Hi [[ session.user.profile.firstName ]]

Operationalizing Cyber Threat Intel for Computer Network Defense: Focus on Iran

Operationalizing Cyber Threat Intelligence (CTI) helps mitigate risk by focusing people, processes, and technology on the threat activity matters. Above all, it allows organizations to take a more proactive, structured, and holistic approach to security that reduces dwell time and shortens the time frame from identification to fix. In today's dynamic threat environment, it is critical to boosting your overall cyber security return on investment.

Join us as we look specifically at how cyber threat intelligence can help improve computer network defense (CND) operations. Our experts will share:

• A case study, that will examine the intelligence tied to recent Iranian geopolitical events and demonstrate how operators can pivot from intelligence reporting to high confidence alerting and targeted threat hunting
• FireEye’s Iranian relevant threat intelligence along with the MITRE ATT&CK framework to help decision makers improve their overall network security posture by prioritizing security investments based on adversary capabilities
• How intelligence enhances your overall cyber security investment and places your operations ahead of the threat
• Methods for automating vulnerability management and patch prioritization by correlating intelligence to vulnerability scan data
Recorded Feb 10 2020 47 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Shanyn Ronis, Manager, FireEye Threat Intelligence Services; Katie Bowen, Threat Analyst, FireEye
Presentation preview: Operationalizing Cyber Threat Intel for Computer Network Defense: Focus on Iran
  • Channel
  • Channel profile
  • Las principales tendencias y ataques cibernéticos: M-Trends 2021 - México May 20 2021 3:00 pm UTC 90 mins
    Stephen Fallas, LATAM Cybersecurity Architect Strategist, FireEye/Mandiant
    El informe anual M-Trends de FireEye Mandiant ha servido como una fuente confiable de evidencia y liderazgo intelectual para los profesionales de la seguridad durante más de una década. Este informe proporciona información y datos oportunos basados en investigaciones globales de ciber ataques y remediaciones de alto impacto.

    Únase a nosotros este 20 de mayo a las 10:00 AM (Hora del centro de México), para conocer las métricas de respuesta a incidentes más recientes, las tendencias y comportamientos de los atacantes y los aspectos más destacados de los estudios de caso del informe de 2021.
  • Ransomware: The Ongoing Scourge May 19 2021 5:00 pm UTC 61 mins
    David Grout, CTO, EMEA, FireEye & Jamie Collier, Cyber Threat Intelligence Consultant, FireEye Mandiant
    Ransomware is disruptive and costly. Threat actor innovations have increased the potential damage of ransomware infections in recent years, and this trend shows no sign of slowing down. Financially motivated actors will continue to evolve their tactics to maximize the profit generated from successful ransomware attacks.

    Keeping abreast of the ransomware threat landscape is essential to ensure your organization’s defenses are effective. As a practitioner, you have plenty of opportunities to detect and block ransomware operations throughout the entire attack lifecycle if equipped with relevant insight.

    Join this session to learn more about the key ransomware trends, the ways organizations can proactively start bolstering their defenses and the added value of an intelligence-led approach.
  • Respondendo a Alertas Relevantes – Uma Visão Prática Recorded: May 13 2021 58 mins
    Arthur Cesar Oreana and Daniel Gomes
    O tempo é essencial, especialmente quando se trata de responder a alertas. Infelizmente, muitas vezes há muitos deles e escolher o certo para investigar e responder exige tempo e conhecimento.
    Junte-se a nós nesta sessão onde nossos especialistas darão uma visão geral do Mandiant Advantage e recursos recentemente adicionados que o ajudarão a priorizar alertas e fornecer contexto instantâneo, diretamente da experiência da linha de frente da Mandiant.
    Registre-se agora!
  • Ransomware: Attackers' top choice for cyber extortion Recorded: May 12 2021 61 mins
    Stuart McKenzie – Senior Vice President of Mandiant Consulting, EMEA, David Grout – EMEA CTO, FireEye
    Ransomware is one of the most active and profound threats facing organizations today across all industries and sizes. Years after WannaCry attacks impacted businesses across the globe, stealthy ransomware infections continue to dominate headlines and board discussions. The impact of a successful ransomware deployment includes both technical and non-technical challenges and can be crippling to an organization’s operations.

    Join our live Panel session where Stuart McKenzie, Senior Vice President of Mandiant Consulting, EMEA and David Grout, EMEA CTO, will be discussing business imperatives including:

    • Board awareness of the impact of ransomware
    • Direct and indirect financial implications for organizations
    • How best to alert, inform and brief the board?
    • The role of senior IT leaders and how traditional Ransomware approaches are no longer effective
  • Intel Briefing for Canadian Retailers Recorded: May 4 2021 60 mins
    Greg Kapourellos, Senior Mandiant Intelligence Advisor
    Cyber attacks continue to be one of the most disruptive threats facing organizations today and has been further underscored by the increasing sophistication of attackers.

    Attackers have more aggressively pivoted their targets and tactics, techniques and procedures (TTPs) to broaden their impact to affect retail infrastructures trickling down to customers and their day-to-day lives.

