Hi [[ session.user.profile.firstName ]]

5 Things CTI Leaders Can Learn from the Product Team

As a threat intelligence leader, you likely have a good idea of the value your CTI team brings to your organization. But does the rest of the security organization? Do the executives? Does the C-Suite?

CTI teams that take a “product” approach – in which organization stakeholders are customers for contextualized intelligence- can see increased investment in their operation and stronger holistic security outcomes. How are you delivering value to your customers? Do you have a way to receive customer feedback and improve your product?

In this presentation we will learn how to:

-Highlight the value CTI already brings to the organization.
-Increase value of existing technology and human resources through robust integrations.
-Effectively receive and implement feedback that strengthens a CTI process.
Recorded May 18 2021 39 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Chris Jacob, VP of Threat Intelligence Engineering, ThreatQuotient
Presentation preview: 5 Things CTI Leaders Can Learn from the Product Team

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • 5 Things CTI Leaders Can Learn from the Product Team Recorded: May 18 2021 39 mins
    Chris Jacob, VP of Threat Intelligence Engineering, ThreatQuotient
    As a threat intelligence leader, you likely have a good idea of the value your CTI team brings to your organization. But does the rest of the security organization? Do the executives? Does the C-Suite?

    CTI teams that take a “product” approach – in which organization stakeholders are customers for contextualized intelligence- can see increased investment in their operation and stronger holistic security outcomes. How are you delivering value to your customers? Do you have a way to receive customer feedback and improve your product?

    In this presentation we will learn how to:

    -Highlight the value CTI already brings to the organization.
    -Increase value of existing technology and human resources through robust integrations.
    -Effectively receive and implement feedback that strengthens a CTI process.
  • Ryuk, Maze, Egregor, et si la détection se faisait en amont ? Recorded: Apr 22 2021 61 mins
    David Bizeul (Chief Technical Officer Sekoia), Yann Le Borgne (Directeur Technique Europe ThreatQuotient)
    Dans ce webinar, Sekoia et ThreatQuotient effectuent une démonstration sur les enseignements tirés des récentes attaques de ransomware telles que Ryuk, Maze et Egregor. Nos intervenants présentent la caractérisation de ces menaces et l’opérationnalisation nécessaire pour les anticiper. Vous apprendrez :

    - Comment l’information sur les menaces est modélisée et structurée dans Sekoia
    - Quels sont les trackers qui permettent de repérer ces menaces
    - Comment ThreatQ rend ces informations opérationnalisables et optimise les capacités d’un EDR
  • ¿Cómo Reducir el Riesgo y Ser Proactivos Ante Nuestros Adversarios? Recorded: Apr 7 2021 65 mins
    Román Ramírez (Rooted), Eutimio Fernández (ThreatQuotient), Vicente Martín (Blueliv)
    El día 7 de abril contaremos con la experiencia de Román Ramírez que nos hablará sobre esta práctica y sobre cómo podemos implementarla en la empresa, para reducir el riesgo y ser proactivos en nuestra estrategia de ciberdefensa.

    ThreatQuotient y Blueliv organizan un webinar para hablar del tema: “Práctica de ciber inteligencia: ¿cómo reducir el riesgo y ser proactivos ante nuestros adversarios?”

    Durante 40 minutos debatiremos sobre:

    - Qué es inteligencia de ciber amenazas y cómo empresas con diferentes grados de ciber madurez pueden aplicarla a su estrategia de ciberdefensa
    - Solución modular de inteligencia de ciber amenazas, automatizada y dirigida: sus aspectos prácticos y casos de uso
    - Qué es una Threat Intelligence Platform (TIP) y cómo transforma la inteligencia de ciber amenazas en accionable y real para diferentes equipos de seguridad.
  • Améliorer l'orchestration grâce à la Threat Intelligence Recorded: Mar 1 2021 37 mins
    Yann Le Borgne, Directeur Technique Europe and Cyrille Badeau, ThreatQuotient
    L’orchestration a pour objectif d'automatiser pour optimiser le recours à l'analyse humaine sur les tâches reproductibles. En bref, réduire le coût humain dans la réponse à incident.
    Dans ce webinar, nous nous concentrerons sur le cas d'utilisation du playbook malware.

