Correlating threat data - orchestration & next generation takedowns

Presented at VB2018, Oct. 5, 2018, 11 a.m. (30 minutes).

What if takedowns could take place within seconds of detection? Advances in No-SQL platform processing speed combined with cloud-driven hyperscale sensor networks have made it possible to analyse very large data sets of abuse incidents in near real time. Tobias will explain how *Abusix* has enabled fast correlation with smart reporting of threat observations, quickly linking abused servers with attacked networks and users. The next frontier is to orchestrate playbooks and human trust factors required for fully automated takedowns, effectively closing the time gap within which miscreants cause harm. Tobias has managed abuse departments for some of the world's largest hosting companies, he was a co-founder of the Global (Abuse) Reporting Project and is Co-Chair of the RIPE Anti-Abuse Working Group.

Presenters:

Links:

Similar Presentations: