Hi [[ session.user.profile.firstName ]]

Recorded Future

  • Date
  • Rating
  • Views
  • SOC Fundamentals for Your Threat Intelligence Program SOC Fundamentals for Your Threat Intelligence Program Chris Crowley, Course Author at SANS, and Glenn Wong, Director of Technology Partnerships Recorded: Sep 20 2016 62 mins
    During this premium webinar you'll learn the fundamentals for adding threat intelligence to your security operations center (SOC).

    Whether you're just getting started with threat intelligence, or you want to brush up on the basics, this webinar will serve as your guide to setting up and integrating a successful threat intelligence strategy for your SOC.

    Join SANS instructor Chris Crowley and Recorded Future's Glenn Wong for an overview on:

    * Interaction from SOC functions to other parts of the business
    * People and skillsets to make the SOC effective
    * Processes to have a repeatable and effective operation
    * How to quickly dismiss non-critical incidents with threat intelligence
    * How to detect important incidents that are otherwise missed
    * How to gain threat awareness beyond your network

    Content is based on the new SANS MGT517 course entitled "Managing Security Operations: Detection, Response, and Intelligence."
  • Lab Test Reveals 10x Productivity Gain From Real-Time Threat Intelligence Lab Test Reveals 10x Productivity Gain From Real-Time Threat Intelligence Chris Pace of Recorded Future, Robert Perdue of Codis Technologies Recorded: Sep 16 2016 29 mins
    To quantify the value that SOC (security operations center) analysts gain from integrating real-time threat intelligence into their SIEM (security information and event management) solution, Recorded Future commissioned Codis Technologies to conduct a lab test.

    The independent lab test revealed:

    * Applying real-time threat intelligence powered by machine learning cuts analyst time to triage a security event from a firewall log from three minutes to 1.2 seconds on average (in a controlled environment), resulting in a 10x gain in productivity.

    * SOCs are unable to effectively examine some logs, such as firewall logs, as it is too much data with insufficient context to identify relevant threats hidden within them.

    * Real-time threat intelligence can be automatically applied to potential indicators of compromise in logs by enriching them with external context and quantifying risk.

    Codis Technologies is an information security consulting firm specializing in incident detection, incident recognition, and process automation.
  • Europe: The Cyber Threat at Your Doorstep: Location-Specific Threat Intelligence Europe: The Cyber Threat at Your Doorstep: Location-Specific Threat Intelligence Lincoln Kaffenberger, Cyber Security Professional Recorded: Sep 15 2016 39 mins
    Join us for the second viewing of this webinar — scheduled at a time convenient for our followers in Europe.

    Where your company is located affects its cyber health and physical security. Even though the internet has no borders, the closer an adversary is to your physical location the more harm they can inflict.

    To fully know the level of cyber risk, organizations must understand the location-specific threat actors. These actors can be a host nation government that is monitoring your communications or APT style groups, cyber criminal groups, or hacktivists. An accurate cyber risk measurement by location improves management decision making, increases security awareness, reduces risk, and can increase operational effectiveness.

    In this webinar Lincoln Kaffenberger, cyber security professional at an international financial services institution will examine:

    • The related geographical cyber risks that people and organizations experience as they move from location to location.
    • A framework for understanding, assessing, and measuring location-specific cyber risk.
    • How threats and risks posed by them can be measured through an empirical model, standardized across all locations.
    • How to quickly assess cyber threats related to a location using real-time threat intelligence from the open, deep, and dark web.
  • The Cyber Threat at Your Doorstep: Location-Specific Threat Intelligence The Cyber Threat at Your Doorstep: Location-Specific Threat Intelligence Lincoln Kaffenberger, Cyber Security Professional Recorded: Sep 8 2016 37 mins
    Where your company is located affects its cyber health and physical security. Even though the internet has no borders, the closer an adversary is to your physical location the more harm they can inflict.

    To fully know the level of cyber risk, organizations must understand the location-specific threat actors. These actors can be a host nation government that is monitoring your communications or APT style groups, cyber criminal groups, or hacktivists. An accurate cyber risk measurement by location improves management decision making, increases security awareness, reduces risk, and can increase operational effectiveness.

    In this webinar Lincoln Kaffenberger, cyber security professional at an international financial services institution will examine:

    • The related geographical cyber risks that people and organizations experience as they move from location to location.
    • A framework for understanding, assessing, and measuring location-specific cyber risk.
    • How threats and risks posed by them can be measured through an empirical model, standardized across all locations.
    • How to quickly assess cyber threats related to a location using real-time threat intelligence from the open, deep, and dark web.
  • Using Threat Intelligence to Stop Cyber Attacks Using Threat Intelligence to Stop Cyber Attacks Levin Gundert, Vice President of Intelligence and Strategy, Recorded Future Recorded: Sep 1 2016 66 mins
    How can enterprises use threat intelligence data to detect and stop attackers more quickly and efficiently? How can security teams identify the relevant threat information and use it to develop a swift defense? What specific threat information is needed, and how can enterprises use it to stop a particular attacker or exploit?

    In this informative webinar you'll hear security experts discuss practical ways to use threat intelligence from the web to identify the methods used by online attackers and to ferret out sophisticated attacks that wouldn’t be recognized by traditional information security defenses.

    Listen now and you'll also:

    * Learn how to integrate threat intelligence into your current practices for enterprise data defense and incident response.
    * Gain specific advice on how you can use real-time threat intelligence to fight new attacks targeted at your enterprise.
  • How TIAA Uses Threat Intelligence to Enhance Security How TIAA Uses Threat Intelligence to Enhance Security Michael Kirk and Joseph Walbert, Senior Information Security Analysts, TIAA Recorded: Aug 9 2016 42 mins
    TIAA is the leading provider of financial services in the academic, research, medical, cultural, and government fields, with $854 billion in assets under management.

