Risky Business - using risk-based analysis to detect bad things

Jaime McCallion

Playlists: 'trans-tech-tent' videos starting here / audio

Risk-Based Analysis / Alerting is a growing approach for defensive teams and SOCs to help cut down on noise and detect bad things happening from existing data and search volumes. As vendor-neutrally as possible, this talk will walk through the concept, why it's good, what the organisational and technical weaknesses of implementations are, and how it's going to grow in 2023/24.