Firewalls, UEBA, network and endpoints, ingress and lateral movement. When all the indicators turn into a clutter of alerts on my SIEM, I feel the vendor fatigue deep inside. In this talk I will try to put a little order in the great chaos of our cyber threat detection world, and suggest to get back to the root questions. Who? Who is behind the behavior? Looking at identity as the new perimeter and anomaly activity as the new indicators. How behavior analytics in real-time can help answer that very basic question. Who?
Audience: Everyone...
Nir started his career as a squad leader in the Israeli Intelligence Corps. He helped companies protect their assets using cyber threat intelligence and inside user's behavior analytics. Nir has over 15 years of experience as a security engineer and solution architect. Nir publishes his posts on LinkedIn and speaks occasionally at security conferences.