Hi [[ session.user.profile.firstName ]]

The Cyber Threat at Your Doorstep: Location-Specific Threat Intelligence

Where your company is located affects its cyber health and physical security. Even though the internet has no borders, the closer an adversary is to your physical location the more harm they can inflict.

To fully know the level of cyber risk, organizations must understand the location-specific threat actors. These actors can be a host nation government that is monitoring your communications or APT style groups, cyber criminal groups, or hacktivists. An accurate cyber risk measurement by location improves management decision making, increases security awareness, reduces risk, and can increase operational effectiveness.

In this webinar Lincoln Kaffenberger, cyber security professional at an international financial services institution will examine:

• The related geographical cyber risks that people and organizations experience as they move from location to location.
• A framework for understanding, assessing, and measuring location-specific cyber risk.
• How threats and risks posed by them can be measured through an empirical model, standardized across all locations.
• How to quickly assess cyber threats related to a location using real-time threat intelligence from the open, deep, and dark web.
Recorded Sep 8 2016 37 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Lincoln Kaffenberger, Cyber Security Professional
Presentation preview: The Cyber Threat at Your Doorstep: Location-Specific Threat Intelligence

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Threat Intelligence: Not a Wild Goose Chase Dec 6 2016 7:00 pm UTC 60 mins
    Rob Gresham, Senior Consultant, Intel Security
    Hashes, IPs, domains, oh my, what am I to do with all this data? Analyze it. For threat intelligence to provide the proper context, you need to understand your audience and the requirements for intelligence consumption. Open source intelligence provides a capability for collecting intelligence data, but without analysis and requirements, collection efforts could produce a wild goose chase and provide little value.

    In this webinar, Rob Gresham, Senior Consultant with Intel Security, will cut to the chase to answer relevant questions such as:

    • Do I have data in the dark web and is it being sold?
    • What are my greatest risks and are they exploitable?
    • Has that exploit been used?

    Rob will discuss the contextual threat intelligence process, and share tips and tools that will help you make threat intelligence actionable beyond just the bits and bytes.
  • Prioritizing Cyber Threats With Real-Time Threat Intelligence Recorded: Nov 17 2016 63 mins
    Greg Reith, Threat Intelligence Analyst, T-Mobile
    Creating a threat intelligence strategy is essential for a company to identify and prioritize threats effectively. Curating the necessary relevant data for this strategy, however, can be incredibly time consuming and resource intensive.

    In this webinar, Greg Reith, Threat Intelligence Analyst at T-Mobile, will discuss how to use real-time threat intelligence from Recorded Future to create a forward-looking strategy, including:

    • Identifying and analyzing hard-to-find threat data from the entire web including content in multiple languages.
    • Gaining relevant intelligence effectively from large volumes of threat data with smart automation, alerts, and queries.
    • Discovering trends and patterns that are useful in developing a forward-looking shift in strategy from multiple perspectives.

    Find out how you can reduce the time to collect the necessary information for building an effective threat intelligence strategy by over 400 percent.
  • Using Cyber Threat Intelligence Effectively Recorded: Nov 1 2016 66 mins
    Christopher Burgess, CEO of Prevendra
    Today’s cyber security professionals have evolved well beyond simply reacting to data breaches.

    Certainly every bit akin to James Bond's 007 agent in the battle against corporate cyber attacks, state-sponsored assaults on corporate data or targeted, criminal data breaches, executive leaders like you must now be prepared to not only mitigate attacks but have some data prior in order to better fend off these onslaughts.

    As such, threat intelligence is no less essential in defending against today’s cyber attack than political intelligence is needed in the world of global affairs of state. This webinar looks at the changing landscape in threat intelligence and how to create actionable defenses from the multiple data streams available today.
  • Exploiting Threat Intelligence Using Recorded Future and Splunk Recorded: Oct 12 2016 29 mins
    Vijay Chauhan, Global Strategic Alliances, Splunk; Glenn Wong, Director of Technology Partnerships, Recorded Future
    Anticipate and prioritize unknown threats better in Splunk with richer IOC context from the entire web enabled by real-time threat intelligence from Recorded Future. We will be joined by Vijay Chauhan, Director, Global Strategic Alliances – Security Markets for Splunk ES, who will provide an overview of the Adaptive Response Initiative.

    Watch this webinar and learn how to:

    • Enrich data in Splunk with emerging threat indicators, actors, and new vulnerabilities from Recorded Future.
    • Automatically correlate suspicious network observables with OSINT context from Recorded Future.
    • Enhance the effectiveness of your security operations center (SOC) by actively prioritizing unknown threats.

