Hi [[ session.user.profile.firstName ]]

Understanding the Threat Intelligence Ecosystem

Everybody talks about threat intelligence today, but how well are they distinguishing raw data from actionable intelligence? Stephen Gates of NSFOCUS discusses cybersecurity and the new threat intelligence ecosystem.

"The operative word is 'actionable,'" says Gates, Chief Research Intelligence Analyst at NSFOCUS. Threat intelligence means a lot of things to a lot of people, he adds. But what it comes down to is: "Do you want to gain further insight into the threat landscape that your organization faces on a daily basis? That's what threat intel is all about - gaining that insight with actionable intelligence and understanding the threats [you're] under."

In an interview about the threat intelligence ecosystem, Gates discusses:

How many organizations fail to distinguish actionable TI;
Why the ecosystem is so critical to cybersecurity;
How NSFOCUS distinguishes itself in a crowded marketplace.
Recorded Nov 10 2016 14 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Stephen Gates
Presentation preview: Understanding the Threat Intelligence Ecosystem

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Low to High: Risk Adverse May Not Make the Most Risk Sense Recorded: Nov 15 2018 59 mins
    Guy Rosefelt, Director of PM at NSFOCUS and Adrian Sanabria, VP of Strategy and Product Marketing at NopSec
    Recent evidence shows that a surprisingly high portion of vulnerabilities incorporated into malware or exploit kits are ranked low or medium severity. Counter to commonly-accepted practices, focusing only on high-severity vulnerabilities and setting a ‘cut-off’ point for lower scored issues, is not a safe or effective strategy. More importantly, proof-of-concept (POC) code for lower priority vulnerabilities is appearing more quickly after 0-day announcement leading to leading to widespread attacks equally as quickly. NSFOCUS and Nopsec will delve into this recent trend, discuss some of these lower level vulnerabilities being quickly exploited, and provide some thoughts how to better protect against these in the future.
  • Worse than Pests: Cyber Attackers Keep Coming Back Recorded: Oct 25 2018 54 mins
    Guy Rosefelt, Director of PM at NSFOCUS
    According to observations from the NSFOCUS Threat Intelligence Center (NTI), nearly 20% of attack source IP addresses have initiated more than one type of attack. That and other attack type trends such as DDoS, malware and web intrusions are only on the rise. The NSFOCUS 2018 H1 Cybersecurity Insights Report shows how bad the threat landscape was for the first half of this year and predicts what it will be like for the remainder. This webinar shows the driving forces behind these trends and what you can do to prepare for them.
  • [SPANISH] Cómo proteger y consolidar su negocio cibernético de los ataques DDoS? Recorded: Sep 20 2018 56 mins
    Bruno Carvalho, Arquitecto de soluciones, EMEA
    Dado que los ataques dirigidos a las aplicaciones web son cada vez más frecuentes, es más importante que nunca que las organizaciones comprendan cómo protegerse contra los atacantes que apuntan a todos los niveles de la infraestructura. Los malintencionados están utilizando tecnologías, herramientas y conocimiento para explorar dónde eres más susceptible al ataque. Aunque eres susceptible de atacar, no tienes que ser vulnerable.
    Si usted es como la mayoría de las organizaciones, ya tiene una solución DDoS implementada, pero eso podría no ser lo suficientemente bueno. Cada vez más, los expertos recomiendan alejarse de los puntos únicos de falla, duplícalos o a veces triplicar, las soluciones de mitigación DDoS.
    Al adoptar una estrategia de mitigación DDoS híbrida (capacidad local y nube), las organizaciones tienen la mejor ruta hacia la resiliencia y eficiencia operativa en el evento de un ataque DDoS.

    Consideraciones adicionales
    • ¿Cómo estás definiendo la mitigación?
    • Si está utilizando una compañía de mitigación DDoS, ¿cuál es el mejor momento de mitigar?
    • ¿Tiene solución de nube como opción de failover?
    • ¿Estás haciendo todo lo que puedes para proteger a tu organización contra el próximo ataque?
    • NSFOCUS Holistic Hybrid Security
    • NSFOCUS Threat Intelligence

    Reserve su asiento hoy mismo para comprender cómo proteger y consolidar su negocio cibernético frente a los ataques DDoS
  • Protect and Consolidate Your Cyber Business from DDoS Attacks Recorded: Sep 11 2018 49 mins
    Bruno Carvalho, Solution Architect, EMEA
    As attacks targeting web applications are becoming more frequent, it’s more important than ever for organizations to understand how to protect against attackers targeting all levels of the infrastructure. Attackers are using technologies, tools, and reconnaissance to scout where you are most susceptible to assault. Although you are susceptible to attack, you don’t have to be vulnerable.

