Hi [[ session.user.profile.firstName ]]

SOC Fundamentals for Your Threat Intelligence Program

During this premium webinar you'll learn the fundamentals for adding threat intelligence to your security operations center (SOC).

Whether you're just getting started with threat intelligence, or you want to brush up on the basics, this webinar will serve as your guide to setting up and integrating a successful threat intelligence strategy for your SOC.

Join SANS instructor Chris Crowley and Recorded Future's Glenn Wong for an overview on:

* Interaction from SOC functions to other parts of the business
* People and skillsets to make the SOC effective
* Processes to have a repeatable and effective operation
* How to quickly dismiss non-critical incidents with threat intelligence
* How to detect important incidents that are otherwise missed
* How to gain threat awareness beyond your network

Content is based on the new SANS MGT517 course entitled "Managing Security Operations: Detection, Response, and Intelligence."
Recorded Sep 20 2016 62 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Chris Crowley, Course Author at SANS, and Glenn Wong, Director of Technology Partnerships
Presentation preview: SOC Fundamentals for Your Threat Intelligence Program

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • 5 Threat Intelligence Resolutions to Keep This New Year Recorded: Jan 24 2018 42 mins
    Allan Liska, Threat Intelligence Analyst, Recorded Future
    It’s that time when we strive to rid ourselves of old habits and embrace fresh ideas. In security, threat intelligence is certainly seen as one of those fresh ideas. According to Gartner’s recent “Market Guide for Security Threat Intelligence Products and Services,” “One benefit of threat intelligence is that it improves decision making in core security processes, such as incident response and policy enforcement. Better visibility of the threat landscape helps CISOs justify the need for additional resources and understand the problems they encounter.”

    In this webinar, Allan Liska, author of “Threat Intelligence in Practice,” will address five practical steps from Gartner’s report to help you make better use of threat intelligence in your organization, including:

    • Understanding the threat intelligence lifecycle.
    • Knowing the difference between data feeds and threat intelligence.
    • Centralizing, customizing, and collaborating with intelligence.
    • Integrating with your existing security infrastructure.
    • Using vulnerability intelligence to power smarter patching.
  • Machine Learning in Black and White Recorded: Dec 13 2017 58 mins
    Chris Poulin, Principal/Director, Booz Allen Hamilton and Staffan Truvé, CTO and Co-Founder of Recorded Future
    Machine learning is no longer just the tool of tech companies. While it is now being baked into most security protection technologies, threat actors are a step ahead — adopting machine learning to conduct increasingly sophisticated attacks, and to circumvent AI-based defenses. In this webinar, Chris Poulin, Principal/Director with Booz Allen Hamilton and Staffan Truvé, CTO and Co-Founder of Recorded Future will show the good and bad of AI and machine-learning technologies, including:

    • How the collection and analysis of open source and technical data at unprecedented scale allows proactive decision making.
    • What humans can do — but beyond human scalability.
    • Examples of successful threat actor campaigns utilizing AI techniques.
  • Threat Intelligence for Every Security Function Recorded: Nov 16 2017 61 mins
    Dave Shackleford, SANS and Chris Pace, Recorded Future
    There's a common misconception that threat intelligence simply means feeds of indicators just for SOCs or high-level reports only useful to security leaders. The fact is threat intelligence can be a valuable weapon in every part of your information security strategy. In this webinar, we'll take a close look at five different roles generally found within information security organizations: vulnerability management, incident response, security operations, threat analysis, and CISOs. Discover what specific processes and responsibilities are found in each team and how threat intelligence can be integrated into each to improve accuracy and reduce time to action.
  • Next-Generation Threat Intelligence Recorded: Nov 13 2017 50 mins
    Daniel Hoffman, President, SPG and Chris Pace, Technology Advocate, EMEA, Recorded Future
    We’ve talked in previous webcasts about what threat intelligence is and how to use it. We complete this series by taking a look forward – what we can expect from the threat intelligence technology and how it will play a part in a company’s overall information security strategy.
  • Applying Recorded Future Threat Intelligence to the IBM Security Stack Recorded: Nov 8 2017 43 mins
    Dan Schofield, IBM Security and Glenn Wong, Recorded Future
    There are a variety of threat intelligence feeds and services on the market to keep IT organizations up to date on the latest security threats. But many organizations fall short in operationalizing threat intelligence and using it to enhance the effectiveness of their existing security tools.

