Birthday Hunting

BSidesLV 2019

Presented by: Jack Burgess
Date: Wednesday August 07, 2019
Time: 17:00 - 17:25
Location: Ground Truth

Just looking at your logs is extremely unappealing for many security analysts. This leaves specialized tools and scripts to do the analysis before anything is investigated. This leaves any threat actor with access to the tools at an advantage and you with tunnel vision. With the math presented here we show the odds of finding something is quite high for hunting and the effectiveness of $CYBER_ML_PRODUCT might be closer to a list of your assets picked at random.

Jack Burgess

Trained physicist, now security data scientist, Jack has worked with companies large and small to enhance their capabilities through the practical application of analytics. Having led a number of Spark / Metron based security projects in Melbourne, New York, and Los Angeles working on distributed computing and infosec problems are passions followed very closely by talking about them.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats