Davison Iain - Threat forecasting: leveraging big data for predictive analysis

First Edition

John Pirc

David DeSanto

Iain Davison

Will Gragido

Syngress is an imprint of Elsevier

50 Hampshire Street, 5th Floor, Cambridge, MA 02139, USA

Copyright 2016 Elsevier Inc. All rights reserved.

No part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or any information storage and retrieval system, without permission in writing from the publisher. Details on how to seek permission, further information about the Publishers permissions policies and our arrangements with organizations such as the Copyright Clearance Center and the Copyright Licensing Agency, can be found at our website: www.elsevier.com/permissions.

This book and the individual contributions contained in it are protected under copyright by the Publisher (other than as may be noted herein).

Notices

Knowledge and best practice in this field are constantly changing. As new research and experience broaden our understanding, changes in research methods, professional practices, or medical treatment may become necessary.

Practitioners and researchers must always rely on their own experience and knowledge in evaluating and using any information, methods, compounds, or experiments described herein. In using such information or methods they should be mindful of their own safety and the safety of others, including parties for whom they have a professional responsibility.

To the fullest extent of the law, neither the Publisher nor the authors, contributors, or editors, assume any liability for any injury and/or damage to persons or property as a matter of products liability, negligence or otherwise, or from any use or operation of any methods, products, instructions, or ideas contained in the material herein.

Library of Congress Cataloging-in-Publication Data

A catalog record for this book is available from the Library of Congress

British Library Cataloguing-in-Publication Data

A catalogue record for this book is available from the British Library

ISBN: 978-0-12-800006-9

For information on all Syngress publications visit our website at https://www.elsevier.com/

Publisher: Todd Green

Acquisition Editor: Chris Katsaropoulos

Editorial Project Manager: Anna Valutkevich

Production Project Manager: Punithavathy Govindaradjane

Designer: Mark Rogers

Typeset by SPi Global, India

John Pirc has more than 19 years of experience in Security R&D, worldwide security product management, marketing, testing, forensics, consulting, and critical infrastructure architecting and deployment. Additionally, John is an advisor to HP's CISO on Cyber Security and has lectured at the US Naval Post Graduate School.

John extensive expertise in the security field stems from past work experience with the US Intelligence Community, as Chief Technology Officer at CSG LTD, Product Manager at Cisco, Product Line Executive for all security products at IBM Internet Security Systems, Director at McAfee's Network Defense Business Unit, Director of Product Management at HP Enterprise Security Products, Chief Technology Officer at NSS Labs, Co-Founder and Chief Strategy Officer at Bricata, LLC and, most recently as Director of Security Solutions for Forsythe Technology.

In addition to a BBA from the University of Texas, John also holds the NSA-IAM and CEH certifications. He has been named security thought leader from SANS Institute and speaks at top tier security conferences worldwide and has been published in Time Magazine, Bloomberg, CNN and other tier 1 media outlets.

David DeSanto is a network security professional with over 15 years of security research, security testing, software development and product strategy experience. He is a strong technical leader with a firm understanding of TCP/IP, software development experience, including automation frameworks, and a deep knowledge in securing the enterprise network.

David is the Director, Products and Threat Research for Spirent Communications where he drives product strategy for all application security testing solutions. He also manages the security engineering team responsible for the research, development and validation of new security attacks (i.e., exploits, malware, DDoS attacks) as well as development of all engine components that support them. Prior to Spirent, David's career included roles at the industry's top security research and testing labs, where his expertise guided these organizations in creating industry-leading security tests and solutions for enterprises, services providers and network equipment vendors.

David holds a Master of Science in Cybersecurity from New York University School of Engineering and Bachelor of Science in Computer Science from Millersville University. He is a frequent speaker at major international conferences on topics including threat intelligence, cloud security, GNSS security issues and the impacts of SSL decryption on today's next generation security products.

Iain Davison has over 16 years of security experience, with many skills ranging from penetration testing to creating and building intrusion prevention devices. This includes knowledge of programming languages, scripting, and compiling software. In his last position, Iain performed network architecture, hardware design, software design, and implementation.

He currently lives in Clinton, MD, with his wife Laura and two kids Shaun age 6 and Emma age 1; he also has a dog and a cat. Iain enjoys creating home automation devices from raspberry pi kits along with home media and simple robotics.

Along with his experience in the cyber-security industry, Iain has also written a book with a few of colleagues on threat forecasting, it will be published in the second quarter of this year. The book discusses some techniques used to gather intelligence, the importance of all data not just the obvious. Looking at data from a different perspective, something other than the norm.

Now that he is on the Exabeam team, he may be willing to write yet another book based around UBA and all the things it can do in the enterprise.

Will Gragido possesses over 21 years of information security experience. A former United States Marine, Mr. Gragido began his career in the data communications information security and intelligence communities. After USMC, Mr. Gragido worked within several information security consultancy roles performing and leading red teaming, penetration testing, incident response, security assessments, ethical hacking, malware analysis and risk management program development. Mr. Gragido has worked with a variety of industry leading research organizations including International Network Services, Internet Security Systems/IBM Internet Security Systems X-Force, Damballa, Cassandra Security, HP DVLabs, RSA NetWitness, and now Digital Shadows. Will has deep expertise and knowledge in operations, analysis, management, professional services and consultancy, pre-sales/architecture and has a strong desire to see the industry mature, and enterprises and individuals become more secure. Will holds a CISSP and has accreditations with the National Security Agency's Information Security Assessment Methodology (IAM) and Information Security Evaluation Methodology (IEM). Mr. Gragido is a graduate of DePaul University and is currently in graduate school. An internationally sought after speaker, Will is the co-author of Cybercrime and Espionage : An Analysis of Subversive Multi - Vector Threats and Blackhatonomics : An Inside Look At The Economics of Cybercrime .