This past week I had an opportunity to present at Thotcon on setting up and doing some basic threat intelligence. The presentation covered a wide range of topics, including defining what threat intelligence is and why you need to develop it internally, setting up a cost effective threat intelligence platform, and stepping through seven easy phases to get your program started. And I had a little bit of fun with making it Star Wars themed. Thank you to the Thotcon team for having me and just running an all-around awesome con!
Deploying a Shadow Threat Intel Capability:
Understanding YOUR Adversaries without Expensive Security Tools
In the presentation that threat intel vendors do not want you to see, open source and internal data meets home grown resources to produce actionable threat intelligence that your organization can leverage to stop the bad guys. This presentation discusses and shows examples of using what your already have to bootstrap this capability using existing data management platforms with open and flexible schemas to ease identification of advanced threats. Specific topics covered include the advantages of using open and flexible platforms that can be molded into a data repository, a case tracking system, an indicator database, and more. By analyzing this data organizations can discovery trends across attacks that help them understand their adversaries.
Today’s post pic is from LookingGlassCyber.com. See ya!