APT Episode 1: Rise of the Bots
Speakers: Duc Ha, Senior Security Solutions Engineer, ArcSight; Rishi Divate, Senior Security Solutions Engineer, ArcSight
Learn to develop creative ArcSight ESM content to detect and track bot activities. Specifically, we will look at constructing ArcSight ESM resources based on different bot communication methods, using real-life examples such as Kraken, Conficker and Zotob. Finally, we will examine how to leverage advanced tools such as pattern discovery to detect bot patterns and ArcSight TRM to provide automated response action in case of an incident.