Name: Detection Engineering 101 for OT/ICS Environment
Start: 2025-04-10T16:00:00-0300
End: 2025-04-10T16:45:00-0300

Thursday April 10, 2025 4:00pm - 4:45pm ADT

202

In the complex world of OT/ICS environments, traditional approaches to threat hunting often fall short when handling vast datasets and detecting sophisticated threats. This talk introduces practical Jupyter Notebooks designed for large-scale threat hunting, with a focus on graph-based visualizations to uncover anomalies. Using APT Volt Typhoon’s tactics, techniques, and procedures (TTPs) as a case study, attendees will explore scalable methods for anomaly detection and detection engineering. The session emphasizes actionable strategies to build alerts for OT protocols like DNP3, BACnet, and Modbus, arming SOC teams to proactively safeguard critical infrastructure.

Speakers

Kai Iyer

Security Engineer II, Amazon

Security Engineer at Amazon's Enterprise Protection Program and a GIAC Certified Security Professional with expertise in web application development, devsecops, applied machine learning, threat hunting, purple teaming, and incident response. Passionate about leveraging advanced technologies... Read More →

Thursday April 10, 2025 4:00pm - 4:45pm ADT
202

Track 6

ATLSECCON 2025

Kai Iyer

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!