SensePost is SecureData’s independent elite consulting arm, renowned for its expertise, 19 year track record and innovation on the frontlines of cybersecurity.

With team members that include some of the world’s most preeminent cybersecurity experts, SensePost has helped governments and blue-chip companies both review and protect their information security and stay ahead of evolving threats.

SensePost is also a prolific publisher of leading research articles and tools on cybersecurity which are widely recognised and used throughout the industry and feature regularly at industry conferences including BlackHat and DefCon.

Data transforming your sewage into signatures - lessons learnt from building a hybrid honeypot named Amber

BruCon, Belgium

What happens when you collect a bunch of good data, under good pretences only to realise that the findings that you were expecting are completely wrong? Before you quit infosec and retreat to a farm, allow me to tell you about how I data transformed my data sewage into useful signatures. This talk will lay some ground work as to how honeypots relate to traditional security controls and how they differ, especially with regards to what they 'cost' to run. Then we will look at how a very cheap honeypot can be built, and how value can be derived from its simplistic output. Finally, I will look at how you can find further value in large data sets (the data set here was collected by the honeypot but the concepts can be applied to anything else) by looking past the obvious and factorising, or transforming the data. Did I mention that there will be drinking involved?