Last Day to Save $200 on Cutting-Edge Cyber Security Training at SANS Chicago 2019!

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

Identifying Emerging Threats with Security Analytics

  • Wednesday, February 20th, 2019 at 1:00 PM EST (18:00:00 UTC)
  • Chris McNab
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

Sponsor

  • AlphaSOC, Inc.

You can now attend the webcast using your mobile device!

Overview

An entire industry exists to serve threat feeds that are used within SIEM and SOAR platforms to identify infected systems and campaigns with known signatures (e.g. IP addresses, domain names, and file hashes). Indicator lists are used in a one-dimensional fashion: the raw data is correlated with threat feeds, and an alert is generated if theres a hit.

Adversaries are aware of this level of maturity within enterprise SOCs. As such, attackers avoid re-using domain names and other indicators between campaigns. To defend against evolving threats and unknown actors, security teams must leverage analytics to dive into their data.

This webcast details common SOC blindspots that adversaries exploit, and how you can measure the visibility of your existing SIEM apparatus using free, open source tools. Attendees will also learn about the data processing steps required to flag red teams, state-sponsored adversaries, and emerging threats within their environments using the AlphaSOC Analytics Engine.

Speaker Bio

Chris McNab

Chris McNab is the author of Network Security Assessment (O'Reilly Media) and co-founder of AlphaSOC, a security analytics software company founded in 2013 with offices in the United States and Poland. Chris has presented at events including FIRST, OWASP, InfoSecurity Europe, InfoSec World, and the Cloud Security Alliance Congress, and works with client organizations around the world to understand and mitigate vulnerabilities within their environments.

During 2012 and 2013, Chris performed incident response and forensics work for organizations targeted by Alexsey Belan, who occupies a spot on the FBI Cyber Most Wanted list and is subject to US Department of Treasury OFAC sanctions. In 2011, Chris worked closely with the Attorney General of Guatemala under a United States Agency for International Development (USAID) project to secure the computer systems that underpin the legal system within the country.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.