A Year in the Wild - Fighting Malware at the Corporate Level

Explore a comprehensive overview of Yelp's approach to combating malware and phishing threats in a corporate environment. Delve into the tools, processes, and strategies implemented to detect, analyze, and resolve security incidents efficiently. Learn about Yelp's automated incident response system, forensic collection methods, and the integration of open-source and proprietary technologies. Discover how the company leverages tools like AIR, OSXCollector, ElastAlert, and osquery to create a balanced ecosystem for rapid threat detection and response. Gain insights into the entire security workflow, from initial threat detection to final resolution, including employee education and email analysis. Understand how automation and orchestration help eliminate manual repetition and improve overall incident response effectiveness in a large corporate setting.

Intro
About Yelp
Model Response Process
Detection
Automated Incident Response
Square
Analysis
Collecting forensics
Reporting malware
Employee education
Email analysis
Remediation
Recap
Improving the response