Open Source Tooling for Threat Analysis and Attack Surface Management

Explore open source security tools in this 49-minute RSA Conference talk. Discover MYSTICPY for threat hunting with Jupyter Notebooks and Attack Surface Analyzer for attack surface analysis. Learn about Microsoft's contributions to open source security solutions, including Application Inspector and Deb skim. Gain insights into typical users, features, and practical applications of these tools. Understand how to leverage data from various sources, use pandas for analysis, and configure state settings. Access learning resources and engage in a Q&A session. Examine Microsoft's open source contributions, the role of the Microsoft Security Team, and the importance of feedback in product assessments. Suitable for those with a general understanding of cybersecurity terminology.

Introduction
Attack Surface Analyzer
Demo
Typical Users
Features
Application Inspector
Deb skim
Mystic Pie
MysticPie
Mystic Pie Demo
What can you do
Data from anywhere
pandas
state configuration
learning resources
Questions
SASI
Microsoft Open Source Contributions
Microsoft Security Team
Open Source
Feedback
Product Assessments