It sometimes seems to me that a lack of data is not the issue when patrolling your networks for signs of evil badness… it is quite the opposite – operating systems, security logs and other sources are drowning us in data which we don’t leverage. This talk from DerbyCon 2015, “Intrusion Hunting for the Masses – A Practical Guide” really opened my eyes to a number of ways to leverage data that we already have to look for signs of sophisticated intrusions early in the kill chain. If you manage infosec for your organization or are in the bad guy hunting business, I highly recommend this information and idea packed 45 minute talk by Dave Sharpe (@sharpesecurity). I love stuff like this – you don’t have to make huge investments in new hardware or software to do this kind of analysis and the potential payoffs are pretty big. Best con-talk I have watched in a long time.
RSS - Posts