Bankit 2019_23.10.2019_А.Масалович_Личность в цифровом мире - источник угроз и объект атаки

Linux

СЕКЦИЯ: Кибербезопасность. Люди

Личность в цифровом мире — источник угроз и объект атаки
Андрей Масалович, ведущий эксперт по конкурентной разведке Академии Информационных Систем

Updated FOR578: Training for Security Personnel and Why Intelligence Matters to You

Linux

FOR578 — Cyber Threat Intelligence has now been running as a course at SANS for a little over two years. In that time a lot has evolved including the field itself being extended through the SANS FOR578 authors and students. A major update has now taken place in the course to codify next skill sets and advancements, understanding in adversary behavioral tradecraft, and new exciting labs to push security to a new level. Come learn about the updates, why FOR578 should be a class you should take, and in general why Intelligence matters to you regardless of your security role.

For more information about the FOR578 course visit or to register for the course visit: sans.org/FOR578

For more information about GCTI Certification vsit: www.giac.org/u/wY7

Speaker Bio

Robert M. Lee

Robert M. Lee is the CEO and Founder of the industrial (ICS/IIoT) cyber security company Dragos, Inc. He is also a non-resident National Cybersecurity Fellow at New America focusing on policy issues relating to the cyber security of critical infrastructure. For his research and focus areas, Robert was named one of Passcodes Influencers, awarded EnergySecs Cyber Security Professional of the Year (2015), and inducted into Forbes 30 under 30 for Enterprise Technology (2016).

A passionate educator, Robert is the course author of SANS ICS515 — «ICS Active Defense and Incident Response» with its accompanying GIAC certification GRID and the lead-author of SANS FOR578 — «Cyber Threat Intelligence» with its accompanying GIAC GCTI certification. He may be found on Twitter @RobertMLee

DFIR Summit 2016: Leveraging Cyber Threat Intelligence in an Active Cyber Defense

Linux

sans.org/dfirsummit

Two useful disciplines are cyber threat intelligence and active cyber defense. However, there is confusion around both of these areas that leads to a perception of hype and cost instead of vital tools for defenders to use. In the case of threat intelligence, many security companies have offered a range of threat intelligence products and feeds but there is confusion in the community as a whole as to how to maximize the value out threat intelligence. With active defense, there has been an attempt to brand this strategy as a hack-back or otherwise offense based practice whereas the strategy for an active defense has existed long before the word ‘cyber’ and is focused around practices such as incident response. This presentation will examine the current state of cyber threat intelligence and active cyber defense as well as provide strategies for leveraging proven cyber intelligence models within active cyber defense operations

Speakers:
Robert M. Lee (@robertmlee), Author

The Threat Intelligence EASY Button with Chris Cochran - SANS CTI Summit

Linux

If you build, manage, or provide threat intelligence services, this presentation was created with you in mind. Chris Cochran has spent over a decade building numerous threat intelligence capabilities for various organizations, including Netflix. He has designed a simple touchstone for teams of all skill levels that are looking to improve their threat operations. His four-point model is as follows: Elicit Requirements, Assess Collection Plan and Strive for Impact, and Yield to Feedback. In this presentation, Chris will discuss why these are his pillars of practice and what has gone right while building out his programs, as well as what has gone terribly wrong. Attendees will leave with a powerful model to leverage and execute impactful threat intelligence missions.

Chris Cochran @chriscochrcyber, Threat Intelligence and Operations Lead, Netflix