Friday, October 9, 2020

2020 CyberDefense Summit

My take away from the talks from today:


Carson Zimmerman 

Keynote: Taking Your Detection Program to the Next Level

Engineering is difficult - stop lying to yourself and others about what the SOC needs to engineer, and 

engineer those items.


Don Murdoch

Building the Better Playbook: Techniques to Improve Repeatability

Build your playbooks in a repeatable manner to drive maturity and consistency.


Rob van Os

Metrics on Steroids: Improving SOC Maturity using the SOC-CMM

SOC-CMM is an exhaustive model for (self-)assessment of SOC Maturity and Capability. 


Steve Turner, Ben Tyminski

XDR - The Hidden Pitfalls of Evaluation and Deployment

XDR deployments have distinct limitations and capabilities. Leverage standard best 

practices while covering new ground.


Dan Banker 

And Then There Were None (More False Positives): Writing Better EDR Detections

Dan shreds his guitar - he also has obviously spent many hours eliminating the noise from his signal.



Peter Luo

Resolve Security Alerts with Adaptive Intelligence and Guided Response

Augmented Intelligence is available for scenarios you frequently encounter.


Kristy Westphal

Analysis 101 for Incident Responders

Develop your team's analytical methodology, and be ready to deal with the reality of not always being right.


Yochana Henderson, Mark Morowczynski

Hiding in the clouds:How attackers can use applications for sustained persistence and how to find it

"****** [devil|god|good god] is in the details." Flaubert, Mies van der Rohe, proverb... 

Make sure you understand what that configuration (button) does!


Ransomware Defense and Response: Minimizing Risk of an Increasing Threat

Gabriel Currie, Will Oram 

The main reasons for ransomware increasing : big money (140M pounds+ in 6 years) and many more leak sites that have driven organizations to pay ransoms.


Apurv Singh Gautam

Automating Threat Hunting on the Dark Web and other nitty-gritty things

Deep web? Data you're not allowed to see. Dark web? That's where your adversaries are coordinating their attacks on you and selling their illicit goods.


Christopher Lopez

Asking Questions and Writing Effectively

Are you asking the correct questions and capturing the appropriate information? Don't constrain yourself with needless process.


Saurabh Wadhwa

Resource Smart Detection with YARA and osquery

Yara : (Chess) If you see a good move, look for a better one.


Mark Baggett 

New Tools for your Threat Hunting Toolbox

Do what Mark does - save yourself one command a day, eventually, you'll be bored and start to automate other stuff.


No comments:

Post a Comment