Best Practices in Threat Hunting: Optimizing the Anomalous Activity Search

Presented by

Brenden Bishop, Data Scientist, the Columbus Collaboratory

About this talk

Join us for this webinar that will present an advanced data science approach to detecting anomalous behavior in complex systems like the typical corporate network that your IT Security team is trying to defend. Generalized anomaly detectors, without tuning for a specific use case, almost always result in high false alarm rates that lead to analyst alert fatigue and a detector which is effectively useless. In this session, Brenden Bishop, Data Scientist at the Columbus Collaboratory, will present an open source tool and best practices for building specific, repeatable, and scalable models for hunting your network’s anomalies. Through iteration and collaboration, defenders can hone in on interesting anomalies with increasing efficiency.

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (39)
Subscribers (5443)
These real-life threat hunters proactively search through networks and datasets looking for threats that existing automated tools cannot detect. This series will feature individual threat hunters, and the tools and techniques they use to stay on top of their game. Discover their methods and skills, as well as their recommendations on how to stay up to date on current attack trends, next developments in their space and great resources for beginners to threat hunting. Save your spot and join the conversation.