A Threat-Based Security Monitoring Case Studyby Matthew Valites

The talk was presented on October 23, 2014 at SECURE 2014 - an IT security conference organized by NASK and CERT Polska in Warsaw, Poland.

About author: Matthew Valites is a senior investigator and site lead on Cisco’s Computer Security Incident Response Team (CSIRT). He provides expertise building an Incident Response and monitoring program for cloud and hosted service enterprises, with a focus on targeted and high-value assets. A hobbyist Breaker and Maker for as long as he can recall, his current professional responsibilities include security investigations, mining security-centric alerts from large data sets, operationalizing CSIRT’s detection logic, and mobile device hacking. Matt is keen to share CSIRT’s knowledge, best practices, and lessons-learned.

Published 28 March 2015