SANS Cyber Threat Intelligence Solutions Track 2021
Event submitted on Tuesday, November 24th 2020, approved by Charles Villanueva ✓
This event has been tagged as follows:
Conference Event Summary
The following description was either submitted by the Conference Organizer on Tuesday, November 24th 2020, or created by us.
The collection, classification, and exploitation of knowledge about adversaries – collectively known as cyber threat intelligence (CTI) – gives security practitioners information superiority that is used to reduce an adversary’s likelihood of success. Responders and defenders leverage accurate, timely, and detailed threat intelligence to monitor new and evolving attacks and subsequently adapt their security posture.
Cyber threat intelligence represents a force multiplier for organizations looking to update their response and detection programs to deal with increasingly sophisticated advanced persistent threats. Malware is an adversary’s tool but the real threat is the human one, and cyber threat intelligence focuses on countering those flexible and persistent human threats with empowered and trained human defenders. During a targeted attack, an organization needs a top-notch and cutting-edge threat hunting or incident response team armed with the threat intelligence necessary to understand how adversaries operate and to counter the threat.
Knowledge about the adversary is core to all security teams. The red team needs to understand adversaries’ methods in order to emulate their tradecraft. The Security Operations Center needs to know how to prioritize intrusions and quickly deal with those that need immediate attention. The incident response team needs actionable information on how to quickly scope and respond to targeted intrusions. The vulnerability management group needs to understand which vulnerabilities matter most for prioritization and the risk that each one presents. The threat hunting team needs to understand adversary behaviors to search out new threats.
This forum will explore various CTI topics through invited speakers while showcasing current capabilities available today. Presentations will focus on case-studies and thought leadership using specific examples relevant to the industry as we know it today.