Presented by Matt DeMatteo
Data science is already transforming many aspects of our business and personal lives, but many in the cyber security do not know how it will change the industry. In this brief talk, I explain how data science is being used to bridge the gap between the threat intelligence typically leveraged by security platforms and the threat intelligence that human experts use. I quickly explore what makes data science-based detection logic different from Boolean-based detection logic, why practitioners will move away from the SIEM event funnel, and how frameworks like MITRE ATT&CK are critical to creating efficiencies for people and machines.
Matt DeMatteo is a Sr. Principal Engineer focused on Secureworks’ Security Products and Services. Matt joined Secureworks in 2007 as a Security Analyst in the Providence, RI SOC. Matt has been working directly with customers for the past ten years as a Presales Engineer, Principal Engineer, Account Manager, and Global Solution Lead for MSS and MDR. His goal is to help customers protect their organizations by aligning threat actor risk with modern SecOps practices. Matt works with Secureworks’ global sales force, product development teams, and partners to promote best practices in solution design. Matt has a passion for understanding customers’ business needs and unique risks. Matt holds a BS in Computer Science from the University of Rhode Island, where he also was the Director of the Digital Forensics Lab.