Shadow Threat Intel Slides from Thotcon 7

Thotcon 7This past week I had an opportunity to present at Thotcon on setting up and doing some basic threat intelligence. The presentation covered a wide range of topics, including defining what threat intelligence is and why you need to develop it internally, setting up a cost effective threat intelligence platform, and stepping through seven easy phases to get your program started. And I had a little bit of fun with making it Star Wars themed. Thank you to the Thotcon team for having me and just running an all-around awesome con!

Deploying a Shadow Threat Intel Capability:
Understanding YOUR Adversaries without Expensive Security Tools

In the presentation that threat intel vendors do not want you to see, open source and internal data meets home grown resources to produce actionable threat intelligence that your organization can leverage to stop the bad guys. This presentation discusses and shows examples of using what your already have to bootstrap this capability using existing data management platforms with open and flexible schemas to ease identification of advanced threats. Specific topics covered include the advantages of using open and flexible platforms that can be molded into a data repository, a case tracking system, an indicator database, and more. By analyzing this data organizations can discovery trends across attacks that help them understand their adversaries.


Today’s post pic is from See ya!

2 comments for “Shadow Threat Intel Slides from Thotcon 7

  1. May 9, 2016 at 10:05 pm

    Shadow Threat Intel Slides from Thotcon 7

  2. May 10, 2016 at 9:40 am

    In case you missed it, my slides on deploying a shadow threat intel capability from my #thotcon talk.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.