The Challenges of the Kill Chain presented at CounterMeasure 2012

by Mischel Kwon,

Tags: Security

Summary : To date we spend most of our Security Operations dollars and time on managing the alerts. The game of "wacka mole" is not working. Understanding the implications of each one of the alerts has been nearly impossible whether due to lack of data too much data or a lack of understanding of how the data fits together. This session will discuss basic patterns of attacks; kill chains and new models for understanding not just the alert, but also the entire attack. This discussion will cover the intelligence sources, tools, and technologies available to move away from the alert and onto the entire attack.