Explore an in-depth analysis of Strelka, an open-source file analysis tool developed by Target, in this 25-minute conference talk from the SANS DFIR Summit 2024. Learn how to tackle the challenge of file analysis at scale for cybersecurity teams, addressing issues like alert fatigue and missed threats. Discover Strelka's capabilities in characterizing hundreds of millions of files daily, providing scalable detection potential across enterprises. Gain insights into strategies for effectively leveraging Strelka's scanning capabilities to enhance file analysis workflows and threat detection abilities. Examine practical use cases demonstrating Strelka's integration into modern security stacks, positioning it as a critical component in responding to emerging cyber threats. Presented by Paul Hutelmyer, Principal Engineer at Target Corporation, this talk offers valuable knowledge for cybersecurity professionals seeking to improve their file detection and analysis processes.
Overview
Syllabus
Cutting Through the Chaos: File Detection and Analysis Using Strelka
Taught by
SANS Digital Forensics and Incident Response