Dange Lin (Tien-Chih Lin) is a cyber security researcher at CyCraft. He earned his master’s degree in Computer and Communication Engineering from National Cheng Kung University (NCKU). Currently, he focuses on threat intelligence, machine learning, incident response, and APT research. He has been the speaker in various training for students and presented technical presentations in technical conferences, such as Taiwan Incident Response Conference and European Conference on Cyber Warfare and Security.
Cybersecurity in the 2020s and beyond needs to be more proactive. Through real-world financial fraud case studies, I will demonstrate not only the benefits of automated threat hunting but also why it is crucial in operating an effective, modern, proactive defense that is capable of detecting and eradicating the cyber threats of the mid-twenty-first century.
Automated threat hunting creates more efficient SOCs by accelerating the investigation process—a necessity when defending enterprises with hundreds or thousands of devices and network connections. SOC analysts no longer need to spend excessive amounts of time investigating each and every connection or interaction with an unknown domain.
Reducing risk and increasing cyber resilience is becoming more and more difficult in the twenty-first century; automated proactive threat hunting provides enterprises today with the capability to successfully fight the cyber threats of tomorrow—and win.
Cyber attacks today are an inevitable threat modern organizations must face. How an organization detects, labels, responds, and remediates existing decifiencies in their cyber defense while also effectively utilizing their limited resources has become a necessary skill for infosec management teams for all organizations. One method that has helped alleviate this issue for infosec management teams has been the Cyber Defense Matrix (CDM), a well-known security model from recent years, and combining it with the use of various infosec frameworks.
Our course will focus on the concept of CDM, how to successfully supplement it via other infosec frameworks, and the analysis of cyber attack methods in terms of defense. Participants will learn how to think like and defend themselves from threat actors by learning how to properly analyze an attack, succesfully construct an attack storyline, understand each step of the attack from the attacker’s perspective, and, finally, how to properly defende themselves at each phase of the attack.
At the end of the course, participants will experience the latest in infosec edutech—an interactive CDM game. Through the game, participants will gain a deeper understanding of CDM concepts, common offensive and defensive techniques, how to successfully build an effective modern defense against today’s threats. This course will help participants evolve into valuable and effective information security personnel and prepare them for the inevitable frontline experience against a modern threat.