Ramece Cave is a Threat Research Analyst with the Global Threat Intelligence Center (GTIC) at NTT Security. His core areas of focus are distributed threats, which encompass but are not limited to: identification, remediation, and analysis of denial of service (DOS) attacks, covert channels, botnets, the obscure and unusual, and C2 protocols, in malware and other network communication.
Eating the Elephant: Leveraging Data Analytics to Tackle Everyday Security Tasks and Provide Actionable Intelligence
During this talk, we will analyze real data, discuss and apply various methods, data frameworks and tools coupled with the Python programming language to tackle this obstacle. Along the way identifying methods to triage and process the data. Unearthing the golden nuggets of information that can and will help the analyst better defend the network, and find the proverbial needle in a haystack. It’s time to make the data work for the analyst instead of the analyst being held at its mercy. Even the simplest data sets can yield promising results, we just need to know what to ask, how to look, and enrich the data.