    Nous développerons 3 propositions de valeur qu’apporte la CTI à l’orchestration :

    -Le processus d’enrichissement : donner la possibilité de standardiser le contexte, offrant une meilleure capacité d'automatisation.
    -La capitalisation de votre orchestration : automatisez votre CTI pour donner à un analyste un « point de départ ».
    -La gestion de l’orchestration depuis une plateforme de Threat Intelligence: possibilité pour l'analyste de déclencher des playbooks à partir d'un TIP
  • Amplify Your SIEM: Integrations With A Threat Intelligence Platform Recorded: Feb 25 2021 30 mins
    Anthony Stitt, Regional Director APAC, ThreatQuotient Robert Streamer, Threat Intelligence Engineer APAC, ThreatQuotient
    Join us as we dive into the relationship between Threat Intelligence Platforms and SIEMs, and discover exactly why the whole is greater than the sum of the parts. Discover the benefits of this integration as you learn how to:

    -Send prioritized and relevant threat intelligence to a SIEM for correlation between internal and external datasets
    -Enrich the data within your TIP with SIEM matches and sightings
    -Not only display SIEM matches as part of a SOC wall dashboard but also to dive deeper into what the correlation actually means.
  • Evolution of Cyber Threat Intelligence: Use Case in the Modern SOC Recorded: Feb 23 2021 56 mins
    Yann Le Borgne, ThreatQuotient, Martin Ohl, McAfee, Ben van Ditmars, Atos
    Threat data is overwhelming and unmanageable until processed into information. The implementation of cyber threat intelligence (CTI) has enabled the modern SOC to move from a reactive to a proactive cybersecurity posture.

    In our webinar, we’ll discuss and demonstrate a use case in the modern SOC. Join us to discover more about these three key points:

    -How the modern-day SOC, such as Atos, incorporates and applies CTI among its many other security tools to augment collaboration and automation
    -The necessity of deep integrations between products and the value added to the threat hunting process
    -How technologies like McAfee MVISION and ThreatQ threat intelligence platform (TIP) work together to implement security automation and improve defenses
  • CyberSocial: 21 and Over! Recorded: Feb 12 2021 55 mins
    Jonathan Couch, Host and SVP of Strategy for ThreatQuotient
    Threat intelligence experts from ThreatQuotient, CME Group, Reddit discuss their best and worsts of 2020 and what to expect in the upcoming year.
  • Verstärken Sie Ihr SIEM - Integrationen mit einer Threat Intelligence Plattform Recorded: Jan 13 2021 57 mins
    Markus Auer - Regional Sales Manager, Central Europe and Falk Schwendike - Threat Intelligence Engineer, Central Europe
    SIEMs sind die wichtigsten Arbeitspferde im SOC-Umfeld. Man findet sie häufig in vielen verschiedenen Prozessen im Bereich der Cybersicherheit, wie z.B. Threat Hunting, Incident Response und Alert Triage. Was wäre, wenn es einen Trick gäbe, noch MEHR Wert aus Ihrer bestehenden SIEM Lösung herauszuholen, indem Sie sie in eine Threat Intelligence Platform integrieren?

    Tauchen Sie mit uns in die Beziehung zwischen TIPs und SIEMs ein und erfahren Sie, warum das Ganze mehr ist als die Summe seiner Teile. Entdecken Sie die
    Vorteile dieser Integration indem Sie lernen:

    -Priorisierte und relevante Threat Intelligence an ein SIEM zu senden, um eine Korrelation zwischen internen und externen Datensätzen herzustellen
    -Daten innerhalb Ihrer TIP durch Treffer und Sichtungen im SIEM anzureichern
    -SIEM Treffer nicht nur als Teil eines SOC Dashboards anzuzeigen, sondern auch um eine tiefergehende Bedeutung der Korrelation zu verstehen
  • Amplifier votre SIEM avec l'intégration d'une plateforme de renseignement sur le Recorded: Jan 13 2021 58 mins
    Yann Le Borgne, Directeur Technique Europe and Cyrille Badeau, ThreatQuotient
    Les SIEMs sont l’outil par excellence de la communauté SOC. Il est courant de les retrouver dans de nombreux processus de cybersécurité tels que le Threat Hunting, la réponse aux incidents ou encore le triage des alertes.

    Et s’il y avait une astuce pour obtenir PLUS de valeur de votre solution SIEM existante en l’intégrant à une plateforme de Threat Intelligence (TIP)?

