Fighting Email Phishing with a Custom Cloud IDS

Explore the development and implementation of a custom cloud-based Intrusion Detection System (IDS) for combating email phishing in this 19-minute conference talk from BSidesSF 2017. Learn how Uber's security team tackled the pervasive challenge of phishing by building their own email IDS in AWS, offering real-time threat response capabilities. Discover the operational benefits of this approach, including improved price, extensibility, and performance. Gain insights into key components such as attachments analysis, Lambda debug logs, Cloud Watch metrics, Elastic Search, and advanced intelligence services. Understand how this custom solution enhances phishing protection while providing user-guided actions and chat alerts, demonstrating the dual advantage of strengthening security and improving operational efficiency.

Intro
Attachments
Phantom Analyst
Lambda Debug Log
Cloud Watch Metrics
Elastic Search
Application Backend
User Guided Actions
Chat Alerts
Hyperlinks
Google Apps
Advanced Intelligence Services
Review
Questions