Sydney Branch Meeting: February 19
Breakfast Session; "Network Threat Hunting – Techniques For Finding Advanced Threat Actors and Anomalies In Your Environment", with Max Heinemeyer, Director of Threat Hunting, Darktrace
Network Threat Hunting – Techniques For Finding Advanced Threat Actors and Anomalies In Your Environment
Network data, especially Netflow-eque data, provides a rich source of information to identify malicious behaviour. Processed in the right ways, it enables threat hunts on the network. This talk will explore generic techniques used for threat hunting on network data such as: How to collect the right data, using machine learning to create a baseline of activity, detecting unusual activity on a network, identifying beaconing behaviour and how to visualize and operationalize network data for security operations. We will also explore how behavioural anomaly detection fits into security stacks that have a mature team & tooling in place. The talk will provide real-life examples of threats identified and investigated using only network data.
Speaker: Max Heinemeyer, Director of Threat Hunting, Darktrace
Max is a cyber security expert with over eight years’ experience in the field specializing in network monitoring and offensive security. At Darktrace, Max works with strategic customers to help them investigate and respond to threats as well as overseeing the cyber security analyst team in the Cambridge UK headquarters. Prior to his current role, Max led the Threat and Vulnerability Management department for Hewlett-Packard in Central Europe. He was a member of the German Chaos Computer Club, working as a white hat hacker in penetration testing and red teaming engagements. Max holds a MSc from the University of Duisburg-Essen and a BSc from the Cooperative State University Stuttgart in International Business Information Systems.
AISA members: Please sign in to register for this event.
If you would like to become a member you can join here.
Many thanks to our sponsors
