Stream 2:

The credential craze: How to protect yourself from bots

Nick Baglin

Recent news of large, aggregated credential collections has made it easier than ever for cybercriminals to get their hands on billions of unique usernames and passwords – at low or no cost. Credential stuffing relies on automation, with basic tools making it simple to use the login data to try and find a combination match across many different sites. They are looking to break into your website and apps to steal money, takeover loyalty points, expose IP and corrupt data.

So with automated traffic now representing more than half of all internet traffic, how do you identify a bot from a human, and what can you do to stop the malicious ones from launching an account takeover attack? This presentation will reveal the rising sophistication of bots, the true extent of the problem and why it’s everybody’s problem. And importantly, the approaches to mitigating the threat, when a new way is needed to outsmart the most sophisticated of bots.

5 of the most significant challenges in threat hunting and how to address them

Daniel Shepherd

Threat hunting is generally described as a discipline that involves iteratively looking for threats that have bypassed existing security infrastructures. In practice, threat hunting is currently being done by a variety of types of people, using a variety of different tools and techniques.

There are various challenges associated with threat hunting; among them the issue of finding the needle in the haystack and doing so quickly, without compromising on quality and correctness, especially (though not solely) in a large-scale and distributed environment.

The penalty for being too slow and/ or incorrect and/ or missing the needle altogether is severe. In this talk, Daniel will share lessons learnt and what we consider to be best practices, based on the 5 of the most significant challenges that people face when doing threat hunting work.

Understand User Intent to Stop Data Exfiltration

Simon Sharp

Half of data breaches have a substantial insider threat component, according to a 2018 McKinsey report.  Interestingly, negligent and accidental incidents are far more common that malicious insider threats.  However, malicious incidents are the most costly threat faced by organisations. Because of these differences in types of threats and outcomes, security teams must be able to accurately decode the intent behind the user actions.


In this talk you will learn how to:

·       Better protect your organisation by differentiating between types of insider threats

·       Detect and respond appropriately to both accidental and intentional insider threats

·       Reduce your risk of data exfiltration while building a stronger workplace culture around security