what is the promise of automation, and where did we go wrong
the problems with 'volume' (of logging) and the loss of
a dive into 'exploratory based monitoring'
how does log-based data analysis scale?
baselines, and why 'anomaly detection' has failed us
does machine learning solve the 'hands on keyboard' (continuous
tuning) problem with SIEM?
does today's 'threat intelligence' provide value, and is it
decrying the tools - and blaming the victims
what is machine learning good at, and what won't it be great
Alex Pinto ( @alexcpsec ) - Alex has
almost 15 years dedicated to Information Security solutions
architecture, strategic advisory and security monitoring. He has
been a speaker at major conferences such as BlackHat USA, DefCon,
BSides Las Vegas and BayThreat.
He has been researching and exploring the applications of machine
learning and predictive analytics into information security data
sources, such as logs and threat intelligence feeds.
He launched MLSec Project (https://www.mlsecproject.org) in 2013 to
develop and provide practical implementations of machine learning
algorithms to support the information security monitoring practice.
The goal is to use algoritmic automation to fight the challenges
that we currently face in trying to make sense of day-to-day usage
of SIEM solutions.
Take a step outside the echo chamber - gain some perspective and context.
Welcome to Cybersecurity: An immature industry where we mandate impossible-to-remember complex passwords that change every 30 days - and call that security. It's an industry where everyone is an expert, but no one's actually solved anything... weird right?
This show is focused on the many aspects of cybersecurity - from professional to leadership, technical to abstract. We look to entertain you while filling your brain with expertise and knowledge from all corners of our industry and beyond. You can expect security experts, policy professionals, and people from outside our own "security bubble" because frankly, our echo chamber needs some perspective.
Join us, subscribe, and share in the conversation.
Follow us on Twitter: @DtSR_Podcast
Check out Rafal's @Medium blog at https://medium.com/@BlogWh1t3Rabbit