    By adopting a two-solution DDoS mitigation strategy – employing one mitigation downstream to defend at the point of attack and the other upstream to provide protection closer to the attacker before it reaches your network – organizations have the best path to resiliency and operational efficiency in the event of a DDoS attack.

    Additional considerations
    •How are you defining detection?
    •If you’re using a DDoS mitigation company, what’s the time to mitigate?
    •Do you have cloud solution as failover option?
    •Are you doing all that you can to protect your organization against the next attack?
    •NSFOCUS Holistic Hybrid Security Solutions
    •NSFOCUS Threat Intelligence

    Reserve your seat today to understand how Protect and Consolidate Your Cyber Business from DDoS Attacks
  • 3 Lessons to Learn from Drupalgeddon 2 Recorded: Jul 20 2018 33 mins
    Guy Rosefelt, Director of PM at NSFOCUS and Michelangelo Sidagni CoFounder and CTO at NopSec
    • An in-depth analysis of the Drupal vulnerabilities: CVE-2018-7600 & CVE-2018-7602
    • NSFocus & NopSec's research findings about the Drupal Vulnerabilities
    • Common themes with php vulnerabilities & how to protect your organization from them
  • What and Where Were the Top IoT Cyber-Threats in 2017? Recorded: Jun 26 2018 52 mins
    Xiaobing Sun, Principal Security Researcher
    In the past few years, with the proliferation of IoT devices, IoT security becomes a hot topic. Earlier this year, researchers at NSFocus put together a “2017 Annual IoT Cybersecurity Report”, surveying the IoT landscape and the new threats from them. In this webinar, we will highlight the important findings and opinions in this report. Topics include:
    •Survey of the exposed IoT devices.
    •Various vulnerabilities in these IoT devices.
    •Threat analysis from these IoT devices.
    •How to protect the IoT devices.
  • FinTech Security: Cyberthreats Today and Tomorrow Recorded: May 29 2018 41 mins
    Guy Rosefelt, Director of PM
    This is an opportunity for all Fintech security professionals to take a deep dive into the current and future threats targeting the technology that drives the financial sector.
    This briefing will present highlights of the joint NSFOCUS and Ping An Financial Security Research Institute authored report “2017 Fintech Security Analysis Report”. Topics include:

    •An analysis of Fintech from the perspective of the Internet
    •The development history of and current trends in Fintech
    •Typical Fintech cybersecurity threats, data security threats, and business security threats
    •The current security posture of Fintech institutions and the security trends that they should be aware of.

    Reserve your seat today to learn how to better arm yourself against the next generation of threats against Fintech.
  • Adventures in TI: What is your IP Reputation? Recorded: Oct 17 2017 48 mins
    Guy Rosefelt, Director of PM, APAC Threat Intelligence & Web Security
    Abstract: Can you afford not knowing how bad your provider's IP reputation is? How likely are IP addresses adjacent to you of being infected with malware or participating in botnets?

    NSFOCUS has been tracking the reputation of IP addresses globally by ASN for over a year and recently released the August 2017 Global IP Reputation report. Some interesting patterns have emerged worldwide as the number of IP addresses added to reputation lists continues to increase due to Mirai, WannaCry and other malware infecting the Internet of Things.

    NSFOCUS SecLab is tracking IP reputation across 9 categories, including SPAM, DDoS, botnets, and web attackers. This talk will present global IP reputation trends and rank the countries with the worst IP reputation…and it may not be China.
  • Emerging DDoS Trends 2017: Empty Threats & Real Attacks Recorded: Oct 10 2017 37 mins
    Xiaobing Sun, Principal Security Researcher
    This year the cyber-security realm has experienced a few dramatic emerging trends to include a couple of the largest denial-of-service attacks and ransomware outbreaks in history. Follow NSFOCUS as we take a deeper look into these DDoS attacks and some of the processes that now seem to be tied to the overall attack-chain. Additionally, we will learn how protective measures such as Threat Intelligence and cloud-based DDoS defenses are adding value to circumvent and mitigate attack efforts from various threat actors.
  • NSA Hacking Tools Exposed Pt 2: Are You Protected? Recorded: May 24 2017 31 mins
    Cody Mercer, Senior Threat Research Analyst
    The ‘Shadow Brokers’ have recently released a new cache of malware exploits into the wild in which our NSF Threat Intelligence Researchers were able to reverse engineer and ‘sandbox’ for analytical purposes. With this noted, very sophisticated malware strains developed at the ‘State-Sponsored’ level by such entities as NSA are now readily available and primarily targeting vulnerabilities identified in Microsoft OS’s and MS applications.

