Christian Taillon
Threat Response Engineer - Grand Canyon Education
Phoenix, Arizona, United States
Actions
Christian contributes to Grand Canyon Education's IT Security team as a Threat Response Engineer. His efforts focus on improving the Security team's operational tools and capabilities to efficiently detect, triage, and effectively respond to threats.
In addition to his primary role, Christian is passionate about contributing to and developing open-source tools that benefit the cybersecurity or Local AI communities. He enjoys contributing to the larger community via various Threat Intelligence Content Development efforts and open-source projects. His commitment to sharing knowledge extends to his role as a Global Watch Center Handler for ACTRA, where he leads a threat exchange and teaches for their Academy.
Christian also serves on the ISSA Phoenix Board and works as a Solutions Architect for the Cyber Resiliency Institute and contributes to SPORTS-ISAO as a member of the COTH team.
When away from the keyboard, Christian enjoys camping, kayaking, and hiking with his wife and playing with his daughter.
Links
Area of Expertise
Topics
DIY AI: Build Your Own Digital InfoSec Team with BYOLLM
Are you drowning in alert analysis, frustrated by verbose documentation, or struggling to speed up integrations? Discover how BYOLLM (Bring Your Own Large Language Model) tackles these challenges using open-source options that keep costs down and data on-prem. We'll explore self-hosted models, integrating human-in-the-loop workflows, as well as automated API-driven service consumption, showcasing AI's current capabilities while acknowledging its limitations.
Imagine a tireless team of digital assistants that understand your security environment, are equipped with role-specific knowledge, and never sleep—all built with open-source models. This session guides you through creating and deploying LLM agents for various roles on a security team. We'll cut through AI hype, focusing on practical applications that genuinely improve your team's quality of life and InfoSec capabilities.
Learn to leverage open-source GenAI in cybersecurity with options to avoid compromising privacy, control, or breaking the bank. We'll cover everything from model selection to hardware considerations, ensuring you understand the requirements for implementation. Throughout the session, we'll demonstrate live examples of these open-source tools and models in action. See how BYOLLM can build a personalized, AI-augmented InfoSec team with immediate, practical applications in the field, all powered by transparent, community-driven technologies.
Threat Hunting: Becoming the Predator and No Longer the Prey
Threat Hunting may be one of the more glamorized components of modern security operations today. Every week we read of how modern security controls are being evaded and bypassed. We know that a more proactive approach to detecting Evil is needed. Still, Threat Hunting is much more complicated than reviewing our SIEM enriched and neatly packaged alerts that our security controls have decided are worth our attention. It can often be challenging to know where to start, obtain a high ROI, and measure and communicate value or progress with Threat Hunting.
In this talk, we are going to explore how to do just that.
It is not expensive tools or highly situational graphical user interfaces that are needed. What we need is a repeatable, scalable, and measurable process that will give the effort vision and direction at the beginning and the ability to validate maturation as advance in the dicipline. While paid products can help, there are more than enough open-source resources to develop a Threat Hunting operation that can reliably detect some of the techniques used by the advanced adversaries of our day.
Can Ducks Teach Us how to Share: What hunting Qakbot and other threats teach us about CTI
Do current industry Threat Intelligence practices often leave you tired of chasing IoCs only to find previously remediated victim servers and terminated cloud instances, leaving you feeling unprepared to face the threat you've just been informed of?
What can hunting for Qakbot and other Threats Teach us about how we can improve our Cyber Threat Intelligence?
Some threats evolve so quickly that attacks on our environments precede the prerequisite intel and signatures to detect and prevent them. Our adversaries can leverage ephemeral or compromised infrastructure so effectively that by the time CTI contributors and vendors are able to aggregate, analyze, and decimate actionable intelligence, the adversaries have moved on. Botnets comprised of Internet of Things appliances, Enterprise Servers, and personal computing devices host services available for rent on eCriminal marketplaces. Networks such as these, automation, affiliate programs, and more Third-Party eCriminal services empower the adversaries we face today.
That doesn't mean Threat Intelligence Sharing is dead; however, perhaps the evolving practices of our adversary's toolset and their growing collaboration can be met with some adaptation of our own. Let's talk about how the Threat Hunting Discipline has enabled a new level in the ongoing evolution of Threat Information Sharing.
In this talk, we will examine some CTI-driven Threat Hunts for some elusive and dangerous threats while considering the lessons they have to teach us on our Threat Intelligence Sharing.
Christian Taillon
Threat Response Engineer - Grand Canyon Education
Phoenix, Arizona, United States
Links
Actions
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top