Detection engineering

Back to the list of Speakers and Sessions
Watch the stream
Q&A and discussion for the malware block, hosted and moderated by Jared Atkinson. Questions will be gathered from the audience during the four prior talks.

Discussion.


Mathieu Saulnier Sr Manager Incident Response, Syntax

Mathieu Saulnier is a Core Mentor member for Defcon's Blue Team Village. He has held numerous positions as a consultant within several of Quebec’s largest institutions. Since 2011, he has been focused on putting in place SOC and has specialized in detection (Blue Team), content creation and mentorship. He worked as a "Senior Security Architect" and acted as "Adversary Detection Team Lead" and "Threat Hunting Team Lead" for one of Canada’s largest carrier for more than a decade and he is now "Sr Manager Incident Response" at Syntax. He loves to give talk and had the honor to do so at Derbycon, Defcon’s BTV, NorthSec, BSidesLV, Grayhat, GoSec and BSidesCharm.

Igor Kozlov Data Scientist, Bell Canada

Igor Kozlov received his PhD from McGill University, Canada. He co-authored 9 research articles in 3 different fields, including computational studies of data from the LHC (biggest experiment in human history). Currently he works as a Data Scientist in Cyber Security at Bell Canada. He is always happy to share his passion for everything (data, computer, natural, applied, fundamental) science.

Jared Atkinson ,

Jared is a security researcher who specializes in Digital Forensics and Detection Engineering. Recently, he has been building and leading private sector Detection and Response programs. In his previous life, Jared led incident response missions for the U.S. Air Force Hunt Team, detecting and removing Advanced Persistent Threats on Air Force and DoD networks. Passionate about PowerShell and the open source community, Jared is the lead developer of PowerForensics, Uproot, maintains a DFIR focused blog at www.invoke-ir.com, and is the host of the Detection: Challenging Paradigms podcast.

Carlos aka Plug ,

Carlos aka Plug started his journey in computer security back in 1996 when he discovered a 2600 magazine that eventually led him to his first LA2600 meeting in 1998. From that point forward, he has been involved in computer security. In his free time he enjoys building Legos, playing with synthesizers, and when possible, he volunteers his time to computer security events. Currently he leads the Threat Hunting Program for a fortune 20 organization.