NorthSec 2021

Mathieu Saulnier

Mathieu Saulnier is a Core Mentor member for Defcon's Blue Team Village. He has held numerous positions as a consultant within several of Quebec’s largest institutions. Since 2011, he has been focused on putting in place SOC and has specialized in detection (Blue Team), content creation and mentorship. He worked as a "Senior Security Architect" and acted as "Adversary Detection Team Lead" and "Threat Hunting Team Lead" for one of Canada’s largest carrier for more than a decade and he is now "Sr Manager Incident Response" at Syntax. He loves to give talk and had the honor to do so at Derbycon, Defcon’s BTV, NorthSec, BSidesLV, Grayhat, GoSec and BSidesCharm.

The speaker's profile picture

GitHub account (full URL)

https://github.com/Scoubi/

LinkedIn profile (full URL)

https://www.linkedin.com/in/mathieusaulnier/

Twitter account (full URL)

https://twitter.com/ScoubiMtl

What is your company/affiliation(s)?

Syntax

What is your title?

Sr Manager Incident Response


Sessions

05-20
18:35
30min
Full Circle Detection: From Hunting to Actionable Detection
Mathieu Saulnier

How do you create new efficient, accurate, resilient detection rules? There is a lot of steps to follow. This talk will take you to what I call Full Circle Detection. Starting with where to get hunting ideas to giving a turnkey alerts for your Security Analysts using a real world step by step example.

Incident response
Main stream
05-20
19:10
30min
Detection engineering
Mathieu Saulnier, Igor Kozlov, Jared Atkinson, Carlos aka Plug

Q&A and discussion for the malware block, hosted and moderated by Jared Atkinson. Questions will be gathered from the audience during the four prior talks.

Incident response
Main stream