Needles, Haystacks and Algorithms - Using Machine Learning to Detect Complex Threats at DefCamp - 2018

Explore the application of machine learning in detecting complex threats at DefCamp 2018 through this 40-minute conference talk. Delve into the challenges of mitigating advanced persistent threats (APTs), understand the stages of an APT, and learn about technical controls. Discover how machine learning can be leveraged in cybersecurity, examining available data, architecture, and algorithms. Gain insights into text mining techniques and the process of building an effective pipeline for threat detection. Analyze the concept of finding needles in haystacks and evaluate whether this approach leads to creating another content management system. Examine relevant statistics and leave with a deeper understanding of how machine learning is revolutionizing complex threat detection in the field of information security.

Intro
The problem
Agenda
Complex Threats
Stages of an APT
Technical controls
Challenges in mitigation
How long does it take to remediate
James Bond
Solutions
Definitions
What does Machine Learning do
Available Data
Sneak Peak
Elastic Stack
Architecture
Algorithms
Text Mining
Building the Pipeline
Haystack
Are we building another CMS
Statistics