Shadow Threat Intel Slides from CarolinaCon 12

CarolinaConJust a quick post to get the slides out from the presentation I gave this morning at CarolinaCon 12. Thanks to the CarolinaCon team for having me!



Deploying a Shadow Threat Intel Capability:
Understanding YOUR Adversaries without Expensive Security

In the presentation that threat intel vendors do not want you to see, open source and internal data meets home grown resources to produce actionable threat intelligence that your organization can leverage to stop the bad guys. This presentation discusses and shows examples of using what your already have to bootstrap this capability using existing data management platforms with open and flexible schemas to ease identification of advanced threats. Specific topics covered include the advantages of using open and flexible platforms that can be molded into a data repository, a case tracking system, an indicator database, and more. By analyzing this data organizations can discovery trends across attacks that help them understand their adversaries. An example nosql schema will be release to help attendees create their own implementations.


Today’s post pic is from See ya!

1 comment for “Shadow Threat Intel Slides from CarolinaCon 12

  1. March 6, 2016 at 1:24 pm

    BLOGGED: Shadow Threat Intel Slides from CarolinaCon 12

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.