Conveners
Sniffing It Out: Sniffing It Out
- Cynthia Wagner (Restena)
Description
This session will focus on recent techniques to help in the fight
against new cyberthreats and attacks and to make it more accessible to the human being. With the changes of malicious activities, which try to mimic user behaviour, also its counterpart -such as the SOCs, have to adopt their techniques by putting user-centric behaviour analysis into the spotlight.
Cybera, the Canadian NREN partner for the province of Alberta, has been investigating ways to leverage our key position within our members' network paths to provide better insight and protection. One solution we have developed is an IDS as a Service, or IDSaaS, which sends mirrored traffic of participating members to an IDS for analysis. Results can then be reviewed by the member using a...
With the rise of cybersecurity attacks and the increase of impact of ransomware towards education and research entities, the requirement to increase the prevention capabilities is at an all time high. This talk is an opportunity for TNC participants interested in identifying and preventing risks in their network. To this end, we present OpenUEBA, an open source framework, for User and Entity...
The AARNet Security Operations Centre (SOC) went live in September 2021 and monitors a number of diverse university environments for potential cyber threats by categorising thousands of behaviours of interest in near real time that on their own may not be malicious but could contribute or be part of a larger attack.
The SOC utilises user entity behaviour analytics to correlate the...
