Overview
Explore the role and responsibilities of a security analyst in this comprehensive conference talk from BSides Tampa 2015. Delve into the evolving landscape of cybersecurity, examining high-profile attacks like Conficker and the Target breach. Understand the challenges faced by security professionals, including network noise, weak links, and the industrialization of threats. Learn about the NICE Framework and how it defines the security analyst role. Discover the key differences between security analysts and security operations managers. Investigate the limitations of perimeter security and the need for complex threat visibility. Gain insights into essential security investigation processes and the importance of well-defined security policies in today's rapidly changing digital environment.
Syllabus
Introduction
Jon Stewart
Home Depot
How do we solve that
Conficker
Common underlying attacks
Kaminsky attack
Target attack
Attack chain
Network noise
Weak link
Business problem
Industrialization
Rapid compliance
Security reports
Attack continuum
What is a security analyst
Security analyst vs security ops manager
NICE Framework
What does a security analyst do
The problem with perimeter security
Complex threat and visibility
A wellknown tool
Areas of focus
Security investigation process
Security policies