Threat Hunting with Python & Pandas скачать в хорошем качестве

Threat Hunting with Python & Pandas

Anthony Talamantes (Johns Hopkins University Applied Physics Laboratory, US), Matt Dulle (Johns Hopkins University Applied Physics Laboratory, US) Anthony has over 24 years of experience in cybersecurity and the last 17 years focused on nation state and sophisticated adversaries. Anthony developed the Cyber Hunt program at Johns Hopkins Applied Physics Laboratory and current manages the Cyber Hunt, Applied Cyber Research, and Architecture & Engineering. Matt has over 13 years of experience in cybersecurity and is the Lead Reverse Engineer in the Applied Cyber Research team at Johns Hopkins Applied Physics Lab. Matt performs malware analysis and uses behavioral indicators to proactively hunt for malicious activity in the enterprise. -- This presentation will discuss some of the limitations with traditional SIEM’s and how cybersecurity is evolving away from them. We continue to describe threat hunting and detection engineering with a more iterative and scalable methodology than typically used with traditional SIEM’s. We will be examining the use of Python, Pandas, and other libraries in Jupyter notebooks to gain additional visibility and analyses into adversarial activities. We will demonstrate how this approach can work in cyber operations and give examples of the entire process including code examples. We will wrap up by discussing how this can be achievable by analysts without python and data science backgrounds.