BSides Atlanta 2022

Protecting the Centerpiece Jewel in your Crown Jewels: Enterprise Financial System- Forensic Model, Detection and Logic
2022-08-27 , Room 402 - "Re-Imagine" track

ERP systems are critical systems in all enterprises worldwide. Its common usage and large number of users within organizations makes it vulnerable to external threats and internal activity,
which if breached can lead to dire consequences and great loss to an organization. Understanding financial systems and its architecture would help build security used cases and detection rules useful for cyber security incident response techniques.

Attendees would gain insight into ingesting ERP logs to a security management tool or log collector, an example of how to develop a base forensic model on financial data would be demonstrated.
One easy and one medium-hard detection and correlation rules and its logic would be shown.
Central repository of an analytical dashboard for a single panel view would be explained for management viewing.

All of above would be summed up to improve incident analysis, pattern analysis and operational security posture of financial systems in enterprises.

Ashwin Rajendra is an Cyber Security Incident Response manager on the incident response remediations team at Kimberly-Clark Corporation. His prior experience includes roles in both network security and threat intelligence, with a total of 10 years of security experience, four years in DFIR and Incident Response. Rajendra previously worked at ATOS and DELL. He holds a Master of Science in Cybersecurity, and certifications in digital forensics and data analytics. Rajendra loves to use and play with data in all aspects of work and he has a passion for security.