Introduction to Defining TTPs From Incident Data

BSides SATX 2017

Presented by: Monty St John
Date: Saturday May 20, 2017
Time: 13:00 - 16:00
Location: Richter 102
Track: Workshop

This analytics workshop is for those who are curious about or need a refresher on how to derive the use of tactics, procedures and techniques from within incident data. To get the most out of this workshop, you should feel comfortable with basic analysis and hunting methods. The workshop will provide a the random assortment of information that represents data from an incident. You are then taken through a series of steps to analyze the information to look for artifacts, patterns and hints that enable you to build and confidence rate techniques, procedures and tactics to better under the process flow of the adversary during the incident

Monty St John

CyberDefenses, Inc.’s mission is to shield customers against cyber threats through comprehensive oversight, defense, and training services. Founded in 2001 by a team of returning military, cyber security veterans, CyberDefenses has a dual focus on government/public sector and private sector organizations. Through a comprehensive suite of managed services – including security oversight, identity management, security monitoring, managed detection, incident response and certification / skill training – battle tested cyber security measures are affordably offered to buyers.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats