This interactive presentation opens with a review of some common problems with detecting security incidents – false positives, false negatives, too much information, too little information, incorrect information, and so on.

We’ll consider these issues in the larger context of some important concepts – ““the map is not the territory,”” (Alfred Korzybski) and the limitations of what Danny Kahneman refers to as System 1 and System 2 thinking.

Lastly we’ll look at some things that have been done to make detection engineering easier and consider what else can be done.

Details:

Date: Friday - May 16
Time: 11:00
Length: 45 minutes
Location: DH Holmes

Speakers:

Dave Hull

Dave Hull has been working in information security for more than 15 years, primarily in blue team roles. Hull has taught …