- find adversaries abusing common protocols, like DNS, to conduct data exfiltration and C2 communications;
- spot adversaries communicating over encrypted network protocols without decrypting the traffic; and
- turn successful hunts into automated detections.
Alex is a veteran open source security evangelist with a deep engineering background. In 10 years with Sourcefire Research (VRT), he wrote the team’s first malware sandbox and established its global customer outreach and intelligence sharing program. He has spoken at conferences across the globe on topics from “Malware Mythbusting” to “Using Bro/Zeek Data for IR and Threat Hunting”, and was a contributing author for “Practical Intrusion Analysis”, and oft-used textbook for university courses on IDS. His security engineering background also includes time at Cisco and Tenable.