DNIF KONNECT Meetup - 16th May 2019


#1

@everyone We’re back with yet another #DNIFKonnect virtual #meetup :partying_face::partying_face: and thank you guys for making the previous one a grand success :partying_face:

This time we have some interesting topics to talks about:

  • Introduction to malware persistence techniques.
  • Strategies to detect backdoor malware.
  • Introduction to user behavior analytics.
  • Classifying malicious IP using machine learning.
  • User behaviour analytics using machine learning.
  • Introduction to threat validation.
  • Process whitelisting with a threat validation plugin like VirusTotal.

Haven’t registered yet? It’s still not late: Register Now


#2

@Siddhant can we get recording of yesterday sessions.


#3

Hello @everyone,

We are live with the recording of the DNIF Konnect session :partying_face: :sparkles:

Presentations:


#4

Hi Team,

Need some information on the below:

Please share the links or any session to understand the how to identify the malware in the different phases of Cyber Kill Chain.
image

Please explain what are outlier detection capabilities and how will these work.

image


#5

@Vamsi_Krishna - for outlier detection capabilities you can check out this page: Outlier Detection in DNIF

For various detection strategies within the “Cyber Kill Chain” for every malware strain - frankly, I don’t think there is documentation that extensive…


#6

Hi @Vamsi_Krishna -

Like I said this is a pretty involved topic, it is more to do with the approach of detection than the platform itself.

I think the ATT&CK framework from MITRE is a good starting point - it maps techniques to the killchain as you were looking for. Here is a link - https://mitre-attack.github.io/attack-navigator/enterprise/

Shomiron