    Recorded Future integrates with IBM's QRadar, Resilient, i2, and X-Force Exchange, so regardless of which part of the IBM Security technology stack you use, getting threat intelligence enrichment collected from open, closed, and technical sources is easily automated. Unlike common open source IP or domain reputation lists, Recorded Future's risk lists include rich context so you can make decisions quickly about suspicious activity and can take action quickly.

    Join this webinar for an in-depth look at Recorded Future’s integrations with the IBM Security technology stack and learn how to:

    • Rapidly understand true incidents in context.
    • Develop processes to quickly analyze and digest threat data.
    • Use threat intelligence when it counts most: BEFORE attacks hit.
  • Utilizing Contextual Threat Intelligence in Splunk Recorded: Oct 18 2017 42 mins
    Henry Canivel, Security Operations Engineer, Splunk and Scott Donnelly, Director of Technical Solutions, Recorded Future
    Security operations center (SOC) teams are continually faced with new alerts and events. Security information and event management (SIEM) solutions such as Splunk help by making it easier to collect and analyze data generated by your technology infrastructure, security systems, and business applications. However, working with this volume of data risks SOCs being overloaded and rapidly available and readable information is vital to prioritize how you respond.

    See how a pre-integrated solution between Recorded Future and Splunk gives you full context of emerging threats from the widest breadth of open, technical, and dark web sources. Join this webinar to:

    • Alleviate alert fatigue and speed decision making with machine and human-analyzed threat context.
    • Identify threats already in your system by correlating network traffic with known bad from outside your network.
    • Get a live walkthrough of how to utilize real-time threat intelligence in Splunk Enterprise.
  • Betrayal as a Service: Insider Threats in the Financial Services Industry Recorded: Sep 12 2017 40 mins
    John Wetzel, Threat Intelligence Analyst, Recorded Future
    Recent Recorded Future research has uncovered financial services insiders selling their services to threat actors in criminal and dark web forums.

    You may already be managing and monitoring access to critical systems and data in an effort to secure against insider threats, but external threat intelligence has a role to play in identifying potential rogue employees and their targets.

    Join this webinar to learn how you can:

    • Expose threat actors in underground forums and criminal marketplaces.
    • Monitor for breaches by insiders on paste sites, forums, or code repositories.
    • Detect early indications of insider threats, as well as breaches resulting from their actions.
  • Using Cyber Threat Intelligence Wisely Recorded: Aug 23 2017 60 mins
    Neal Dennis, Senior ISAC Analyst and Chris Pace, Technology Advocate, EMEA, Recorded Future
    A wide range of threat intelligence feeds and services have cropped up to keep IT organizations up to date on the latest security threats. But without mechanisms in place to actually use the information, these alerts provide little benefit.

    Attend this webinar and learn how to:

    • Identify the threat intelligence sources most valuable — and least valuable — to your security efforts.
    • Develop processes to quickly analyze and digest threat data.
    • Use threat intelligence when it counts most: BEFORE the attack hits.
  • How Only Relevant Knowledge Will Enable Proactive Defense Recorded: Aug 8 2017 65 mins
    Graeme Park Senior Consultant at Mason Advisory and Brian Shorten Chairman, Charities Security Forum
    In an age where threats are increasingly orchestrated to target specific organizations, industries, and technologies, a much greater emphasis needs to be on understanding the mind and methods of an attacker.

    Gathering and applying relevant intelligence has never been more important, but with so much threat data and so little context available, how is it possible to be confident that you will know and understand the risks that you face, and can proactively defend against them? In this webinar we’ll explain what you can learn by gathering data from varied sources to uncover threat intelligence that’s truly relevant to you.

