When it comes to detecting breaches, time is of the essence. The longer a threat actor persists in your environment, the more likely they are to establish a foothold, and walk away with your data. Many attackers will follow a similar attack methodology from target to target, or for every attack they carry out for years. This talk will discuss common indicators of compromise, the value of your own threat intelligence, and how you can spot the unusual behavior that your AV, firewall, or IDS can't.
Neil R. Wyler is an Information Security Engineer and Researcher located in Salt Lake City, Utah. Neil is currently a Threat Hunting and Incident Response Specialist with RSA Security. He has spent over 15 years as a security professional, focusing on vulnerability assessment, penetration testing, physical security, and incident response. He has been a staff member of the Black Hat Security Briefings for over 13 years and is a member of the Senior Staff at DEF CON. Neil has spoken at numerous security conferences worldwide, including Black Hat, DEF CON, and the RSA Conference. He has been the subject of various online, print, film, and television interviews, and has authored several books on information security. In his free time, Neil keeps himself busy as a member of both the DEF CON, and Black Hat CFP Review Boards.