Best Practices in Threat Hunting: Optimizing the Anomalous Activity Search
Brenden Bishop, Data Scientist, the Columbus Collaboratory
About this talk
Join us for this webinar that will present an advanced data science approach to detecting anomalous behavior in complex systems like the typical corporate network that your IT Security team is trying to defend. Generalized anomaly detectors, without tuning for a specific use case, almost always result in high false alarm rates that lead to analyst alert fatigue and a detector which is effectively useless. In this session, Brenden Bishop, Data Scientist at the Columbus Collaboratory, will present an open source tool and best practices for building specific, repeatable, and scalable models for hunting your network’s anomalies. Through iteration and collaboration, defenders can hone in on interesting anomalies with increasing efficiency.