Profiling the Attacker - Using Offender Profiling in SOC Environments by James Stevenson

Explore a technical offender profiling framework for building a knowledge base on malicious actors in this 19-minute conference talk from LevelUp 0x03. Delve into asset information classification, attack significance plotting, factor comparison analysis, motive discernment, attacker kill chain analysis, malicious actor profile checklists, and naming conventions. Learn how to apply these techniques in Security Operations Center (SOC) environments to better understand and defend against cyber threats. Gain insights into the importance of analyzing not just network packets, but also the attackers themselves, their motivations, and their methods.