Commodity vs Behavioral Detections: The difference that can save your organization
Most security operations centers focus heavily on the “tactics, techniques, and procedures (TTPs)” of previously known data breaches. These are important to have and to mature over time however these have some substantial weaknesses in detection. These TTPs could be modified, changed, or multiple used in conjunction to evade detection. In addition, new research comes out frequently and staying ahead of these areas becomes extremely challenging. The industry needs to continue to strive for commodity detections but also focus on what a baseline of an organization is and what deviations from behavior looks like. This is hard to do because normalizing activity takes a lot of work and effort.
In this webinar, Binary Defense CTO David Kennedy, will go into the pros and cons and how to build out your security operation center to identify not just commodity attacks, but also focus on attacks that evade your traditional monitoring and detection programs.
About the Presenter
Dave Kennedy is a founder and the Chief Technology Officer at Binary Defense and founder and principal security consultant of TrustedSec.
Prior to Binary Defense and TrustedSec, Dave was a Chief Security Officer (CSO) for Diebold Incorporated, a Fortune 1000 company located in over 80 countries with over 20,000 employees.