    Recorded Future combined with Splunk's Adaptive Response Framework empowers analysts to proactively identify, prioritize, and mitigate emerging threats.
  • SOC Fundamentals for Your Threat Intelligence Program Recorded: Sep 20 2016 62 mins
    Chris Crowley, Course Author at SANS, and Glenn Wong, Director of Technology Partnerships
    During this premium webinar you'll learn the fundamentals for adding threat intelligence to your security operations center (SOC).

    Whether you're just getting started with threat intelligence, or you want to brush up on the basics, this webinar will serve as your guide to setting up and integrating a successful threat intelligence strategy for your SOC.

    Join SANS instructor Chris Crowley and Recorded Future's Glenn Wong for an overview on:

    * Interaction from SOC functions to other parts of the business
    * People and skillsets to make the SOC effective
    * Processes to have a repeatable and effective operation
    * How to quickly dismiss non-critical incidents with threat intelligence
    * How to detect important incidents that are otherwise missed
    * How to gain threat awareness beyond your network

    Content is based on the new SANS MGT517 course entitled "Managing Security Operations: Detection, Response, and Intelligence."
  • Lab Test Reveals 10x Productivity Gain From Real-Time Threat Intelligence Recorded: Sep 16 2016 29 mins
    Chris Pace of Recorded Future, Robert Perdue of Codis Technologies
    To quantify the value that SOC (security operations center) analysts gain from integrating real-time threat intelligence into their SIEM (security information and event management) solution, Recorded Future commissioned Codis Technologies to conduct a lab test.

    The independent lab test revealed:

    * Applying real-time threat intelligence powered by machine learning cuts analyst time to triage a security event from a firewall log from three minutes to 1.2 seconds on average (in a controlled environment), resulting in a 10x gain in productivity.

    * SOCs are unable to effectively examine some logs, such as firewall logs, as it is too much data with insufficient context to identify relevant threats hidden within them.

    * Real-time threat intelligence can be automatically applied to potential indicators of compromise in logs by enriching them with external context and quantifying risk.

    Codis Technologies is an information security consulting firm specializing in incident detection, incident recognition, and process automation.
  • Europe: The Cyber Threat at Your Doorstep: Location-Specific Threat Intelligence Recorded: Sep 15 2016 39 mins
    Lincoln Kaffenberger, Cyber Security Professional
    Join us for the second viewing of this webinar — scheduled at a time convenient for our followers in Europe.

    Where your company is located affects its cyber health and physical security. Even though the internet has no borders, the closer an adversary is to your physical location the more harm they can inflict.

    To fully know the level of cyber risk, organizations must understand the location-specific threat actors. These actors can be a host nation government that is monitoring your communications or APT style groups, cyber criminal groups, or hacktivists. An accurate cyber risk measurement by location improves management decision making, increases security awareness, reduces risk, and can increase operational effectiveness.

    In this webinar Lincoln Kaffenberger, cyber security professional at an international financial services institution will examine:

    • The related geographical cyber risks that people and organizations experience as they move from location to location.
    • A framework for understanding, assessing, and measuring location-specific cyber risk.
    • How threats and risks posed by them can be measured through an empirical model, standardized across all locations.
    • How to quickly assess cyber threats related to a location using real-time threat intelligence from the open, deep, and dark web.
  • The Cyber Threat at Your Doorstep: Location-Specific Threat Intelligence Recorded: Sep 8 2016 37 mins
    Lincoln Kaffenberger, Cyber Security Professional
    Where your company is located affects its cyber health and physical security. Even though the internet has no borders, the closer an adversary is to your physical location the more harm they can inflict.

    To fully know the level of cyber risk, organizations must understand the location-specific threat actors. These actors can be a host nation government that is monitoring your communications or APT style groups, cyber criminal groups, or hacktivists. An accurate cyber risk measurement by location improves management decision making, increases security awareness, reduces risk, and can increase operational effectiveness.

    In this webinar Lincoln Kaffenberger, cyber security professional at an international financial services institution will examine:

    • The related geographical cyber risks that people and organizations experience as they move from location to location.
    • A framework for understanding, assessing, and measuring location-specific cyber risk.
    • How threats and risks posed by them can be measured through an empirical model, standardized across all locations.
    • How to quickly assess cyber threats related to a location using real-time threat intelligence from the open, deep, and dark web.
  • Using Threat Intelligence to Stop Cyber Attacks Recorded: Sep 1 2016 66 mins
    Levin Gundert, Vice President of Intelligence and Strategy, Recorded Future
    How can enterprises use threat intelligence data to detect and stop attackers more quickly and efficiently? How can security teams identify the relevant threat information and use it to develop a swift defense? What specific threat information is needed, and how can enterprises use it to stop a particular attacker or exploit?

