Security Analytics: Why Mathematics Alone is Not Enough presented at SourceDublin 2015

by Matthew Hathaway,

Summary : The security industry always has new buzzwords that are quickly adopted by vendors hoping to capitalize on the hype; “big data”, “machine learning”, “anomaly detection”, etc. As security professionals, how do you dis- tinguish between what is hype and what is something that can provide real-world benefits? It’s not enough for security solutions to have the best mathematical models or algorithms, you also need important context so you can know what to do with the information. When applied in the right way, analytics can help you improve your security program by increasing the accuracy of alerts and reduce the number of incidents you need to respond to. This talk will explore:
The latest security analytics buzzwords and what they REALLY mean
Why domain expertise is critical to any security analytics use case
How to incorporate context to minimise alert fatigue and false positives