{"id":914,"date":"2016-02-22T15:14:29","date_gmt":"2016-02-22T23:14:29","guid":{"rendered":"http:\/\/raffy.ch\/blog\/?p=914"},"modified":"2016-02-24T18:29:27","modified_gmt":"2016-02-25T02:29:27","slug":"914","status":"publish","type":"post","link":"https:\/\/raffy.ch\/blog\/2016\/02\/22\/914\/","title":{"rendered":"Kaspersky Security Analyst Summit 2016 – Tenerife, Spain"},"content":{"rendered":"

A week ago I was presenting at the Kaspersky Security Analyst Summit<\/a>. My presentation was titled: “Creating Your Own Threat Intel Through Hunting & Visualization<\/a>“. <\/p>\n

Here are a couple of impressions from the conference:<\/p>\n

\n
\n<\/a>\n <\/div>\n
\n<\/a>\n <\/div>\n
\n

 <\/p>\n<\/div>\n<\/div>\n

\n\"Caxtw47WAAE_IXF.jpg_large\"<\/a><\/p>\n

 <\/p>\n

<\/a>\n<\/div>\n

\nHere I am showing some slides where I motivate why visualization is crucial for security analysts.<\/p>\n
\n<\/a>\n<\/div>\n
\n<\/a>\n<\/div>\n<\/div>\n
\nAnd a zoom in of the reason for why visualization is important. Note that emerging blue pattern towards the right of the scatter plot on the left. On the right you can see how context was used to augment the visualization to help identify outliers or interesting areas:<\/p>\n

 <\/p>\n

\n<\/a>\n<\/div>\n
\n<\/a>\n<\/div>\n<\/div>\n
\n

 <\/p>\n

On the left here you see how visualization is used to find patterns and translate what you learn into algorithmic detections. On the right, I am showing a way to set thresholds on periodic data.<\/p>\n

 <\/p>\n

\n<\/a>\n<\/div>\n
\n<\/a>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"

A week ago I was presenting at the Kaspersky Security Analyst Summit. My presentation was titled: “Creating Your Own Threat Intel Through Hunting & Visualization“. Here are a couple of impressions from the conference:     Here I am showing some slides where I motivate why visualization is crucial for security analysts. And a zoom […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[35,2],"tags":[],"class_list":["post-914","post","type-post","status-publish","format-standard","hentry","category-security-intelligence","category-visualization"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/raffy.ch\/blog\/wp-json\/wp\/v2\/posts\/914","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/raffy.ch\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/raffy.ch\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/raffy.ch\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/raffy.ch\/blog\/wp-json\/wp\/v2\/comments?post=914"}],"version-history":[{"count":66,"href":"https:\/\/raffy.ch\/blog\/wp-json\/wp\/v2\/posts\/914\/revisions"}],"predecessor-version":[{"id":1000,"href":"https:\/\/raffy.ch\/blog\/wp-json\/wp\/v2\/posts\/914\/revisions\/1000"}],"wp:attachment":[{"href":"https:\/\/raffy.ch\/blog\/wp-json\/wp\/v2\/media?parent=914"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/raffy.ch\/blog\/wp-json\/wp\/v2\/categories?post=914"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/raffy.ch\/blog\/wp-json\/wp\/v2\/tags?post=914"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}