Presentations

Ryan Kazanciyan

Indicators of Compromise (IOCs) were meant to solve the failures of signature-based detection tools. Yet today's array of IOC standards, feeds, and products have hardly impeded attackers, and most intelligence remains shared in flat lists of hashes, IP addresses, domain names, or strings. Just as brittle as an anti-virus signature, and just as likely to fail - especially if used incorrectly.

This presentation will begin by contrasting the original intended design of IOCs with how they’re typically written and shared today. We’ll illustrate the challenges of building robust and reliable indicators, particularly when they need to be shared with 3rd parties. We’ll examine how organizations can compensate for these limitations and still get actionable results from brittle threat data. Finally, we’ll provide examples of endpoint outlier analysis and hunting techniques that can complement IOC searches and distinguish anomalies from the background noise of an environment.

Throughout the presentation, we’ll draw upon specific examples and lessons learned from responding to targeted attackers in real-world compromises.

Recent News

October 9th 2018

Cloud security issues are a key focus at this year’s COUNTERMEASURE IT Security Conference, with in depth training as well as key presentation from industry leaders. Graham Thompson, who participated in our 2017 cloud security panel discussion, leads an intensive three day training course, Cloud Security Fundamentals & FedRAMP. IBM’s Jeff Crume will be giving a keynote presentation on Security in the Clouds, and Teri Radichel will present on Top Priorities for Cloud Application Security. For institutions with a cloud infrastructure, these sessions should not be missed.

September 20th 2018

Charlie Miller and Chris Valasek join our growing list of speakers at COUNTERMEASURE 2018.  Their presentation on Security Self-Driving Cars will explore the future security issues of this emerging sector. 

In the not too distant future, we'll live in a world where computers are driving our cars. Soon, cars may not even have steering wheels or brake pedals. But, in this scenario, should we be worried about cyber attack of these vehicles? In this talk, two researchers who have headed self-driving car security teams for multiple companies will discuss how self driving cars work, how they might be attacked, and how they can ultimately be secured.
 
You can view their presentations and those of our other speakers here.

Cancellation Policy

Substitutions can be made at any time. Unfortunately we cannot refund registration fees. Each course is subject to a minimum number of students. In the unlikely event that a course must be cancelled due to low enrolment, full refunds will be provided to registered students.

For more information on COUNTERMEASURE 2018, please contact us at This email address is being protected from spambots. You need JavaScript enabled to view it. or our office line at 613-725-2079.