    Key Takeaways:

    • Combinations of factors that result in relevant intelligence.
    • Examples of how threats target particular industries or technologies.
    • How intelligence can be applied for proactive defense.
    • How to get the best actionable data from your logs.
  • Threat Intelligence: Information Security's Problem Child? Recorded: Aug 2 2017 65 mins
    Wade Baker, Partner and Co-Founder, Cyentia Institute and Nick Frost, Principal Research Analyst, Information Security Forum
    Threat intelligence is one of the most talked about areas of information security today. Vendors, service providers, consultants and integrators are all looking to find ways to use threat intelligence to help businesses apply what we can learn about emerging cyber-threats and their tactics to protect valuable data and systems.

    However, when it comes to applying these types of services/products, it can be hard to know where to start, whilst establishing what types of threat intelligence will prove truly beneficial to your organization is also a challenge.

    In this webinar we’ll take you towards getting “hands on” with threat intelligence, including:

    • Understanding the difference between strategic, operational, tactical and technical threat intelligence
    • Real world examples of applying threat intelligence to monitor for emerging threats, to better prioritize vulnerabilities and more clearly understand your own threat surface
    • Find the parts of your security operations that can reap the most benefit from the application of relevant threat intelligence
  • Automation, Machine Learning, and AI: Saving Security or Job Stealing Overlords? Recorded: Jul 31 2017 56 mins
    Michael Ball CISSP IT Security Consultant, Davi Ottenheimer President of flyingpenguin, Chris Pace, Recorded Future
    Headlines as we left 2016 and predictions for 2017 suggest that the future of the IT department (including information security) looks to be increasingly reliant upon machines doing the work, courtesy of the adoption and explosion of automation technologies, artificial intelligence and machine learning. How capable can machines ultimately become in securing businesses from an increasing array of threats? What role does this leave for humans?

    In this webinar we will look at the rise in popularity of artificial intelligence generally, what it means for businesses and its potential to improve efficiency and security. Which areas of security strategy may have the most to gain and lose in this transformation?

    This webinar will:

    • Consider the power of AI in threat intelligence, security operations and incident response
    • Discuss how AI and predictive analytics can lower risk
    • Question whether automation will always require the human factor
  • Best Practices for Applying Threat Intelligence Recorded: Jun 27 2017 47 mins
    Chris Pace Technology Advocate - EMEA, Recorded Future
    Threat intelligence is certainly one of the most talked-about areas of information security today. Recent research conducted by SC Media revealed that 46 percent of security professionals expect threat intelligence to be a very important part of their strategy in 2017.

    But when it comes time to choose threat intelligence services and products it can be hard to know where to start. During this webinar, we’ll look at what types of intelligence will prove truly beneficial to your organization and how to get the greatest return on your investment.

    Join this webinar to:

    • Get best practices and case studies for implementing threat intelligence as part of your own information security strategy.
    • Understand the important distinction between threat data and intelligence.
    • Gain insight into the value of different intelligence sources and how to work with them.
    • Learn about the importance of context in threat intelligence.
  • Visualizing the Evolution of Cyber Threats Recorded: May 31 2017 31 mins
    CW Walker, Government SE, Recorded Future and Daniel Hatheway, Senior Technical Analyst, Recorded Future
    Actionable intelligence requires swift analysis and this is only possible with the ability to rapidly sort through vast quantities of data varying in size, source, and format.

    Intelligence analysts need the right tools that empower them to make the quick, informed decisions that our national security demands.

    Recorded Future and Lumify by Altamira provide a powerful big data fusion, analysis, and visualization platform that supports the development of actionable intelligence. Join this webinar to learn how your agency can:

    • Accelerate the transformation of data to valuable insights using Lumify for Recorded Future.
    • Discover complex connections and explore diverse relationships in your data.
    • Enable sharing across your analytic tools and systems.
    • Enhance your analysis with malware samples sandboxed by Recorded Future.

