Profiling the Attacker – Using Offender Profiling In SOC Environments

It’s been said ‘‘Intrusion analysis is as much about tcpdump as astronomy is about telescopes". Understanding who is attacking your or a customer's network and why is just as important as analyzing the packets on it. This slot will focus on a technical offender profiling framework that can be used to build a knowledge base on malicious actors. This talk will delve into the following areas: - Building an information classification for your assets - Attack significance plotting - Attack factor comparison analysis - Discerning motive - Attacker kill chain analysis - Malicious actor profile checklist - Naming conventions for malicious actors
James Stevenson
James Stevenson is a computer security graduate and software engineer for BT Security and has previously worked as a security analyst for the cloud security company Alert Logic. He is also a speaker at security conferences on topics from offender profiling to getting into the industry.
Back by Popular Demand, Join us at Mayhem at the Mint on Tuesday, March 5th, 2019!Register Today
+