Inspired by Insecure

September 5, 2016 at 12:57 pm

Talent Lab and Indicators of Compromise

The data obtained by Honeypot sensors requires manual analysis and interpretation, and in most cases cannot be used in automated tools to identify the threat in other segments of the network. It is necessary to create and demonstrate a set of data that can be used as indicators of compromise (IoC) and which is received in an automated mode. The use of this data by other automated tools should not lead to false positives.

Honeypot systems are currently used not only by researchers trying to find new types of threats but also by organizations to protect their corporate networks. However, the data received from Honeypot sensors needs to be analyzed manually and then interpreted by an analyst, a process that seriously complicates the practical use of Honeypots in an enterprise’s security infrastructure. Moreover, in order to identify a threat detected by a Honeypot in other segments of the corporate network, incident investigation procedures are required. As part of this project, you will be asked to solve the practical problem of processing the data collected by Honeypot sensors as indicators of compromise in order to check the other sections of the corporate network outside the Honeypot.

More information on Talent Lab official website: https://academy.kaspersky.com/talentlab/automated-system-for-generating-indicators-of-compromise-iocs-based-on-honeypot-raw-data/

0 likes Blog # , , ,
Share: / / /

Leave a Reply

Your email address will not be published. Required fields are marked *

Author
Denis Makrushin
[email protected]
Be aware of the first

Материалы, опубликованные в этом блоге, отражают исключительно точку зрения автора и могут не совпадать с мнением и позицией его текущего работодателя.