    Lumify for Recorded Future enables analysts to quickly discover important relationships across a variety of data sources, driving a more efficient process for gaining actionable intelligence.
  • How Online Attackers Target Your Business and How to Stop Them Recorded: May 11 2017 63 mins
    Tom Parker, CTO, FusionX and Chris Pace, Technology Advocate, EMEA, Recorded Future
    One of the best ways to develop an effective cyber defense is to think like your attacker and then develop a commensurate response. A professional penetration tester will explain the ways your IT environment actually comes under attack and offer step-by-step recommendations on how you can prevent those attacks.

    In this webinar, learn:

    • How online attackers choose their targets
    • How cyber criminals research potential victims and find initial points of entry
    • The methods attackers use to move laterally through your infrastructure to find sensitive data
    • What steps you can take to prevent attackers from targeting your company
    • How you can improve your defenses to make targeted attacks less effective
  • Using Threat Intelligence to Prevent a Ransomware Attack Recorded: May 9 2017 58 mins
    Join Bardia Omran, Cyber Threat Intelligence Analyst at BT, and Allan Liska, Intelligence Architect at Recorded Future
    Ransomware hit between 1 in 3 businesses during 2016 and is the fastest growing malware threat according to the U.S. Department of Justice. If you've been laid back about ransomware attacks, now might be a great time to change your ways.

    Join Bardia Omran, Cyber Threat Intelligence Analyst at BT, and Allan Liska, Intelligence Architect at Recorded Future, to learn how you can use threat intelligence to help prevent a ransomware attack. This informative webinar will review strategic, educational, and operational approaches your company can employ to help in this fight including:

    • Tactics and procedures you should consider implementing.
    • How ransomware is used as a tool rather than a stand-alone weapon in targeted attacks.
    • Common risks to avoid such as password reuse and the lack of safety training.
    • How threat intelligence is used to contextualize indicators of compromise.

    Bardia Omran is a Threat Intelligence Analyst in BT Security, UK. Previously, Bardia worked on a service desk where he gained an in-depth knowledge of operating systems. He has a keen interest in malware and has spent the past two years researching it and contributing to BT's Security Threat Intelligence product.

    Allan Liska is a solutions architect at Recorded Future. Allan has more than 15 years of experience in information security and has worked as both a security practitioner and an ethical hacker. Through his work at Symantec, iSIGHT Partners, FireEye, and Recorded Future, Allan has helped countless organizations improve their security posture using more effective intelligence. He is the author of “The Practice of Network Security, Building an Intelligence-Led Security Program,” and “Securing NTP: A Quickstart Guide” and the co-author of “DNS Security: Defending the Domain Name System and Ransomware: Defending Against Digital Extortion.”
  • How to Find the Threat With Threat Intelligence Recorded: May 3 2017 61 mins
    Yonesy Núñez, Vice President, Information Security, and Richard Fairhurst, Vice President, Information Security, Wells Fargo
    Finding threats on a corporate network is certainly necessary, but by definition it means the threat has already breached your perimeter and is embedded in your networks. You're now on the defensive. This special report webinar looks at techniques you can use to identify potential breaches before they enter your network.

    You'll learn about using off-network threat intelligence to identify not only potential breaches before they attack, but also potential false positives and other network noise that might distract your team and technology from doing their jobs most effectively and efficiently.
  • Real Steps to Build a Threat Intelligence Framework Recorded: May 2 2017 60 mins
    Dave Shackleford, SANS and Chris Pace, Recorded Future
    While the value of threat intelligence is widely recognized and accepted in today's cyber landscape, many organizations are still struggling to actually implement a workable framework or know what kinds of intelligence might really be useful. Join this webinar for real-world actionable steps to prevent, detect, and respond to cyber threats, including:

    • Understanding the difference between strategic, operational, tactical, and technical threat intelligence.
    • Applying threat intelligence to monitor for emerging threats, better prioritize vulnerabilities, and more clearly understand your own threat surface.
    • Find the parts of your security operations that can reap the most benefit from the application of relevant threat intelligence.
  • Becoming a Threat Hunter in Your Enterprise Recorded: Apr 14 2017 63 mins
    John H Sawyer, Senior Security Analyst at InGuardians and Chris Pace, Technology Advocate at Recorded Future
    You’re tired of waiting. Tired of waiting for your technology to alert you that there’s already a problem. You want to be more proactive, sink your hands into those threat intelligence feeds, dig into those behavioral analytics reports, follow one clue after another after another, until it leads you to a would-be attacker, before they finish carrying out their grand plan. What you want is to be a threat hunter.

