Tracking the Adversary’s Learning Curve

Edd Black

Edd Black

Speaker Bio

Edd Black has been involved in institutional defense for over a decade. He has defended institutions from small startup to global enterprise, across nearly every vertical. His current foci include incident response, threat intelligence, threat hunting, and forensics. He can be found online on twitter (@Infosec_Samurai) or blogging (


Attackers are commonly broken into two camps: low skilled opportunists (script kiddies) and the APT – Advanced Persistent Threats (funded organized crime, nation states). In between lurks a skilled persistent threat, capable of doing more damage than either. Their skills have developed past script kiddies while lacking the resources of the APT. Their ability to fly under the radar makes them a significant threat. These adversaries require human responders to identify, track, and oppose. Understand the constraints of the persistent threat, and you can learn to counter them.