Presented at
Texas Cyber Summit 2019,
Oct. 11, 2019, 5:15 p.m.
(60 minutes).
**Talk Details:
**In this talk I'll discuss how DHS is leveraging classified threat intelligence to monitor, track, and hunt foreign intelligence activity in US Based Critical Infrastructure. We'll also discuss how you can use the same techniques to label threat intelligence and begin to perform predictive analytics based on aggregated threat intelligence and historical metrics.
**We'll cover:**
* Organizing threat intelligence into meaningful and useful data
* Ingesting historical metrics into structured databases to provide calculable metrics
* Processing databases through supervised learning data science algorithms to uncover patterns
* Analyze uncovered patterns to develop cautionary predictions around industry based attack patterns
* How to pair observed threat activity with MITRE ATT&CK TTPs to research potential attribution
This presentation is born out of the DHS ECS (Enhanced Cybersecurity Services) program that is designed to quickly bring actionable classified threat intelligence to all US Based Critical Infrastructure.
Details about the DHS ECS program can be found [here](https://www.dhs.gov/cisa/enhanced-cybersecurity-services-ecs).
Presenters:
-
David Evenden
- CenturyLink
David Evenden is an experienced offensive security operator & analyst with over a decade of experience working in the Intelligence Community where he learned Persian Farsi, worked at NSA Red Team and was a member of an elite international team operating in conjunction with coalition forces to aid in the ongoing efforts in the Middle East. He currently works with an ISP and DHS to aid in the efforts to enhance the bidirectional sharing relationship between the US Government and Commercial entities, as well as track foreign intelligence activity in US Based Critical Infrastructure.
Links:
Similar Presentations: