Topic: Threat Hunting with Data Science
Synopsis: Threat Hunting is a difficult task for Security Analyst due to the 4 Vs. (Volume, Variety, Velocity, Veracity) of data, we have more volume and variety of data to investigate efficiently within a timely timeframe. Data Science techniques and technologies can help address the 4 Vs challenge and empower Threat Hunter to be efficient, effective and smart.
In the presentation, the speaker will share how Flare, an open source framework, can assist Threat Hunters in detecting beaconing in their network - Using Flare's Random Forest and Alexa to detect Domain Generated Algorithm (DGA) and using Natural Language Processing (NLP) to distingish between base 64 string and URLs.
Zhou Zhihao is a Cybersecurity Professional who has over 13 years of experience in conducting cybersecurity operations, consultancy penetration testing and Software Engineering. He is currently heading the cybersecurity ops team in M1 Limited. He holds a Master Degree in Knowledge Engineering from NUS and Bachelor Degree in Info Comm Technology from SUSS. Throughout his career he has attained CISSP, CCSP, OSCP, CRT and ITIL professional certifications.
Instructions for the joining the seminar will be sent to registrants 1 day prior to the event.
This is a chapter professional development event thus 1 CPE hour will be available for your own claim, please take screen shot of Event Code at the end of the talk as evidence.