A Hunting We Will Go presented at BSidesVancouver 2018

by John Strand,

Summary : In this talk we will discuss the RITA framework for detecting advanced beacons. It is free tool developed by BHIS, it runs on top of Bro and it rocks. We will walk through how it works and how you can set it up in your environment. Right now. We will also cover some cool cyber attribution tools you can use to track bad guys outside of your network.