Abstract: There is a lot of talk about the use of AI in Cybersecurity these days. Lots of cybersecurity vendors claim that their products use AI for detecting and stopping threats, but very little information is available on how they do it.
Talking specifically about Incident Response and Threat Hunting... What does it take to transform traditional Threat Hunters/Forensicators into AI-Enhanced ones so they can unleash the power of AI in their day to day investigations?
Discover in this talk by Senior DFIR SANS Instructor Jess Garcia how to transparently use AI in Incident Response and Threat Hunting with the help of the DS4N6 toolset (DAISY VM & CHRYSALIS) and learn about the most useful ML algorithms for this purpose.
Bio: Jess Garcia is the Founder of the global Cybersecurity/DFIR firm One eSecurity and a Senior Instructor with the SANS Institute.
During his 25 years in the field, Jess has led a myriad of complex multinational investigations for Fortune 500 companies and global organizations. As a SANS Instructor, Jess stands as one of the most prolific and veteran ones, having taught 10+ different highly technical Cybersecurity/DFIR courses in hundreds of conferences world-wide over the last 19 years.
Jess is also an active Cybersecurity/DFIR Researcher. With the mission of bringing Data Science/AI to the DFIR field, Jess launched in 2020 the DS4N6 initiative (www.ds4n6.io), under which he is leading the development of multiple open source tools, standards and analysis platforms for DS/AI+DFIR interoperability.