A Year in the Wild - Fighting Malware at the Corporate Level
Security BSides San Francisco via YouTube
Overview
Explore a comprehensive overview of Yelp's approach to combating malware and phishing threats in a corporate environment. Delve into the tools, processes, and strategies implemented to detect, analyze, and resolve security incidents efficiently. Learn about Yelp's automated incident response system, forensic collection methods, and the integration of open-source and proprietary technologies. Discover how the company leverages tools like AIR, OSXCollector, ElastAlert, and osquery to create a balanced ecosystem for rapid threat detection and response. Gain insights into the entire security workflow, from initial threat detection to final resolution, including employee education and email analysis. Understand how automation and orchestration help eliminate manual repetition and improve overall incident response effectiveness in a large corporate setting.
Syllabus
Intro
About Yelp
Model Response Process
Detection
Automated Incident Response
Square
Analysis
Collecting forensics
Reporting malware
Employee education
Email analysis
Remediation
Recap
Improving the response
Taught by
Security BSides San Francisco