At Black Hat, every new data source is a trade-off.
More telemetry means better visibility – but also more data for threat hunters to sift through.
From SMA to SAA: Same Need, Different Problem
Recently, Splunk Attack Analyzer (SAA) superseded Secure Malware Analytics (SMA) as the official malware threat analysis platform at Black Hat.
With SMA, we had a simple and effective pattern:
- Submissions...
