Deadwood 2020 (Virtual Con)
Back To Schedule
Thursday, September 24 • 1:00pm - 1:50pm
Resilient Detection Engineering; What did the bear do in the woods

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

There is a lot of detection content out there. Yet a lot of it is geared towards a certain indicator or something that was found in an online article or threat report. While this is maybe catching stuff, it is inherently flawed.
A lot of those detections have a certain tunnel vision and are not resilient against attackers deviating from the default TTPs. I plan to address this by showing my workflow to develop more resilient detections and learn a lot about the tools I try to detect in the process.

avatar for Olaf Hartong

Olaf Hartong

Olaf Hartong is a defensive specialist and security researcher at FalconForce. He specialises in understanding the attacker tradecraft and thereby improving detection. He has a varied background in blue and purple team operations, network engineering, and security transformation projects.Olaf... Read More →

Thursday September 24, 2020 1:00pm - 1:50pm MDT
Track 2