Summary Of The Talk By Josh Goldfarb Of Fireeye Security Breach

509 Words3 Pages

TELECOM SEMINAR

The talk by Josh Goldfarb of FireEye was an eye-opener. As a budding security specialist, the insight I gained into current security mechanisms and the possible way to move forward with a narrative-driven approach was invaluable.
The increase in the number of high-profile security breaches in recent months has made security the focus of the networking industry. The rapid advancements in networking technology have resulted in the internet being now considered a necessity, and organizations all over the world in all sectors, from healthcare to military, and from business to education, use the network for their activities. Data is now primarily stored in digital form, and it is imperative to protect this data from being accessed …show more content…

Given that the industry spends close to 30 billion dollars on network security, the field of security operations should be more advanced.
Josh discussed the importance of forensics in the world of security, and how analysis of a breach can lead to designing better security systems. Josh also equated the entire process of intrusion detection and response to that of a crime scene, which made it easier to understand the intricacies involved in security operations. Throughout the talk, Josh used analogies to describe security terms in terms of real-world concepts, which helped in better understanding the security operations.
Alert-driven models fail due to lack of context around an alert and a high number of false positives. Narrative driven models focus on narratives rather than alerts. A narrative is a set of alerts with a specific context. Given the context, it is easier to identify alerts that are red flags to the network. A narrative driven approach relies on technology, intelligence and expertise. The combination of these elements will make it faster and easier to detect intrusions and respond to