Session Title | Quantum Leap to the Top of the Pyramid of Pain
"Threat hunting has long been misunderstood where hunters are using the volatile Indicator of Compromise (IOCs) instead of the Indicator of Actions (IOAs). While the Security Operations Center (SOC) and Incident Responders (IR) do the same as reactive instead of a proactive and effective way of reducing the dwell time on a compromised network.
Either Endpoint Detection and Response (EDR) and Next Generation Anti-Virus (NG-AV) security solutions mistakenly thought that their integration with the MITRE ATT&CK framework already solved the problem. This is why there are SME organizations are still being breached.
In this vendor-neutral talk, an applied and demystified approach of reaching the top of the Pyramid of Pain using a customized YARA rule to uncover the Tactics, Techniques, and Procedures of any threat actors and even Red Teamers with both Trojan Malware and exploits as attack vectors."
"Art Rebultan has more than 17 years of experience combined as an IT and OT professional with a background in PCI-DSS audit management, Unix/Linux server lockdown, and systems administration, R&D, VAPT, DFIR/CSIRT APAC lead, and currently leading the Global Cyber Threat Intelligence (CTI) platform in an ICS/OT company.
Holding a master's degree in IT with a concentration in E-Commerce security. He has also a professional graduate diploma in Digital Forensics and Cyber Security as continuing education.
Specializing in Computer Forensics, Network Intrusion, Data Breach, Cybercrime Investigation, Malware Analysis, and Reverse Engineering. Security blogger and vlogger as past time hobby and uncovered 7 zero-day malware."