TI-1044 Threat Intelligence: How to Focus Fire on the Bad Guys

Presented at Texas Cyber Summit 2019, Oct. 12, 2019, 4 p.m. (60 minutes).

As a blue teamer or threat hunter, how many times have you been told to go “find evil”? How many times have you been expected to search for every adversary tactic until you MAYBE find the bad guy? NO MORE! This talk will examine what threat intelligence is and how it can be used to better inform defenders on prioritizing which bad guys to look for first. Now when most people hear “threat intelligence” they have the same reaction as to hearing “blockchain”, “artificial intelligence”, or “synergistic management solutions”. It’s unfortunately true that threat intelligence has become a buzzword in the cyber security field. So how do we turn this buzzword into something that can be put into practice? Lucky for you, this very question will be answered here! You will see the process of discovering which specific adversaries are targeting your organization, all the way down to finding the tactics, techniques, and procedures the bad guys use to steal your data. Finally, we will close with a scenario-based story time, walking you through an example of how this threat intelligence process can be used in your organization’s regular hunt operations.

Presenters:

  • Kyle Hubert - USAF
    Kyle is a Network Analyst and Blue Team Lead for the USAF. Recently he has focused on how to improve the use of cyber threat intelligence, specifically looking to increase the effectiveness of smaller/newer threat hunter teams. Some of his other interests include IoT hacking, ICS security, and Purple Teaming. When he’s not hunting bad guys, Kyle enjoys snowboarding and hiking.

Links:

Similar Presentations: