Diamond Model for Intrusion Analysis: What You Need to Know

Presented at BSidesDC 2014, Oct. 19, 2014, 12:30 p.m. (50 minutes).

Any good Threat Intelligence analyst’s overarching goal is to provide actionable intelligence to aid in the defense of the network and larger business processes of the organization. To do this, the analyst needs to correlate data from several sources both internal and external, make associations between disparate events, recommend or take courses of action from their analysis, and likely write reports for management describing the nature and intent of the threats they are dealing with.

The Diamond Model for Intrusion Analysis lays a foundation for analysts to begin to address these challenges by applying scientific rigor to what has long been considered an art. It accurately details the fundamental aspects of all malicious activity as well as the core analytic concepts used to discover, develop, track, group, and ultimately counter both the activity and the adversary.

Learn how to implement the Diamond Model into your organization's threat intelligence processes and workflow to be able to better understand and defend against the most sophisticated threats.


Presenters:

  • Andy Pendergast - Product Director at Cyber Squared Inc.
    Andy is a community respected analyst, innovator, and thought leader. He has over 15 years of experience working in the Intelligence and Computer Network Defense Communities from within the U.S. DoD and Fortune 500 companies. He brings his passion for intelligence-led defense to his role as Product Director for ThreatConnect™. He is a co-author of "The Diamond Model of Intrusion Analysis". Andy is a veteran of the U.S. Army, holds a Diploma in Chinese Mandarin and a Bachelor of Science from Excelsior University.

Links:

Similar Presentations: