CTI Ride-Along: Operationalizing Recent TTP Intelligence for a Top Global APT

Join us for a practitioner-focused workshop that will demonstrate how defenders at all experience levels can take steps to quickly operationalize timely, relevant intelligence to improve confidence in their organization’s defensive posture. Attendees can expect to take away a renewed appreciation for the threat-informed defense discipline and likely a new workflow tip or two heading into the new year. Follow along with Tidal’s Director of Cyber Threat Intelligence as he goes hands-on with the resources & tools used daily by our Adversary Intelligence team to process the latest TTP-focused intelligence collected from a wide range of public sources. We will then dive deep into a recent government advisory on one of the world's most prominent cyber threats (APT28), showing how various free tools can be used to efficiently process a foreign-language CTI report, identify priority TTPs from within it, and spotlight notable ones for defensive next steps. Finally, we will show how defenders can level-up their threat-informed defense workflows by quantifying the threats & adversary behaviors relevant to their organization (and its defensive capabilities), allowing them to make quick, confident assessments around both established & emerging threats.