    In this informative webinar you'll hear security experts discuss practical ways to use threat intelligence from the web to identify the methods used by online attackers and to ferret out sophisticated attacks that wouldn’t be recognized by traditional information security defenses.

    Listen now and you'll also:

    * Learn how to integrate threat intelligence into your current practices for enterprise data defense and incident response.
    * Gain specific advice on how you can use real-time threat intelligence to fight new attacks targeted at your enterprise.
  • How TIAA Uses Threat Intelligence to Enhance Security Recorded: Aug 9 2016 42 mins
    Michael Kirk and Joseph Walbert, Senior Information Security Analysts, TIAA
    TIAA is the leading provider of financial services in the academic, research, medical, cultural, and government fields, with $854 billion in assets under management.

    In this webinar Joe Walbert and Mike Kirk, both senior information security analysts at TIAA, will explain how the company applies real-time threat intelligence to:

    • Monitor for sensitive information disclosures, such as credentials or sensitive personal information, to ensure quick action can be taken to lower risk.
    • Improve prioritization of vulnerability management with external intelligence on emerging vulnerabilities and exploits.
    • Enhance SOC effectiveness by integrating its SIEM with threat intelligence analyzed from the entire web.
    • Deliver targeted daily threat briefs to its internal stakeholders on relevant trending news on threats to increase user awareness.

    -----

    Michael Kirk and Joseph Walbert are senior information security analysts on TIAA's Cyber Security Applied Intelligence team specializing in security automation, vulnerability and threat intelligence, and incident response.

    Prior to joining TIAA, Mike worked as a digital forensics and intrusion analyst for defense contractors supporting both public and private sector clients — while Joe was an information operations (IO) professional in the United States Marine Corps focusing on IO systems research and development.
  • The Rise of Threat Actor Groups: What You Need to Know Recorded: Jul 19 2016 62 mins
    Christopher Ahlberg, CEO of Recorded Future, and Teresa Shea, Director of Cyber Reboot at In-Q-Tel
    As we’ve seen targeted threats increase in recent years, we’ve also witnessed the rise of the threat actor group. Not a lone hacker, but a team of individuals with a specific mission to compromise technology. Whether these groups are focused on compromising and leaking information, stealing financial data, or hacktivists driven to disrupt service or deface websites, what they have in common is the willingness to pursue and attack very specific targets often using unique or brand new TTPs.

    In this “virtual fireside chat,” Recorded Future Chief Executive Officer Christopher Ahlberg will be joined by Teresa Shea, director of cyber reboot at In-Q-Tel, to discuss how the actions of threat actor groups bear direct relevance to any organization's cyber security strategy.

    Their discussion will focus on the following questions:

    • Should companies research threat actors? Or just harden their defenses?
    • What types of threat actors should companies be aware of?
    • Is cyber terrorism a real threat?
    • Does attribution of actors matter for businesses rather than just government agencies?
    • How will the landscape change over the next five to ten years, and which countries are on the rise?
  • Cryptocurrencies: A Catalyst Driving Cyber Crime Recorded: Jul 7 2016 59 mins
    Christian Karam, Security Researcher and Director of Cyber Threat Intelligence, UBS AG
    Cyber crime has risen exponentially across the world in the past four years, causing insurmountable damage in its wake. One of the many reasons cyber crime models have been successful is the adoption of payment models that facilitate anonymization of criminal activities. Cryptocurrencies have given aspiring criminals enough confidence to expand their activities and large campaigns while expecting higher profits.

    In this webinar, Christian Karam, security researcher and director of cyber threat intelligence at UBS AG, will share:

    • Business models, tactical changes, and techniques that cyber criminals have employed recently to refine their activities.
    • Solutions that are effective in tracking, tracing, and narrowing down measures and controls for attribution.
    • How threat intelligence of the dark web and criminal forums provides threat insights.
  • Revealing Ransomware Secrets With All-Source Analysis Recorded: Jun 16 2016 34 mins
    Zach Flom, Threat Intelligence Analyst, Recorded Future
    Zach Flom, former U.S. Department of Defense computer network defense analyst, demonstrates all-source analysis of ransomware. This breakthrough is enabled by combining threat intelligence from the entire web with specialized content from malware analysis, incident response investigations, finished intel reports, as well as domain, DNS, and phishing — in a single analytic view.

    You'll learn:

    • How to find new ransomware variants with all-source analysis of indicators.
    • Commonalities among ransomware including delivery mechanisms, infection vector, and persistence techniques.
    • Mitigation steps, including those revealed on the web.

