CypherCon 2022

Wait, there can’t be only one?

Michael Kavka

Abstract:

We all have our favorite vendors and have those vendors we love to hate. Many places like trying to homogenize on a specific vendor or technology. What happens if you put all your eggs in one security vendor basket? Is it worth doing that? Does not knowing how a vendor’s Machine Learning makes decisions hurt or help us? Let us travel down a real-world scenario as to why using multiple vendors and multiple threat feeds could be advantageous. Wait, is that Defense in Depth? Maybe it is, but not in a way you normally think of.

Michael Kavka

CISSP, GCIH

Michael “Shecky” Kavka has been in the professional world of IT for over 25 years and focused specifically on Information Security – Blue Team Disciplines for the past 6 and has earned the CISSP and GCIH certifications. He started programing computers as a child in the early 80’s and by 1986 found a love of cyber security which his High School Computer Administrator (of the PDP 11+ system they had) encouraged, having him and a friend do a 6-week teaching of security after finishing the AP Computer exam his senior year. Besides currently working as a Senior Security Engineer and SOC analyst for a privately owned trading company, Shecky has spoken at B-Sides Chicago, Cyphercon, CircleCityCon, and PancakesCon. He is a volunteer for Hak4Kidz, working with the next generation of cyber security practitioners and is an organizer of Chicago’s Burbsec and Chicago Loop Infosec meetups. Outside of the world if information security you will find him with his family and enjoying his hobbies of photography and model trains. You can find him on Twitter @SiliconShecky and his blog at www.siliconshecky.com.