Passive detection doesn’t work: lessons from a hunter of elusive nation-states presented at BsidesROC 2016

by Devon Kerr,

Summary : The objective of this presentation is to outline why reactive detection frameworks are inherently flawed and propose an alternative – a methodology which includes collection and analysis of artifacts on a routine schedule; this approach ensures greater institutional knowledge while also increasing analyst expertise. Simply put: you cannot find what you do not look for.