Track 2.4 - Alphathreat Soup: Burning Threat Actors with Data
If the last year has shown us anything, it's that breaches and attacks being surfaced are the new normal. As the public becomes more informed about cyber operations, it's only natural that malicious actors will increase their operational security by using new approaches or subverting existing detection tools. In fact, it's already begun. In order to remain relevant, security teams need to increase the data sets and tools at their disposal.
In this talk, we will focus on walking through various data sets — both commonly known and some newer approaches — in order to identify threat actors and their operations. We will put a focus on ongoing campaigns which have gone unnoticed and highlight additional ways to investigate more recent reported activity. We will also provide insight into how attackers are subverting these data sets and some ideas on how as defenders, we could improve coverage. Our talk will conclude with a brief discussion about future predictions and where defenders should be spending their time.
Mr. Brandon Dixon
VP of Product
Brandon has spent his career in information security performing analysis, building tools, and refining processes. As VP of Product, he is responsible for managing the direction of all RiskIQ offerings. Prior to RiskIQ, Brandon was the co-founder of PassiveTotal (acquired by RiskIQ) where he led development and product direction. Throughout the years, Brandon has developed several public tools, most notably PDF X-RAY, and NinjaJobs. His research and development on various security topics have gained him accolades from many major security vendors and peers in the industry.