July 11th, 2024
Defender Fridays Wrap-Up: June 2024
Nicole Boyd
The Importance of Detection Engineering with Wade Wells
In this session, Wade discussed detection engineering in security operations and the importance of understanding false positives. The session highlighted the crucial need for continuous validation of detection rules, emphasizing collaboration with red and purple teams and utilizing tools like Atomic Red Team. Wade recommended leveraging frameworks like MITRE ATT&CK and suggested watching MITRE's YouTube resources for hands-on learning.
Links:
Understanding and Mitigating DDoS Attacks with Michael Smith from Vercara
Michael Smith shed light on the evolution of DDoS attacks and the various contributing factors, including the increased use of cloud providers and virtual servers. The session also involved discussions on the metrics used to measure the impact of DDoS attacks and the tactics implemented by attackers to augment the damage scope. Smith gave the audience a deep dive into how to defend against DDoS attacks amidst an ever-evolving threat landscape.
Links:
Navigating the Cybersecurity Industry with Pedram Amini from InQuest
Pedram Amini, CTO at InQuest, shared insights and advice from his journey in the cybersecurity industry, including his experience in developing security tools and bootstrapping a company. A crucial takeaway from the discussion was the importance of developing a product that aligns with market demands and customer needs. His insights and reflections offer valuable lessons for anyone considering a career in cybersecurity and those aspiring to build successful businesses in other industries.
Links:
Understanding Domain Generation Algorithms in Cybersecurity with Michael Smith of Vercara
In this session, Michael Smith sheds light on the intricacies, impacts, and mitigation strategies of Domain Generation Algorithms (DGAs). The discussion also highlighted the multifaceted issues associated with programmatically identifying DGA domains, the difficulties integrating machine learning and AI algorithms for instantaneous detection, and the importance of prompt detection in DNS security. Finally, the conversation emphasized the need for evolving security measures to combat emerging threats and highlighted the importance of collaboration and community participation in strengthening defenses.
Links:
What is Defender Fridays?
Each week, we bring you a different expert guest who will share their invaluable insights on topics ranging from threat hunting and incident response to security operations and detection engineering. What makes these sessions special is their informal and interactive nature, allowing for an engaging dialogue between our guests, hosts, and you – our audience.