Correlating threat data – orchestration & next generation takedowns

Friday 5 October 11:00 - 11:30, TIS room

Tobias Knecht (Abusix)



What if takedowns could take place within seconds of detection? Advances in No-SQL platform processing speed combined with cloud-driven hyperscale sensor networks have made it possible to analyse very large data sets of abuse incidents in near real time. Tobias will explain how Abusix has enabled fast correlation with smart reporting of threat observations, quickly linking abused servers with attacked networks and users. The next frontier is to orchestrate playbooks and human trust factors required for fully automated takedowns, effectively closing the time gap within which miscreants cause harm.

Tobias has managed abuse departments for some of the world’s largest hosting companies, he was a co-founder of the Global (Abuse) Reporting Project and is Co-Chair of the RIPE Anti-Abuse Working Group.

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.