    And why not? Organizations who use threat hunting find it reduces their attack surface and enhances their incident response speed and accuracy. Yet few have formal programs in place with clear methodologies and repeatable processes. Attend this webinar and you’ll learn:

    • How threat hunting works
    • What a formal threat hunting program looks like
    • What skills any threat hunter should have
    • The threat hunter’s essential tricks and techniques of the trade
  • Threat Intelligence at 15,000 Feet: View From the Air Transport Industry Recorded: Apr 11 2017 52 mins
    Dave Ockwell-Jenner, Senior Manager, Corporate Information Security Office (CISO), SITA
    It's critical to anticipate cyber threats and mitigate them before they impact the business of aviation. As technology continues to commoditize and threats evolve, applying best practices for reducing cyber security risk in the air transport industry is key. During this webinar air transport security expert, Dave Ockwell-Jenner at SITA, will explain how:

    • Threat intelligence improves security operations center (SOC) efficiency.
    • Threat hunting and incident response are enriched by threat intelligence.
    • Intelligence sharing can be done right, in the aviation security community and beyond.

    Dave Ockwell-Jenner has an extensive background in technology: from building one of the internet’s earliest major websites, to helping secure some of the world’s most critical systems. In his current role with air transport industry IT provider, SITA, Dave leads a team of cyber security professionals dedicated to protecting critical infrastructure against cyber threats. Cyber threat intelligence is a central part of SITA's security strategy, not just to defend the enterprise, but to extend a suite of capabilities to customers, partners, and the industry as a whole. Originally from the UK, Dave now lives with his family in Kitchener, Ontario, Canada — home to one of Canada's most vibrant entrepreneurial and high-tech communities.
  • How to Implement Threat Intelligence Recorded: Mar 21 2017 66 mins
    Bryan Spano, CISSP and Chris Pace, Recorded Future
    We hear a lot of talk about threat intelligence and about how important it is to implement it, but we don’t get a lot of useful guidance on how a company that has yet to employ the technology can integrate it into an existing network. It's not sufficient to generate reports that have nuggets of crucial data mixed amongst the noise of network activity. You need to have staff that can analyze these reports and identify the crucial data, along with technology that makes it easier for crucial data to stand out.

    - What you need to know about how to implement threat intelligence
    - How to draw actionable information from the mass of data points that the technology generates

    About the speakers:

    Bryan Spano
    Cyber Security Leader/Professional, CISSP, PMP

    Experienced cyber leader with broad technical and business experience from military, federal law enforcement, and private sector roles. Project Management Professional (PMP), and Certified Information System Security Professional (CISSP)

    Chris Pace
    Technology Advocate, EMEA, Recorded Future

    Chris works for Recorded Future to engage and educate audiences on the power of real-time threat intelligence, using his extensive experience delivering security solutions to all kinds of organizations. Before beginning a career in information security, Chris trained as a Broadcast Journalist and also has worked in IT departments in the public and private sectors.
Threat Intelligence Powered by Machine Learning
Recorded Future arms security teams with threat intelligence powered by patented machine learning to lower risk. Our technology automatically collects and analyzes information from an unrivaled breadth of sources and provides invaluable context that’s delivered in real time and packaged for human analysis or instant integration with existing security technology.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: SOC Fundamentals for Your Threat Intelligence Program
  • Live at: Sep 20 2016 7:00 pm
  • Presented by: Chris Crowley, Course Author at SANS, and Glenn Wong, Director of Technology Partnerships
  • From:
Your email has been sent.
or close