Embracing the "Hack." A Better Strategy for Team-Defense

Wednesday, August 14, 2019 - 10:30 am11:20 am

Haroon Meer, Founder of Thinkst Applied Research

Abstract: 

This talk suggests that custom detection and response capabilities are a key component for enterprise defense. It posits that maybe, defense needs to take a step back and embrace "hackyness" to prevail.

Historically, offense has embraced "hacky solutions" while team-Defense has often shied away from them. We argue that this delta, on a fluid battlefield, gives attackers a distinct advantage and we suggest it is time for this to change.

Using the free Canarytokens service as a lens, we will step through several examples of these "hacks" and will explain how they (and the thinking behind them) can lead to safer enterprises and networks. We also hope to identify areas we believe are ripe for deeper technical dives and ongoing research efforts.

Haroon Meer, Founder of Thinkst Applied Research

Haroon Meer is the founder of Thinkst, the company behind the well regarded Thinkst Canary. Haroon has contributed to several books on information security and has published a number of papers and tools on various topics related to the field. Over the past almost two decades, he has delivered research, talks, and keynotes at conferences around the world.

BibTeX
@conference {236689,
author = {Haroon Meer},
title = {Embracing the "Hack." A Better Strategy for Team-Defense},
year = {2019},
address = {Santa Clara, CA},
publisher = {{USENIX} Association},
month = aug,
}