Keya Arestad
Keya Arestad works as a security architect and has been doing various types of defending (and hacking) of endpoints and networks for over 10 years. She likes to balance time between computer screens and being outside.
Session
The cybersecurity market is projected to experience strong growth. This is driven by the plethora of devices connected to and integrated into enterprise networks, combined with the increase in zero day vulnerabilities being identified and exploited. The attack surface has broadened, while becoming more complex.
Many of the enterprise security tools used to defend our networks have failed us. Painful examples range from 0day attacks in on-prem Exchange servers to the SolarWinds supply chain attacks. These enterprise tools resulted in the successful compromise of businesses around the world.
In order to defend, both proprietary and open source tools have been at the core of many successful security projects and business initiatives. Open source tools have many benefits, among them, the freedom to try and tweak, while not being locked into 1-3 year licensing terms.
This talk will cover how an open source project, in particular, MISP (the malware information sharing platform) can be integrated into threat investigation workflows to help augment enterprise tools with the goal of increasing overall security while making a threat analyst’s life a little easier.