Imago Techmedia Ltd is registered in England and Wales under Company No. 04865455. VAT No. GB 843 8456 01
Registered Office: Bedford House, Fulham Green, 69-79 Fulham High Street, London, SW6 3JW, United Kingdom
Business Address: Imago Techmedia, 2C Bedford House, Fulham Green, 69-79 Fulham High Street, London, SW6 3JW, United Kingdom
Imago Techmedia is a subsidiary of Clarion Events Limited
Job Title: Director of Sales Engineering, EMEA
Richard Cassidy is the Director of Sales Engineering in EMEA at Exabeam. Richard has worked in the Cloud Infrastructure, Cloud Security, Could Services, MDM, Core Networking, Security and Virtualization technology markets for over 17 years, dealing with customers across every vertical from small office to multi-national corporates, manufacturers, government, military, finance and retail organisations. Before Exabeam, Richard worked for some of the most exciting technology vendors and market-makers such as Netscreen (Bought by Juniper: JNPR), Fortinet (FTNT), Virtual Computer (Bought by Citrix: CTXS), Forescout Technologies and Alert Logic.
Richard Cassidy Seminars
Seeing but not observing – the clear distinction between IoCs and TTPs Thu 4th Oct 13:00 - 13:30
Seeing but not observing – the clear distinction between IoCs and TTPs
Organisations need new strategies for detecting advanced attacks. While discovering Indicators of Compromise (IoCs) is necessary, more focus is needed on Tools, Techniques and Procedures (TTPs) as attackers turn to sophisticated automation, constantly evolving their methods to avoid detection.
In this session, Exabeam’s Director of Sales Engineering, Richard Cassidy, will explain why IOC’s have become a red herring in security investigation and response, as traditional SIEM technologies struggle to make sense of where critical risks lay.
By breaking down the broad anatomy of an attack – by dissecting a well know APT groups TTP’s – Richard will demonstrate how to uncover and identify the most sophisticated attack patterns targeting organisations today. He will discuss why the traditional SIEM and IoC correlation approaches are adding to the alert and incident investigation fatigue that many organisations are battling today, and why analytics – in tandem with SIEM – provides a much needed new perspective on threat, compliance and risk activity management.
Richard Cassidy More
Time / Place
Thu 4th Oct 13:00 to 13:30
SIEM & Security Analytics