Presentations

Ryan Kazanciyan

Indicators of Compromise (IOCs) were meant to solve the failures of signature-based detection tools. Yet today's array of IOC standards, feeds, and products have hardly impeded attackers, and most intelligence remains shared in flat lists of hashes, IP addresses, domain names, or strings. Just as brittle as an anti-virus signature, and just as likely to fail - especially if used incorrectly.

This presentation will begin by contrasting the original intended design of IOCs with how they’re typically written and shared today. We’ll illustrate the challenges of building robust and reliable indicators, particularly when they need to be shared with 3rd parties. We’ll examine how organizations can compensate for these limitations and still get actionable results from brittle threat data. Finally, we’ll provide examples of endpoint outlier analysis and hunting techniques that can complement IOC searches and distinguish anomalies from the background noise of an environment.

Throughout the presentation, we’ll draw upon specific examples and lessons learned from responding to targeted attackers in real-world compromises.

Recent News

November 4, 2016

Join our latest Keynote speaker, Katie Moussouris, a noted authority on vulnerability disclosure and bug bounties, is the founder and CEO of Luta Security, Inc. Luta Security advises companies, lawmakers, and governments on the benefits of hacking and security research to help make the internet safer for everyone. Katie is a hacker—first hacking computers, now hacking policy and regulations. She will be delivering the closing keynote on Day 1. For more details on our program click here.

October 30, 2016

Joining our expert line up this year is Tyler Shields, VP Marketing and Strategy at Signal Sciences a foremost expert on mobile, application, and Internet of Things security. He will be delivering the opening keynote: "Changing How We Do Security To Match A Modern World". For more details on our program click here.

Cancellation Policy

Substitutions can be made at any time. Unfortunately we cannot refund registration fees. Each course is subject to a minimum number of students. In the unlikely event that a course must be cancelled due to low enrolment, full refunds will be provided to registered students.

For more information on COUNTERMEASURE 2017, please contact us at This email address is being protected from spambots. You need JavaScript enabled to view it. or our office line at 613-725-2079.