Black Hat USA Archives are live!

Click Here to Check Out the USA Archives Site | more info

Applying Machine Learning to Network Security Monitoring


Register Now

Thursday, May 15, 2014
1100 HRS PDT/1400 HRS EDT • FREE
60 MINUTES INCLUDING Q&A



Brought to you by:

Applying Machine Learning to Network Security Monitoring by Alex Pinto
Using Security Intelligence To Mitigate Today’s Real Threats by Ken Westin

Regardless of the advances in malware and targeted attacks detection technologies, our top security practitioners can only do so much in a 24-hour day. Triage using alert-based monitoring (from IPSes, SIEMs and such) is inefficient because they are lacking in expressiveness. So how can we better use data from exploration-based and data-rich monitoring tools (such as threat intelligence feeds and network forensics) to effectively triage incidents for our teams to investigate?

Enter the use of Machine Learning as a way to automatically prioritize and classify potential events and attacks in your network. Statistical learning and data mining techniques can be used to automate the analysis of your logs and network data with threat intelligence and Internet topology, DNS, and WHOIS information.

This webcast will present examples and applications of these concepts and algorithms developed by MLSec Project in log data from public feeds and anonymized and summarized real live networks. Our objective is to demonstrate how these data-driven techniques can be used to help us transform our fire hose of available data into actionable intelligence.

Presenter:

Alexandre PintoAlex Pinto is the Chief Data Scientist of MLSec Project. The goal of the project is to provide a platform for hypothesis testing for people interested in the development of machine learning algorithms to support the information security monitoring practice.

He has over 14 years dedicated to information security solutions architecture, strategic advisory and monitoring. He has experience with a great range of security products, and has managed SOCs and SIEM implementations for 7 years. Alex currently currently holds the CISSP-ISSAP, CISA, CISM and PMP certifications, not that anyone cares. He was also a PCI QSA for almost 7 years, but is almost fully recovered.


Sponsor Speaker:

Ken WestinKen Westin is a security researcher at Tripwire, whose technology exploits and endeavors have been featured in Forbes, Good Morning America, Dateline, New York Times, The Economist. He has won awards from MIT, CTIA, Oregon Technology Awards, SXSW, Entrepreneur and named in Portland Business Journal's 2013 "40 Under 40.”

LatestIntel

View More

UpcomingEvents

ShowCoverage

StayConnected

Fill out the form below to stay up to date on the latest Black Hat info, newsletters and intel.

Email*
First Name
Last Name
Subscription Group

Sustaining Partners