    This will be the second installment to my previous BrightTalk presentation that will take a deeper look into specific exploits released by the Shadow Brokers and their attributed TTP’s (Techniques, Tactics, Procedures) and how NSFOCUS’s Threat Intelligence can assist in securing your security posture.

    Join NSFOCUS in this event to discuss:

    •What are the exploits Fuzzbunch, Dandersprit, and OddJob and their associated campaigns?

    •How can NSF’s Threat Intelligence Portal and Reputation Feeds protect you and your company against these recently released malwares?

    •Gain a better understanding of TI components to include ‘Strategic’ and ‘Tactical’ information and how knowledge of these exploits will help protect your company from future compromise.
  • Service Provider Playbook- Building a Case for Managed DDoS Services Recorded: Apr 26 2017 50 mins
    Stephen Gates, Chief Research Intelligence Analyst, NSFOCUS
    There is no doubt that DDoS attack activity is at an all-time high as attacks continue to plague the Internet; causing outages and impacting organizations on a scale never seen before. Regardless of the intent, the likelihood of larger and more frequent DDoS attacks is forcing service providers to plan for the inevitable. Most don’t realize there is a tremendous opportunity for service providers to protect their customers, and significantly profit from this activity. Delivering Managed DDoS Services can be very profitable due to the intensification of DDoS attacks, and the rising demand for protection.

    In this webinar, you’ll learn:

    •The Best Way to Defeat DDoS Attacks Targeting Your Customers and Your Infrastructure
    •How to Build an Internal Case for Your Organization to Offer Managed DDoS Services
    •About the Complete Service Provider DDoS Mitigation Solution
  • The Rise of IoT Botnets and How to Defend Against Them Recorded: Mar 29 2017 53 mins
    Stephen Gates, Chief Research Intelligence Analyst, NSFOCUS
    Nobody thought it was possible to spawn a 1Tbps+ DDoS attack by hijacking connected devices. Connected Internet of Things (IoT) devices are smart, convenient and notoriously lacking in security. IoT devices can be easily exploited due to their inherent security gaps. Soon these IoT-based attacks will become everyday occurrences for service providers and enterprises the like.

    Join Stephen Gates, Chief Research Intelligence Analyst at NSFOCUS, and learn about IoT-based botnets, how to detect them and how to better protect your connected devices.

    Viewers will learn about:
    - An exclusive overview of the Mirai malware and how it’s being used against your organization
    - The latest tactics, techniques, and procedures hackers are using in the escalation of IoT-based botnets
    - How to detect and defeat these attacks via cloud and on-premises defenses
  • NSFOCUS Hybrid DDoS Defenses Recorded: Feb 27 2017 3 mins
    NSFOCUS
    This video highlights our unique Intelligent Hybrid approach to DDoS defenses and showcases NSFOCUS awards and industry recognition
  • ISMG London Summit Interview - DDoS and Extortion: The Evolution Recorded: Feb 8 2017 8 mins
    Richard Meeus, VP of Technology EMEA, NSFOCUS
    Richard Meeus, VP of Technology EMEA, NSFOCUS, on Responding to More Powerful Strikes.

    During the interview, Richard discussed,

    Characteristics of today's strongest DDoS and extortion attacks;
    The value of an intelligent hybrid security approach;
    How NSFOCUS is helping global customers defend against DDoS and extortion attacks.

    For more information, please visit our website, www.nsfocus.com
  • Defending the G20 Summit from Massive Cyber Attacks Recorded: Jan 31 2017 48 mins
    Anil Nandigam, Sr. Director, Product Marketing
    Today’s advanced cyber threats are borderless – and so are enterprises. As enterprises are increasingly adopting cloud, the siloed defense-in-depth technologies have proven futile against today’s advanced threats and borderless trends. This webinar will address the current security strategy shortfalls and the technology that can help better protect your organization.

