Unraveling Detection Methodologies: Indicators vs. Anomalies vs. Behaviors

Closed captioning will be available in English and Japanese for all keynotes and RSAC track sessions.
Please note: All times are in SGT.
  1. Moscone West

Cyber-defense centers on “what” a technology is designed to look for, with capabilities and limitations depending on method. Three distinct approaches have emerged: traditional IOCs, anomaly detection and behavioral analytics. Unfortunately, marketing has muddied these terms beyond recognition—this presentation will correct this by critically examining each approach and its capabilities.

Learning Objectives:
1: Gain understanding of defense detection methodologies.
2: Evaluate the costs and benefits inherent to different detection approaches.
3: Make decisions for the organization relevant to the organization's security needs.

General knowledge of detection methodology and technologies, awareness of current product types performing threat detection and alerting, and broad knowledge of general security incidents.

Download pdf