Rating is available when the video has been rented.
This feature is not available right now. Please try again later.
Published on Apr 3, 2017
For more information on ACoD and it's mission of building a conference for defense ("Art Into Science"): http://artintoscience.com/ Talk abstract: Because breach is inevitable, the importance of being able to investigate security compromises has never been more important. Unfortunately, we have a shortage of qualified analysts, and the knowledge possessed by experts is usually tacit and hard to teach. In this presentation, I’ll describe how I built a tool-agnostic investigation simulation tool with the purpose of studying how novice and skilled analysts investigate all types of threats. By introducing the analysts to specifically designed scenarios using real data I was able to manipulate variables to determine which things truly affected the speed and accuracy of the investigation. I'll also discuss what these experiments tell us about unique strategies for teaching and learning the art of performing security investigations using principles of cognitive psychology.