    Rejoignez-nous pour discuter de la relation entre les TIP et les SIEM, et venez découvrir avec nous les avantages de cette intégration lors d’une démonstration:

    -Envoyer du renseignement sur les menaces prioritaires et pertinents à un SIEM afin d’établir une corrélation entre les ensembles de données internes et externes.
    -Enrichir les données de votre plateforme de renseignement grâce aux correspondances et au sighting.
    -Afficher les correspondances provenant du SIEM non seulement dans le cadre d’un tableau de bord SOC, mais aussi pour comprendre et analyser les données provenant de la corrélation.
  • SOAR and the Power of Automation Recorded: Oct 21 2020 56 mins
    Adam Palmer, Tenable, Aleksei Zjabkin, Cybers, Chris Gibbs, Tenable, Steve Rivers, ThreatQuotient
    Protecting your company environment against ever evolving cyber security threats is complicated and time consuming. The amount of security technologies and operational activities is growing rapidly, putting an enormous strain on security operations which delays the incident response.

    Watch our webinar and you will learn how to accelerate return on investment into security technologies and improve the efficiency of security operations by delegating your analysts tasks to a Security Orchestration, Automation and Response (SOAR) solution.
  • Threat Hunting and Incident Response Recorded: Oct 1 2020 30 mins
    Ayuba "JJ" Ndiaye, Account Manager, ThreatQuotient and Danil Panache, Threat Intelligence Engineer, ThreatQuotient
    With the ever-evolving cyber security landscape, it is becoming more and more difficult for teams to stay ahead of emerging threats and actors. Disparate ecosystem tools, workflows, and enough “single panes of glass” to outfit an entire building mire security teams who try to simplify and streamline incident response and threat hunting.

    Join ThreatQ as we dive into uncovering how security teams can help fill that missing link between threat intelligence and security tools, and enable multiple teams to collaborate on the same set of data without stepping on each others’ toes.
    We will be discussing how to:
    -Identify incidents through prioritized threat intel and indicators on your network
    -Launch a coordinated investigation involving multiple teams within your SOC
    -Hunt for threats by leveraging the Threat Library for intelligence-fueled hypothesis investigation
  • Enhancing Orchestration using Threat Intelligence Recorded: Sep 24 2020 23 mins
    Sean Drowsky, Threat Intelligence Engineer, ThreatQuotient and Jana Lind, Regional Sales Director, ThreatQuotient
    The aim of orchestration is to automate and optize reproducible tasks. In order to orchestrate these tasks successfully, the righ data needs to be used. Orchestrate better and more in depth using the right threat intelligence for your organization. In this webinar, we will focus on developing a malware playbook using prioritized threat intelligence. We will focus on the following three areas:
    1. The process to enrich threat intelligence to provide better automation capabilities.
    2. Automating your threat intelligence to give you analyst a good place to start.
    3. Managing orchestration from your threat intelligence platform.
  • Leveraging Threat Intelligence for Efficient Vulnerability Management Recorded: Sep 15 2020 35 mins
    Anthony Stitt, Regional Director APAC, ThreatQuotient Robert Streamer, Threat Intelligence Engineer APAC, ThreatQuotient
    Vulnerability management is a challenge for many organizations. If not done efficiently and effectively, it can lead to data breach. However, it is simply impossible to patch and mitigate every software vulnerability present in an enterprise network. Despite prioritization, patching remains one of the most time-consuming vulnerability management tasks. It also has limited effectiveness because it does not take into account knowledge of how that vulnerability is actively being exploited in the wild, and the risks associated by those adversaries leveraging it to a company’s specific environment.

    In this webinar we will develop how to:
    -Visualize threat data related to the vulnerability
    -Query internal vulnerability scanning data from Tenable
    -Determine susceptible assets and prioritize vulnerability patches
    -Automatically deploy indicators to security infrastructure
  • CyberSocial: Risky Business Recorded: Sep 9 2020 56 mins
    Jonathan Couch, Host and SVP of Strategy for ThreatQuotient
    Forward-thinking organizations are finding that cyber threat intelligence (CTI) and risk management are mutually beneficial tools for grappling financial diligence and mitigation strategy requirements. Security experts and risk management executives can together create an actionable outlook using a more comprehensive understanding of threats targeting infrastructure, systems, and personnel.

    But how do these traditionally siloed teams collaborate? What can organizations do right now to use available intelligence to become more resilient and future-proof? Join us for a lively and powerpoint-free virtual panel featuring experts from Verizon, Intel 471, BreachRx, and ThreatQuotient. We’ll discuss:

    -How does supporting risk management play into the evolution of cyber threat intelligence? 

