Hunting the Hackers: How Cisco Talos is Leveling Up Security
At Cisco's Talos, a traditional security analyst culture has collided with lots of data. In this talk, Kate and Samir describe how they've navigated this transition using Elasticsearch to leverage data to detect bad guys – with a special look at how Talos tracked the SSHPsychos SSH brute forcing campaign.
Kate Nolan is a Cybersecurity Data Unicorn at Cisco’s Talos Security Intelligence and Research Group. She works on various development and data projects to assist in the hunting of bad guys, like dynamic malware analysis and automated detection. Her interests lie in making data useful and available, data visualization, and trying new eyeshadow. Recently, she graduated with a master’s in computer science from Johns Hopkins University.
Samir Sapra is a researcher dude at Cisco's Talos Security Intelligence and Research Group. He helps with malware analysis and development work on the Talos malware sandbox project. When he is not analyzing malware or doing development, he is hunting through data to piss off bad guys.