Evaluating Indicators as Composite Objects

Available On Demand
Wednesday, Jun. 8, 2022
8:30 AM - 9:20 AM PT
Moscone West 3006
Indicators are increasingly derided within Cyber Threat Intelligence (CTI) as insufficient for defense and analysis, but this view is likely unfair and misunderstands the nature and purpose of atomic indicators. In this presentation, we will explore the idea of an indicator or IOC as an inherently composite object, and how this understanding can fuel robust analysis and detection mechanisms.

Session Video

Participants
Joe Slowik

Speaker

Senior Manager, Threat Intelligence & Detections, Gigamon

Technology Infrastructure & Operations

hackers & threats network security endpoint detection visibility & response intrusion prevention/detection threat intelligence



Session Code
AIR-W01

Topic/Track
Analytics, Intelligence & Response

Type/Format
Track Session

Classification
General - Technical

Pass Requirements
  • Full Conference
  • Press
  • Digital Pass
  • Speaker


Share With Your Community