Dracon

Presented at DEF CON 31 (2023), Aug. 11, 2023, noon (115 minutes)

Dracon is an open-source Application and Cloud security automation framework that helps organizations create security workflows and improve their security posture. Dracon can run a wide range of security tools against any target, and it can deduplicate and enrich the results of those tools with contextual or regulatory information. Dracon can then send the enriched results to any visualization or data processing tool. Here are some of its key features: Automated security workflows: Dracon can automate the execution of security tools and the aggregation of results, which saves both time and effort. Scalable and flexible: Dracon is both scalable and flexible with a wide array of existing integrations and more on the way, Dracon integrates seamlessly with any exisitng toolset. Open source: Dracon is open-source platform, which means that it is free to use and modify.

Presenters:

• Spyros Gasteratos
  Spyros is a Security Engineer with over a decade of experience in various organisations. Currently, he is helping Fintechs mature their AppSec programmes through automation. He maintains several Open Source projects including Dracon, opencre.org and others. Also, he is heavily involved with the OWASP foundation helping with outreach and diversity efforts.

Similar Presentations:

• Texas Cyber Summit 2019 / BT-1050 Shining a Light on Shadow IT in the Cloud
• BSidesLV 2017 / One OSINT Tool to Rule Them All
• Blue Team Con 2022 / Why I Keep Building My Security On Open Source Year After Year