is not new. The health sector has years of experience with aggregated statistics and epidemiology. Is it time to use these ideas in IT security / in the internet?
This talk will show how to use (privacy insensitive) aggregated data to get a good picture of "Internet health".
Keywords: cybergreen, internet health, IT security