    Register now and see firsthand how to stay ahead of cyber attacks with threat intelligence.
  • How St. Jude Medical Uses Threat Intelligence in Its SOC Recorded: Jun 7 2016 54 mins
    Russ Staiger, Lead Analyst, Cyber Threat Action Center, St. Jude Medical
    St. Jude Medical is a leading global medical device manufacturer and is dedicated to transforming the treatment of some of the world’s most expensive epidemic diseases.

    In this webinar, Russ Staiger, lead analyst of the Cyber Threat Action Center (CTAC) at St. Jude Medical, will explain how the company combines real-time threat intelligence from Recorded Future with its Splunk SIEM to more effectively fulfill CTAC’s mission to identify, protect against, respond to, and enhance resiliency against cyber security threats.

    Register now to learn:

    • How St. Jude Medical uses threat intelligence to monitor for emerging threats against the healthcare industry.
    • How St. Jude Medical makes informed verdicts on events in its SIEM using context gained from Recorded Future threat intelligence.
    • How Recorded Future helps St. Jude Medical detect more complex events and potential incidents that could have possibly been missed without enrichment.
    • How the team fosters secure collaboration between the SOC, other security teams, and the business.

    Featured Speaker Bio:

    Russ Staiger is the Cyber Threat Action Center lead for information security teams concerned with investigation of APT (advanced persistent threats), malware remediation, and SIEM-based security strategies. Russ’s expertise also includes defensive systems data analysis, operational metrics (ITSM), in-line IDS-IPS implementation and action planning, security training and education, incident response, and team operations SLA enforcement.
  • Europe: How St. Jude Medical Uses Threat Intelligence in Its SOC Recorded: Jun 7 2016 51 mins
    Russ Staiger, Lead Analyst, Cyber Threat Action Center, St. Jude Medical
    St. Jude Medical is a leading global medical device manufacturer and is dedicated to transforming the treatment of some of the world’s most expensive epidemic diseases.

    In this webinar, Russ Staiger, lead analyst of the Cyber Threat Action Center (CTAC) at St. Jude Medical, will explain how the company combines real-time threat intelligence from Recorded Future with its Splunk SIEM to more effectively fulfill CTAC’s mission to identify, protect against, respond to, and enhance resiliency against cyber security threats.

    Register now to learn:

    • How St. Jude Medical uses threat intelligence to monitor for emerging threats against the healthcare industry.
    • How St. Jude Medical makes informed verdicts on events in its SIEM using context gained from Recorded Future threat intelligence.
    • How Recorded Future helps St. Jude Medical detect more complex events and potential incidents that could have possibly been missed without enrichment.
    • How the team fosters secure collaboration between the SOC, other security teams, and the business.

    Featured Speaker Bio:

    Russ Staiger is the Cyber Threat Action Center lead for information security teams concerned with investigation of APT (advanced persistent threats), malware remediation, and SIEM-based security strategies. Russ’s expertise also includes defensive systems data analysis, operational metrics (ITSM), in-line IDS-IPS implementation and action planning, security training and education, incident response, and team operations SLA enforcement.
  • Choosing the Right Threat Intelligence Tools Recorded: May 10 2016 61 mins
    Robert M. Lee, Chief Executive Officer of Dragos Security and Course Author for SANS FOR578
    In this webinar Robert M. Lee, Chief Executive Officer of Dragos Security and course author for SANS FOR578, a well-known threat intelligence class, will share a sample threat intelligence process that analysts can use — and show how this method can help inform purchase decisions.

    Are you interested in understanding how to move beyond threat feeds and how to appropriately incorporate professional tools into your workflow? If so, join this webinar and hear from one of the industry's leading experts.

    ---

    Robert M. Lee is the Chief Executive Officer and Founder of Dragos Security, a critical infrastructure cybersecurity company, and course author for SANS FOR578 “Cyber Threat Intelligence." He's also a non-resident National Cyber Security Fellow at New America and a PhD candidate at Kings College London, focusing on cyber security policies for critical infrastructure.

    Robert was named to the 2016 class of Forbes "30 Under 30" for Enterprise Technology. While serving as a Cyber Warfare Operations Officer in the U.S. Air Force, Robert obtained his start in cybersecurity.
  • Key Findings From the 2016 Global Threat Intelligence Report Recorded: Apr 21 2016 47 mins
    Rob Kraus, Director of Security Research and Strategy, Solutionary
    When it comes to protecting your organization against cyber threats, information is key. But with so much to comb through in today’s data-driven environment, how can you determine what’s actually useful? This is where threat intelligence comes in.

