David French
David French is a Detection & Response Engineer and Threat Hunter with many years of experience both working as a defensive cybersecurity practitioner and on the vendor side of life doing threat research and building security solutions. He currently works at Google Cloud where he helps security practitioners defend their organization from attack using Google Security Operations.
He likes to pay it forward by sharing knowledge and research with the community via blogging, presenting at conferences such as Black Hat and BSides, and contributing to MITRE ATT&CK. David has shared extensive research on implementing Detection-as-Code and is the creator of Dorothy, a tool to simulate attacker behavior in Okta environments.
Session
For many organizations, GitHub houses critical intellectual property and is a prime target for attackers seeking to steal valuable source code, disrupt software development operations, or carry out supply chain attacks. Security teams must proactively monitor their GitHub Enterprise environments and have the capability to detect and respond quickly to any suspicious activity.
This presentation is for defensive practitioners curious about the world of Detection Engineering and how to build detections that are focused on identifying attacker behavior.
As Detection Engineers, we’ll receive some intelligence on a threat group’s modus operandi for stealing intellectual property, analyze the attack technique, identify relevant data sources, and build & test a detection step-by-step. You’ll leave with practical Detection Engineering techniques that you can apply to other use cases to bolster your organization’s defenses against threats.