Enterprise Security Monitoring: Comprehensive Intel-Driven Detection

Video from BSidesAugusta 2013 Slides: http://goo.gl/cW42LQ Enterprise Security Monitoring: Comprehensive Intel-Driven Detection This is a great time to be in the detection field! More and more organizations are waking up to the fact that an effective detection program is a "must-have" to protect themselves against sophisticated threats. This creates a market for high-quality threat intelligence, and many groups are stepping up to meet this demand. With very little effort, your organization can connect to any number of quality data feeds, both commercial and free. However, this can lead to it's own problems: almost no one is using threat intel effectively! Now that you're drowning in a sea of intel, how do you make sense of it all and ensure that you are making maximum use of this information to provide the best possible detection strategies for your organization? When you fully leverage your knowledge of an adversary to rapidly detect and respond to their attacks, you deny them access to their trade craft. You become a harder target and they feel the burn! David developed the ESM method while creating and running the worldwide detection program at a Fortune 5 company. Learn how to apply ESM in your org to bring the fight to the attackers!