PRACTICAL STATISTICS FOR THREAT INTELLIGENCE presented at BsidesCa 2017

by Nir Yosha,

Summary : Threat Intelligence providers share millions of IOCs (indicator of compromise) to help security teams identify attack vectors and new malware families. Basic statistics can help reduce the noise and verify the threat information credibility. Cross correlation, Bayesian model and Margin of Error are some of the techniques put into place for Threat Intel analysis. I'll provide real life examples. You don't need to be a mathematician to attend this one :-) Just have fun with security threats and basic stats :-)