Profiling User Risk: Borrowing from Business Intelligence to Understand the Security of Your Userbase

Presented at BSidesLV 2019, Aug. 6, 2019, 5 p.m. (55 minutes).

The fields of business intelligence, marketing, and user behavior research all make use of user segmentation to help organizations develop a better understanding of their userbase. Oftentimes users are segmented based on attributes such as demographics, geography, or purchase and usage behavior. When based on data around user account security practices, this methodology can also be applied to understanding the security of a userbase. This talk will explore the application of various segmentation techniques to security-related attributes of user accounts, such as 2FA adoption, unusual sign in notifications, and more. We'll also cover how results from this research can be directly applied to help protect your users. No previous machine learning or data analysis experience is necessary; this talk will be introductory in nature.


Presenters:

  • Emily Austin
    Emily is a Senior Engineer at Mailchimp, where she leads the Defensive Security team. With a background in data science, she takes an analytical approach to blue teaming and uses statistical methods to guide abuse prevention and security efforts. Under her guidance, the team has developed data-driven procedures for monitoring and detection and continues to explore other innovative ways to defend Mailchimp. An avid runner and triathlete, you can find her on the trails when she's not in front of a screen.

Links:

Similar Presentations: