Threat Intelligence: Building a program that turns data into action
Starts: May 18th, 2021 10:45AM ET
Ends: May 19th, 2021 4:00PM ET
Earn up to 6.5 CPE credits by attending this virtual conference.
Shifting your security focus to the risks that matter most requires intelligence. But even organizations with access to threat intelligence can find themselves challenged when it comes to leveraging that data effectively and consistently.
Join SC Media for a two-day eSummit from May 18-19 focused on building a threat intelligence program that fits your organization’s needs. This strategic learning opportunity is designed to help both organizations that are considering standing up a threat intelligence practice as well as those that may have struggled with implementation. Experienced threat intel professionals will dive deep on topics that include:
- How threat intelligence programs can shift a security team from a reactive to a predictive stance
- Why efficiency immediately increases for security teams once programs are implemented
- How organizations find strength in numbers through collaborative threat programs
Positioning your organization to foresee potential threats can have a profound impact on risk reduction. Join us to discover how to turn threat data into action. Register now.
11:00 AM ET – Keynote: Rising above the noise: How a year of hard lessons redefines demands
Dave DeWalt, Managing Director, NightDragon
12:00 PM ET – Webcast: Threat intelligence: The essential ingredient in your XDR strategy
Thomas Graves, Senior Solutions Engineer, Anomali
XDR is a promising security architecture providing a foundation for organizations to move closer to managing their security infrastructure as an integrated, unified platform and preventing, detecting, and responding to threats more effectively across the enterprise. But to be successful, an essential ingredient in any XDR implementation is high-fidelity threat intelligence that connects to structured workflows in order to avoid contributing to even more alert fatigue and a team response that is un-prioritized and unfocused. Come learn about how relevant threat intelligence powers the analytics, detection, investigation, and response layers of XDR.
2:40 PM ET – Webcast: One phish, two phish: Detecting ransomware attacks pre-encryption
Lindsay Kaye, Director of Operational Outcomes, Insikt Group, Recorded Future
Join this session to hear about:
- Best practices and methodologies that organizations can use to detect threats
- Specific examples of actual compromises by ransomware operators
- Guidance on how to identify opportunities for detecting malicious behavior during the post-compromise, pre-encryption phase
1:20 PM ET: Webcast: Intelligence is good. Requirements-driven intelligence is better
Maurits Lucas, Director of Intelligence Solutions, Intel 471
Many security practitioners will have heard of “Requirements driven intelligence” – the approach of establishing Intelligence Requirements as the blueprint of your CTI program. But how do you operationalize such an approach? In this presentation we introduce a publicly available methodology we developed at Intel 471 called “CU-GIRs” that allows you to establish Intelligence Requirements by looking at stakeholders and use cases, group and prioritize those intelligence requirements, and build collection plans corresponding to the requirements.
2:40 PM ET – Webcast: Continuous security validation: Exercise your environment more than the adversary
Jose Barajas, Technical Director, NA Sales Engineering, AttackIQ
With Incident Response as the new normal, ensuring that our systems and processes support that effort and threat hunting are working as expected. We will discuss why and how to establish a Continuous Security Validation (CSV) program within your organization. Specifically, how such a program evolves beyond Breach and Attack Simulation (BAS) and provides teams a continuous feedback loop to understand their posture and identify gaps as they arise.
3:20 PM ET – Webcast: Obfuscation in threat hunting: Why should the threat actors know who the good guys are?
Gordon Lawson, Chief Executive Officer, NetAbstraction
In this session, learn how NetAbstraction effectively hides your enterprise’s network by transparently distributing search and sandbox functions to prevent any correlation back to your company.
4:00 PM ET – Webcast: How pin-pointed threat intelligence will help you proactively prevent your next security breach
Yochai Corem, Chief Executive Officer, Cyberint
During this Yochai Corem, CEO at Cyberint, will demonstrate with examples why pin-pointed Threat Intelligence will help you proactively prevent your next security breach.
11:00 AM ET – Keynote: Case Study: Creating a New Threat-Sharing Community
Douglas Levin, K12 Security Information Exchange (K12 SIX) and President of EdTech Strategies and the K-12 Cybersecurity Resource Center
Organizations that operate in the same business sector have much in common, including the cyber threats they typically face, and the challenges of defending against them. And so it is imperative that these organizations have a platform through which they can openly share threat intelligence with each other. This was the thinking behind K12 SIX, a recently formed information sharing & Analysis Center that was specifically created for school districts. In this keynote presentation, Douglas Levin, national director of K12 SIX and president of EdTech Strategies and the K-12 Cybersecurity Resource Center, will detail the challenges and value proposition of creating a threat-sharing community within your industry and initiatives that your own threat-sharing group should consider launching.
12:00 PM ET – Webcast: Autonomous cyber AI: Redefining enterprise security
Justin Fier, Director of Cyber Intelligence & Analytics, Darktrace
In this new era of cyber-threat, characterized by both slow and stealthy attacks and rapid, automated campaigns, static and siloed security tools are failing. Organizations need to urgently rethink their strategy – to ensure their people and critical data are protected, wherever they are. Powered by autonomous cyber AI, today’s self-learning defenses are capable of identifying and neutralizing security incidents in seconds – not hours. In this session, learn how self-learning AI:
- Detects, investigates and responds to threats – even while you are OOTO
- Protects your entire workforce and digital environment – wherever they are, whatever the data
- Defends against zero-days and other advanced attacks – without disrupting the organization
12:40 PM ET – Webcast: Actionable threat intelligence
Greg Iddon, Threat Response Strategist, Sophos
Signal prioritization, lifting important signals out from the noise, is essential for mature security operations centers. But access to high quality intelligence that helps you derive verdicts and enables you to take action is rare. OSINT feeds are often stale or out of date, URLs for once valid C2s now produce false positives. And even with quality intelligence feeds, how can we turn that intelligence into action? In this session you will learn:
- Practical threat intelligence use cases you can implement on your own
- How our threat hunters utilize Sophos threat intelligence services to improve investigations
- Suggestions on how to add threat intelligence into your security operations process
- Threat intelligence features to look for when choosing an intelligence service partner
2:00 PM ET – Webcast: How to put your threat intelligence data to work
Valeriy Leykin, Director, Product Management, SafeBreach
Having access to threat intelligence is important, but even more important is having a strategy that puts that threat intelligence data to work for you, and the visibility to prioritize the risks that matter most to the business. Join SafeBreach for a discussion around Threat Intelligence best practices, tips for how to ensure the data is feeding into your daily efforts, and how the ability to combine threat intelligence, vulnerability management, and the right attack scenarios can be a force multiplier for your collaborative efforts across the business.
(Agenda subject to change)