Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Discover a groundbreaking approach to detecting supply chain attacks through network traffic analysis in this Black Hat conference presentation. Learn about BEAM (Behavioral Evaluation of Application Metrics), an innovative open-source tool that identifies compromised applications by analyzing their behavioral patterns in web traffic without requiring endpoint agents or code instrumentation. Explore how this technique leverages over 40 billion HTTP/HTTPS transactions from thousands of global organizations to build application-specific baselines and detect anomalies with over 95% accuracy. Understand the methodology behind BEAM's success, including the use of LLMs to map user agents to specific applications, extraction of 65 behavioral signals, and automated baseline creation for both commercial and internal applications. Examine real-world applications through a live demonstration and gain practical insights for implementing this novel detection method in your organization's security infrastructure. Master the technical details of how BEAM enriches noisy traffic data, performs behavioral modeling, and surfaces anomalies that reveal active supply chain compromises, providing defenders with a powerful new signal against threats that traditionally bypass conventional security measures.
