Eating the Elephant: Leveraging Data Analytics to Tackle Everyday Security Tasks and Provide Actionable Intelligence

No ratings

Presented at BsidesOklahoma 2017 by

Ramece Cave

Eating the Elephant: Leveraging Data Analytics to Tackle Everyday Security Tasks and Provide Actionable Intelligence n the fast paced world of information security, analysts are tasked to perform seemingly and often improbable feats of data analysis, and produce actionable results. Actionable could mean, things to block, collect, or be-on-the-look-out (BOLO). Data sources can range from data obtained on-line, device log files, PCAPs, and miscellaneous CSV files to name a few. Seldom does the data align properly, and it could be missing vital contextual information. On the surface, the various data sets may not appear to have any relationship. Not to mention, the small problem, the information totals are in the millions. As if your day was not already turbulent. When, where, why and how do we begin to make sense of the madness? The answer lies in in the solution to this question: How do we eat an elephant? One byte at a time.