    -How can threat intelligence and risk management teams fuse their priorities and processes to help better one another?
    
-To optimize functions, what advice should threat intelligence teams consider as they provide intelligence in a different manner to risk teams?
  • Mixing Automation and Human Intelligence Recorded: Sep 3 2020 42 mins
    Joseph Blankenship, VP, Research Director Serving Security & Risk Professionals of Forrester Research, and Leon Ward, VP of P
    The increasing complexity and variety of threats, data explosion and limited resources are putting great pressure on security operations teams. Many have bought into the concept of playbooks and automation for investigation and response, but have not been able to realize the full benefits. Automation is not the end game; it is simply one part of the recipe that requires people, process and technology.
  • How to Collect and Use Internal Threat Intelligence Recorded: Aug 18 2020 30 mins
    Anthony Stitt, Regional Director APAC, ThreatQuotient Robert Streamer, Threat Intelligence Engineer APAC, ThreatQuotient
    When it comes to threat intelligence, context and relevance are paramount. The most contextually relevant threat information is based on the actual attacks an organisation faces every day. Often, organisations overlook the opportunity to leverage this internal threat intelligence, instead focusing on external threat intelligence.

    For example, many organisations now use sandboxing to detect new malware attacks, however they might only use a single SHA from the sandbox for detection or blocking. However, a typical sandbox generates tens or even hundreds of threat indicators covering a wealth of information about the malware and how it operates. These can be used for detection of previous activity that was missed at the time, or used for future detection of related intrusion attempts.

    In this webinar, we will explore some of the sources of internal threat data and how an organisation can leverage its own systems to provide the most relevant and actionable intelligence available.
  • How to Respond to Emerging Cyber Threats Recorded: Aug 11 2020 36 mins
    Ayuba "JJ" Ndiaye, Account Manager, ThreatQuotient and Syed Kaptan, Threat Intelligence Engineer, ThreatQuotient
    In today’s world, many threat intelligence providers provide free threat data to help the community outside of their existing customer base. Governments at all levels are sharing threat and adversary specific data. Data sharing via open source feeds has expanded greatly.

    Becoming aware of these new sources is one thing, but enabling users to consume, understand and enable the data in their security infrastructure and operations is a challenge.

    In this webinar, we will discuss the following:
    * How analysts can make open source threat intelligence feeds actionable
    * How a scoring and expiration policies can improve security operations automation capabilities
    * How to integrate the right threat data within your SOC tools to reduce time to detection.
  • Leveraging Threat Intelligence for Efficient Threat Hunting Recorded: Jul 28 2020 39 mins
    Anthony Stitt, Regional Director and Robert Streamer, Threat Intelligence Engineer
    Having a good Threat Hunting capability is the goal of any proactive security team. Threat Hunting means different things to different people and there are many approaches that can be taken. Threat Intelligence provides useful information to aid the Threat Hunting process. In this webinar we will demonstrate how Threat Intelligence and a well-integrated platform like ThreatQ can be used to help make the hunting process more efficient, and prioritize Threat Hunting activities.
  • CyberSocial: The Evolution of Threat Intelligence Recorded: Jul 22 2020 61 mins
    Jonathan Couch, Host and SVP of Strategy for ThreatQuotient
    For the last few years, Cyber Threat Intelligence (CTI) has evolved and matured at a rapid rate, with new feeds, internal teams, and products adjusting strategy to help compliment it’s new maturity. Hear McAfee, Atos and ThreatQuotient experts exchange their thoughts and experience around the Evolution of Cyber Threat Intelligence.
  • Making MITRE ATT&CK Actionable Recorded: Jul 14 2020 25 mins
    Anthony Perridge, VP, International and Steve Rivers, Technical Director, International
    The MITRE ATT&CK framework is becoming increasingly popular with many businesses and organizations. It provides a deeper insight into adversaries including the tactics, tools and techniques that they commonly use. Applying the MITRE ATT&CK framework effectively to your environment can be a challenge. In this webinar, we will show you how the ThreatQ platform makes it easier to apply the MITRE ATT&CK framework within your organization and more importantly, make it actionable.
Focus on the Threat
Prioritize, automate & collaborate with a platform purpose-built for threat-centric security operations.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: 5 Things CTI Leaders Can Learn from the Product Team
  • Live at: May 18 2021 3:00 pm
  • Presented by: Chris Jacob, VP of Threat Intelligence Engineering, ThreatQuotient
  • From:
Your email has been sent.
or close