    In this webinar, Rob Kraus from Solutionary and Recorded Future’s Scott Donnelly will introduce the findings of the NTT Group 2016 Global Threat Intelligence Report (GTIR) which analyzes the attacks, threats, and trends from 2015. The report pulls information from 24 security operations centers, 7 R&D centers, 3.5 trillion logs, 6.2 billion attacks, and nearly 8,000 security clients globally. Rob and Scott will cover highlights from the report, including:

    • The biggest lessons learned in cyber security in 2015.
    • How you can implement threat intelligence best practices to help disrupt attacks.
    • The top 10 vulnerabilities targeted by exploit kits in 2015.
    • Analysis on industry attacks, including which industries are most at risk.

    Register today to learn critical threat intelligence insights from 2015 that will ensure your organization is secure in 2016 and beyond.
  • Fuel Incident Response With Threat Intelligence to Lower Breach Impact Recorded: Mar 29 2016 51 mins
    Ondrej Krehel, Chief Executive Officer, LIFARS
    As we’ve all learned from recent incidents at large companies, a data breach can cause insurmountable damage that is difficult to rebound from. To effectively counteract cyber attacks, companies need to have a two-pronged approach that includes both targeted threat intelligence and expedient incident response (IR).

    In this webinar, Scott Donnelly of Recorded Future, will explain how threat intelligence can help secure your company, how to implement an intelligence strategy, and how a thorough threat intelligence program can reduce the risk of breaches.

    Next, LIFARS CEO and Founder Ondrej Krehel will discuss how this intelligence spearheads an incident response and describe the process of investigation and evidence collection.

    Register now to learn:

    * How threats manifest in different ways on different layers of the Web.
    * The difference between a hoax and a possible threat to companies, customers, or infrastructure.
    * How having the right threat intelligence will speed up an IR process and reduce the business impact of a data breach.
    * The steps of an effective IR and how having a proper incident response plan in place makes all the difference.
  • How Accenture Uses Threat Intelligence to Improve Security Recorded: Mar 24 2016 59 mins
    Jason Lewkowicz, Global Director and Peter Freemantle, Threat Intelligence Lead, Accenture
    Watch this webinar and see a behind-the-scenes look at how Accenture uses Recorded Future to improve security.
  • Discover Patterns of Life and Activity in Hacker Forums Recorded: Mar 22 2016 46 mins
    Christopher Ahlberg, Chief Executive Officer, Recorded Future
    Cyber criminals, hacktivists, and the occasional state actor tend to congregate in underground forums and come in many forms, but often focus geographically and linguistically, as well as stick to certain areas — carding, reverse engineering, hacking, etc.

    In this webinar Recorded Future CEO and Co-Founder Christopher Ahlberg will share an analysis of a very large corpus of forum posts from the surface and deep Web spanning more than three years — including forums originating in the United States, Russia, Palestine/Gaza, Ukraine, Iran, China (in local language), and more.

    Based on this corpus we establish a series of patterns of actor behavior that can be used for targeting illicit behavior and actors, establish research pivot points, and detect actor focus on products, technologies, and vulnerabilities.

    The analysis will lay out techniques for how to analyze forum and actor behavior based on meta data analysis, without detailed human analysis of individual messages/posts.

    Christopher will also demonstrate how we can use natural language processing, temporal pattern analysis, social network analysis, and other techniques to establish patterns both inside and across forums (tracking actor traversals of the Web), and crossing boundaries of the clear/deep/dark Web.

    This exclusive presentation will cover:

    * Description of the large, specially collected corpus.
    * Message analysis techniques.
    * Established patterns of life and patterns of message traffic in forums.
    * Comparing hacker groups by geography and by their interests and behaviors.
    * Visualization techniques for pattern analysis.
    * Techniques for tracking evolutions of vulnerabilities, exploits, and exploit kits across forums.

    A sample pattern (along with many others) that we'll demonstrate is how in a high-value, private hacker forum, the classic Patch Tuesday/Exploit Wednesday pattern is alive and well — with traffic spiking on Wednesdays, post Tuesday patch releases.
Real-Time Threat Intelligence
Recorded Future arms you with real-time threat intelligence so you can proactively defend against cyber attacks. With billions of indexed facts, and more added every day, our patented Web Intelligence Engine continuously analyzes the entire Web to give you unmatched insight into emerging threats. Recorded Future helps protect four of the top five companies in the world.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: The Cyber Threat at Your Doorstep: Location-Specific Threat Intelligence
  • Live at: Sep 8 2016 6:00 pm
  • Presented by: Lincoln Kaffenberger, Cyber Security Professional
  • From:
Your email has been sent.
or close