X Gen for Advanced Detection of Web Threats

Indicators of compromise (IOCs) are an incredibly important forensic artifacts which, as the name suggests, are used in incident response and threat research to discover if a system has been compromised. They come in various forms, for example, unusual outbound network traffic, an MD5 file in a temporary directory, or even log-in irregularities. One class of IOCs so far resistant to detection by traditional methods relates to the use of external content in web-based attacks.

At Black Hat Europe earlier today, Trend Micro senior security researcher Marco Balduzzi, explained how a new machine learning approach can reap fantastic results for early detection of such threats.
blog.trendmicro.co.uk/black-hat-europe-how-machine…