Security BSides London, the UK’s biggest community-driven infosec conference is happy to announce its 8th iteration open to all regardless of background, skill level, income or job-title.  
  • Doors to the main event open at 8.30am with talks starting at 9am on 6 June 2018
  • Workshops will be held on 5 June 2018 starting at 10am; Pre-registration is required
Please remember that Security BSides London has a strict code of conduct available here.
Back To Schedule
Wednesday, June 6 • 15:30 - 16:00
Profiling the attacker - using offender profiling in SOC environments

Log in to save this to your schedule, view media, leave feedback and see who's attending!

It’s been said ‘‘Intrusion analysis is as much about tcpdump as astronomy is about telescopes". Understanding who is attacking your or a customer's network and why is just as important as analysing the packets on it.

This slot will focus on a technical offender profiling framework that can be used to build a knowledge base on malicious actors. This talk will delve into the following areas:
  • Building an information classification for your assets
  • Attack significance plotting
  • Attack factor comparison analysis
  • Discerning motive
  • Attacker kill chain analysis
  • Malicious actor profile checklist
  • Naming conventions for malicious actors

avatar for James Stevenson

James Stevenson

I've been working as a Software Engineer at BT Security for the past year, and before that I was an intern in a SOC at a Texan company called Alert Logic (Based in Cardiff, not as fancy, but no need for air-con).I’m a strong believer that the best way to deal with security is in... Read More →

Wednesday June 6, 2018 15:30 - 16:00 BST
Track 2 ILEC Conference Centre 47 Lillie Road London SW6 1UD