BSides Rochester 2016: Devon Kerr: Passive detection doesn’t work: lessons from a hunter of elusive

The objective of this presentation is to outline why reactive detection frameworks are inherently flawed and propose an alternative – a methodology which includes collection and analysis of artifacts on a routine schedule; this approach ensures greater institutional knowledge while also increasing analyst expertise. Simply put: you cannot find what you do not look for. https://www.bsidesroc.com/archive/2016/schedule/talks/