    In this webinar Joe Walbert and Mike Kirk, both senior information security analysts at TIAA, will explain how the company applies real-time threat intelligence to:

    • Monitor for sensitive information disclosures, such as credentials or sensitive personal information, to ensure quick action can be taken to lower risk.
    • Improve prioritization of vulnerability management with external intelligence on emerging vulnerabilities and exploits.
    • Enhance SOC effectiveness by integrating its SIEM with threat intelligence analyzed from the entire web.
    • Deliver targeted daily threat briefs to its internal stakeholders on relevant trending news on threats to increase user awareness.

    -----

    Michael Kirk and Joseph Walbert are senior information security analysts on TIAA's Cyber Security Applied Intelligence team specializing in security automation, vulnerability and threat intelligence, and incident response.

    Prior to joining TIAA, Mike worked as a digital forensics and intrusion analyst for defense contractors supporting both public and private sector clients — while Joe was an information operations (IO) professional in the United States Marine Corps focusing on IO systems research and development.
  • The Rise of Threat Actor Groups: What You Need to Know The Rise of Threat Actor Groups: What You Need to Know Christopher Ahlberg, CEO of Recorded Future, and Teresa Shea, Director of Cyber Reboot at In-Q-Tel Recorded: Jul 19 2016 62 mins
    As we’ve seen targeted threats increase in recent years, we’ve also witnessed the rise of the threat actor group. Not a lone hacker, but a team of individuals with a specific mission to compromise technology. Whether these groups are focused on compromising and leaking information, stealing financial data, or hacktivists driven to disrupt service or deface websites, what they have in common is the willingness to pursue and attack very specific targets often using unique or brand new TTPs.

    In this “virtual fireside chat,” Recorded Future Chief Executive Officer Christopher Ahlberg will be joined by Teresa Shea, director of cyber reboot at In-Q-Tel, to discuss how the actions of threat actor groups bear direct relevance to any organization's cyber security strategy.

    Their discussion will focus on the following questions:

    • Should companies research threat actors? Or just harden their defenses?
    • What types of threat actors should companies be aware of?
    • Is cyber terrorism a real threat?
    • Does attribution of actors matter for businesses rather than just government agencies?
    • How will the landscape change over the next five to ten years, and which countries are on the rise?
  • Cryptocurrencies: A Catalyst Driving Cyber Crime Cryptocurrencies: A Catalyst Driving Cyber Crime Christian Karam, Security Researcher and Director of Cyber Threat Intelligence, UBS AG Recorded: Jul 7 2016 59 mins
    Cyber crime has risen exponentially across the world in the past four years, causing insurmountable damage in its wake. One of the many reasons cyber crime models have been successful is the adoption of payment models that facilitate anonymization of criminal activities. Cryptocurrencies have given aspiring criminals enough confidence to expand their activities and large campaigns while expecting higher profits.

    In this webinar, Christian Karam, security researcher and director of cyber threat intelligence at UBS AG, will share:

    • Business models, tactical changes, and techniques that cyber criminals have employed recently to refine their activities.
    • Solutions that are effective in tracking, tracing, and narrowing down measures and controls for attribution.
    • How threat intelligence of the dark web and criminal forums provides threat insights.
  • Revealing Ransomware Secrets With All-Source Analysis Revealing Ransomware Secrets With All-Source Analysis Zach Flom, Threat Intelligence Analyst, Recorded Future Recorded: Jun 16 2016 34 mins
    Zach Flom, former U.S. Department of Defense computer network defense analyst, demonstrates all-source analysis of ransomware. This breakthrough is enabled by combining threat intelligence from the entire web with specialized content from malware analysis, incident response investigations, finished intel reports, as well as domain, DNS, and phishing — in a single analytic view.

    You'll learn:

    • How to find new ransomware variants with all-source analysis of indicators.
    • Commonalities among ransomware including delivery mechanisms, infection vector, and persistence techniques.
    • Mitigation steps, including those revealed on the web.

    Register now and see firsthand how to stay ahead of cyber attacks with threat intelligence.
  • How St. Jude Medical Uses Threat Intelligence in Its SOC How St. Jude Medical Uses Threat Intelligence in Its SOC Russ Staiger, Lead Analyst, Cyber Threat Action Center, St. Jude Medical Recorded: Jun 7 2016 54 mins
    St. Jude Medical is a leading global medical device manufacturer and is dedicated to transforming the treatment of some of the world’s most expensive epidemic diseases.

    In this webinar, Russ Staiger, lead analyst of the Cyber Threat Action Center (CTAC) at St. Jude Medical, will explain how the company combines real-time threat intelligence from Recorded Future with its Splunk SIEM to more effectively fulfill CTAC’s mission to identify, protect against, respond to, and enhance resiliency against cyber security threats.

    Register now to learn:

    • How St. Jude Medical uses threat intelligence to monitor for emerging threats against the healthcare industry.
    • How St. Jude Medical makes informed verdicts on events in its SIEM using context gained from Recorded Future threat intelligence.
    • How Recorded Future helps St. Jude Medical detect more complex events and potential incidents that could have possibly been missed without enrichment.
    • How the team fosters secure collaboration between the SOC, other security teams, and the business.

    Featured Speaker Bio:

    Russ Staiger is the Cyber Threat Action Center lead for information security teams concerned with investigation of APT (advanced persistent threats), malware remediation, and SIEM-based security strategies. Russ’s expertise also includes defensive systems data analysis, operational metrics (ITSM), in-line IDS-IPS implementation and action planning, security training and education, incident response, and team operations SLA enforcement.

Embed in website or blog