    Join this presentation to learn:
    - Trends forcing organizations to reconsider their cybersecurity strategies
    - Why it’s important to have global threat intelligence to effectively combat advanced cyber threats
    - What Intelligent Hybrid Security is and how it can improve your security posture
    - How NSFOCUS protected the G20 Summit 2016 using this approach
  • The Year of Cyber Extortion--Why Now and What's Next? Recorded: Dec 6 2016 58 mins
    Stephen Gates, Chief Research Intelligence Analyst
    Cyber extortion can take many forms. From ransomware and sextortion, to DDoS shakedowns, and data-dump blackmail, organizations all over the globe have been directly impacted by these campaigns in 2016. What’s changed with hackers’ tactics, techniques, and procedures, and why the sudden surge of activity this past year? What can we expect to see in 2017?

    Join Stephen as he exposes the reasons why this attack vector has drawn so much attention, and how it’s gained so much success. Since the primary enabler for extortion is fear, Richard will demonstrate how organizations can measure their exposure, plan for what’s coming, and take proactive steps to eliminate their fears. If the countermeasures are done right, these blackmail attempts will soon fall on deaf ears.
  • SANS Briefing: Adventures in Threat Intelligence Recorded: Nov 15 2016 43 mins
    Guy Rosefelt
    After the Brexit of TI earlier this year, panic has subsided and cooler heads prevail. Now that we all agree Threat Intelligence can be a useful tool, you too can learn how to use TI like a pro. NSFOCUS shares real-world customer case studies and research to help their clients ensure a safer, more secure enterprise.
  • SANS Financial Services Security Vendor Briefing Recorded: Nov 15 2016 35 mins
    Steve Gates
    Financial institutions continue to be the target of the most advanced attacks by motivated threat actors. Unfriendly nation-states breach systems to seek intelligence or intellectual property. Hacktivists aim to make political statements through systems disruptions, while organized crime groups, cyber gangs, and other criminals breach systems for monetary gain.

    Join the SANS Institute as we bring the SANS Financial Services Security vendor briefing to the Financial Community in the New York City area. This 1/2 day event provides a unique opportunity to engage in dialogue around cybersecurity issues specific to the Finance Industry, and learn about key solution capabilities/customer success stories.

    Through the latest research efforts, in-depth technical knowledge and vendor solutions, attendees will walk away with strategic and tactical actions aimed to address key concerns for the Financial Industry such as:
    How can financial organizations manage these threats while maturing their prevention, detection and reaction capabilities?
    How can they operationalize threat intelligence in the most effective way?
    What are the strategies needed to elevate their cyber resilience while ensuring they keeping pace with regulatory requirements?
  • Understanding the Threat Intelligence Ecosystem Recorded: Nov 10 2016 14 mins
    Stephen Gates
    Everybody talks about threat intelligence today, but how well are they distinguishing raw data from actionable intelligence? Stephen Gates of NSFOCUS discusses cybersecurity and the new threat intelligence ecosystem.

    "The operative word is 'actionable,'" says Gates, Chief Research Intelligence Analyst at NSFOCUS. Threat intelligence means a lot of things to a lot of people, he adds. But what it comes down to is: "Do you want to gain further insight into the threat landscape that your organization faces on a daily basis? That's what threat intel is all about - gaining that insight with actionable intelligence and understanding the threats [you're] under."

    In an interview about the threat intelligence ecosystem, Gates discusses:

    How many organizations fail to distinguish actionable TI;
    Why the ecosystem is so critical to cybersecurity;
    How NSFOCUS distinguishes itself in a crowded marketplace.
  • Threat Intelligence: What It Is, and How to Use It Effectively Recorded: Nov 3 2016 61 mins
    Matt Bromiley and Stephen Gates
    Security practitioners are hearing more and more about threat intelligence (TI). But what exactly is it, and how can TI be effectively deployed as part of an organization's defenses against advanced malware and cyberattacks?

    In this webcast, you will learn just what constitutes threat intelligence, the different kinds of TI and why companies are implementing it. Attendees will also learn how and when to integrate intelligence into their security posture, the role of this intelligence in incident response and when to use it to identify critical security events.

    Join us to get a clearer understanding of this powerful tool and to learn how you can make the best use of it
Complete Service Provider DDoS Mitigation Solution
NSFOCUS provides a Complete Service Provider DDoS Mitigation Solution that protects both customers and infrastructure; while enabling providers to deliver Managed DDoS Services with a multi-tenant Platform that produces the lowest operating costs in the industry.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Understanding the Threat Intelligence Ecosystem
  • Live at: Nov 10 2016 6:45 pm
  • Presented by: Stephen Gates
  • From:
Your email has been sent.
or close