B3 Building a Requirements Meta-Model (Interactive Session) presented at ThreatIntelligence 2016

by Rafal wh1t3rabbit Los, Danny Pickens,

Summary : The core of any program is a strong set of validated requirements. You must identify stakeholders across both business and IT functions then provide a simple set of questions to ascertain requirements. Once requirements are obtained they must be distilled down into prioritized tiers using an adaptive meta-modeling technique. The requirements phase will be the foundation for your threat intelligence program, so you literally can’t afford to omit this crucial exercise. This talk will provide you with an overview of this process, then demonstrate the technique using two different modeling tools. Attendees are encouraged to bring a laptop, tablet, or physical pen and paper to try this technique using your own mock data.