TruSTAR’s Data Science team is headed to Security BSides SF 2019!
As we prepare our research presentation, here’s some more info about our abstract and our speakers. Make sure to check out the BSides SF website for more event updates coming soon.
Abstract: Understanding Attack Tactics
Over the last decade, the security community has made significant progress collecting and aggregating cyber intelligence that describes threat actors, campaigns, TTPs, and IOCs leveraged by adversaries.
Tracking this intelligence and operationalizing it across various tools, teams, and analytical systems is difficult because it is generally unstructured. Knowledge bases like MITRE’s ATT&CK are excellent examples of how useful intelligence can be once its organized… But getting to that end-state is a huge manual challenge for security analysts today.
In this research presentation, TruSTAR’s data science team will showcase recent advances in Natural Language Processing (NLP) that can help security analysts organize and enrich intelligence while adding structure to make it actionable. We’ll demonstrate how to use Word2Vec, a shallow neural network which understands meanings and relationships between words, and can therefore be used to organize the information these documents provide. This exercise trains a Word2Vec model on open source intelligence reports coming from EU-CERT and US-CERT and clusters them into ‘tactical categories’, that can be mapped to the MITRE ATT&CK framework.
About Our Speakers
Zainab Danish has been working as a Data Scientist at TruSTAR since July 2018. Since joining the team, she has been instrumental in establishing the product’s new data infrastructure used to optimize security investigation workflows. In addition to infrastructure project, Zainab also builds Machine Learning models to augment core services in the security platform and loves bringing the latest and greatest technologies to her work at TruSTAR. Prior to this, Zainab received her Masters in Data Science from University of San Francisco. Aside from Data Science, her other main love in life is tea and all its accompaniments.
Nicolas Kseib is the Lead Data Scientist at TruSTAR, an intelligence platform built to manage and enrich every stage of the investigative workflow. He leads the company's data science initiatives and roadmap. He is always thinking of ways to leverage analytics and machine learning to design features improving the operational efficiency of security teams. Before joining TruSTAR, Nicolas received his M.S. and Ph.D. in Mechanical Engineering from Stanford University specializing in Flow Physics and Computational Engineering.