FIRSTCyberThreatIntelligenceSymposium 2019 March 18, 2019 to March 20, 2019, London, United Kingdom

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
5 years of applied CTI discipline: where should organisations put focus on? Andreas Sfakianakis Since the publication of Mandiant’s APT1 report in 2013, cyber threat intelligence discipline has been ...
Bootstrapping a Threat Intelligence Operation Jon Røgeberg In this presentation, Jon will share experiences from himself and his team, from jumpstarting and ...
Building, Running, and Maintaining a CTI Program Michael Miller Learn the nuts and bolts from the Target CTI program managers. Ryan and Michael have ...
TIBER: connecting threat intelligence and red teaming Marc Hegt TIBER (Threat Intelligence Based Ethical Red Teaming) is a framework that aims to deliver attack ...
5 years in adversary emulation James Chappell This talk explores what went well, the opportunities for improvement and how that market has ...
Adventures in Blunderland Allison Wikoff In this session join Allison Wikoff and Matt Webster, both Senior Threat Researchers from Secureworks’ ...
All Your Heatmap Are Belong To Us - Building an Adversary Behavior Sighting Ecosystem Richard Struse N/A
Logistical Budget Eireann Leverett Can we quantitatively compare eagles to bears or snakes to pandas? Is the infrastructure a ...
The Hitchhiker's Guide to Threat Research Bryan Lee DarkHydrus. OilRig. MagicHound. Ever wonder how Unit 42 or other research teams regularly produce threat ...
Cloudy with low confidence of Threat Intelligence: How to use and create Threat Intelligence in an Office365 Environment Dave Kovar Is your organization using cloud email or considering migrating to the cloud? Chances are the ...
Drawing the line: cyber mercenary or cyber threat intelligence provider? Stewart Bertram As the context of CTI changes, and security services become politicised by implication, so the ...
Going from Guilt to Guild: Confessions of a TI Provider Diederik Perk This talk explores the repercussions of public documentation of cyber threat research revealing operational details ...
A Lightweight Markup Language for Graph-Structured Threat Sharing Mayo Yamasaki Sharing of structured threat intelligence is essential to address increasing and complicating cyberattacks. However, 60% ...
Turning intelligence into action with MITRE ATT&CK™ Adam Nickels Many of you have embraced the concept of a threat-informed defense but are still struggling ...
ATT&CK™ Is The Best Form Of…Reconnaissance: Using MITRE PRE-ATT&CK™ To Enrich Your Threat Model Richard Gold Building effective and appropriate threat models for your organization isn’t easy. At its most basic ...
Metrics and ATT&CK. Or how I failed to measure everything. Francesco Bigarella Measuring the value of threat intelligence output isn't easy: How do we identify our intelligence ...
Quality Over Quantity: Determining Your CTI Detection Efficacy David J. Bianco You’ve collected a lot of IOCs, but is your Cyber Threat Intelligence (CTI) process serving ...
How to get promoted: Developing metrics to show how threat intel works Toni Chauvin Many teams across the maturity spectrum struggle to show the return on investment for threat ...
EVALUATE OR DIE TRYING - A Methodology for Qualitative Evaluation of Cyber Threat Intelligence Feeds Jörg Polzunov The talk will conclude with a PoC demonstrating feed assessment in an automated way.Attendees will ...
Insights and Challenges to Automated Collaborative Courses of Action Allan Jordan Today, cyber defenders typically have to manually identify and process prevention, mitigation, and remediation steps ...
A Place for Analysis of Competing Hypothesis (ACH) in CTI: Applications and Evolution of ACH in CTI Caitlin Huey Within the intelligence community, analyst tradecraft is referred to as a method or a portfolio ...
Your Requirements are not my Requirements Pasquale Stirparo One would expect setting up the requirements to be the first task completed before investing ...
Semi-intelligence: trying to understand threats on a country level Paweł Pawliński When it comes to the effective use of intelligence, national CSIRTs have unique challenges. Leaving ...
Statistical Techniques to detect Covert Channels Employing DNS Dhia Mathew DNS tunneling has been rising in prominence over the last few years as a means ...
Code Reuse Analysis: Transforming a Disadvantage into a Game-Changing Advantage Shaul Holtzman Genetic Malware Analysis leverages binary code reuse in order to automate malware analysis and accelerate ...
File-Centric Analysis through the Use of Recursive Scanning Frameworks David Zawdie Defenders encounter a myriad of ways in which threat actors operate to deliver, exploit and ...
Building STINGAR to enable large scale data sharing in near real-time Jesse Bowling Duke University has embarked on a multi-year mission to help lower the difficulty on automated ...