Using the example of vulnerability data, this talk is about what happens when data science and security collide.
When you let a data scientist loose on security data there's a ton of things you (and they) need to think about. What you think data science is, and what you expect to get from it. Why 'insight' is hard to get. How to win the battle of caveats vs usability. And how to communicate analysis when it's used to solve operational problems or report up to management.
Tl;dr - this talk is about how easily it can all go wrong - and how to stop that happening.
Hi - I'm a data scientist working in security. I used to use supercomputers to study the evolution of galaxies as an astrophysicist. Now I tackle more down- to-earth challenges, (yes, the puns get that bad), helping companies use different data sets to understand and address security risk. As part of the team at Panaseer (a London based security start up), I work with security functions in global financial firms, applying data science to help solve strategic and operational challenges.