    Join us, as Senior Mandiant Intelligence Advisor Greg Kapourellos discusses the state of cyber security in retail including:

    • Latest Trends and Top Threats
    • Update on New Attack Techniques
    • Recent Case Studies and Examples

    Speaker Bio

    Greg Kapourellos serves as a trusted advisor to clients globally, working to empower and guide organizations on their journey towards becoming Intelligence-led. As a Sr. Intelligence Advisor, Greg leverages over 14 years of experience in intelligence and cyber operations from working in the U.S. Intelligence Community (IC), Department of Defense (DoD), and private sector. Greg began his career in intelligence and cyber operations in the U.S. Air Force. Next, Greg led several national-level cyber and intelligence missions within the IC. Prior to joining FireEye, Greg served as the Cyber Threat Intelligence Lead on a U.S. DoD Hunt Team.
  • Cloud Security: Not Just a Visibility Problem Anymore Recorded: May 1 2021 60 mins
    Earl Matthews, VP, Security Validation; Matt McWhirt Director, Consulting; Lisun Kung Sr. Director, Cloudvisory, FireEye
    Managing complex cloud environments is a reality for most organizations. They need to effectively see what’s occurring across multi-cloud environments, ensure that verification checks are met, and have the right enforcement mechanisms in place. Ultimately, they need to confirm that security controls are performing as expected at scale across distributed cloud platforms.

    Join us on Thursday, September 24 at 12 p.m. PT/3 p.m. ET to learn from frontline response experts and former CISOs about effective cloud security. This webinar covers cloud visibility, compliance, governance, controls validation and overall “health” of those environments. You’ll get answers to questions like:

    • How can I gain greater visibility across hybrid, public, private, and multi-cloud environments?
    • Is my organization prioritizing the correct information when monitoring cloud environments?
    • Is my team effectively stopping data leakage and protecting data integrity?
    • What side of the shared cloud responsibility model is my team accountable for?
    • Does my team have evidence to properly communicate key metrics to our executives?

    Expert panel includes:
    • Moderator: Brian Contos, VP, Technology Innovation, Mandiant Security Validation
    • Major General Earl Matthews, VP of Strategy, Mandiant Security Validation
    • Matt McWhirt Director, Mandiant Consulting
    • Lisun Kung, Sr. Director, Cloudvisory, FireEye

    Register Now
  • Secure Access Service Edge - The Convergence of Security & Network Architectures Recorded: May 1 2021 49 mins
    David Batty, Principal Engineer, FireEye; Paul Martini, iboss’ CEO, CTO, and Chief Architect
    The traditional network perimeter has eroded while end users and devices are accessing cloud applications remotely, from virtually any location. To complicate matters further, users need access to applications that exist in public cloud destinations as well as resources that reside within private cloud networks, increasing the challenge to secure connectivity. To better protect the evolving cloud environment, users need a multi-vector defense solution.

    The iboss + FireEye Cloud Network Security provides advanced threat protection and data breach prevention in the cloud regardless of the end user’s location or form factor (desktop, laptop, tablet, server, IoT, and other mobile devices). Join this webinar to learn about:

    • Cloud Security that Enables Work from Anywhere: Designed for a world where virtually everyone is mobile, the iboss + FireEye Cloud Network Security solution provides direct-to-cloud secure connectivity to all applications regardless of user location to enable security administrators to easily protect their end traffic, users, devices, networks, assets, data

    • Detects Threats Others Miss: FireEye intelligence-driven Multi-Vector Execution (MVX) paired with iboss Malware Defense and analysis provide state of the art, signatureless detection and protection against a variety of threats, including advanced attacks and zero-days that other solutions miss

    • Alerts That Matter: Utilize intelligence earned from the frontlines of the world’s biggest breaches, receiving high-fidelity alerts when it matters most

    Stay with us after the webinar for a live Q&A session with our experts.

    Register Now!
  • Proving Security Effectiveness to Your CISO, CFO and Board Recorded: May 1 2021 60 mins
    Earl Matthews, Maj Gen, (Ret), VP of Strategy, Mandiant Security Validation; Ryan Dodd, Founder and CEO, Cyberhedge
    Investments in cyber security have rapidly increased in recent years, yet high-profile breaches continue to make headlines, and the economic and financial losses stemming from these breaches continue to grow. Combined with economic pressures and extensive remote workforces, CISOs and CFOs must now work together to understand where to cut spending without adding risk. But without proper security validation and assessment tools that can credibly quantify risks in dollar terms, this becomes an impossible task.

    Attend this webinar to:

    • Learn how to fully validate your organization’s cyber health and measure its impact on the company’s financial posture and market performance Determine your organization’s risk profile, the financial impact of cyber performance and communicate about risk in dollar-based terms
    • Discover how mismanagement, underutilization and duplication of security controls drive up costs that increase as they flow through the organization
    • Learn how a bottom-up approach to security validation combined with a top-down market-validated risk assessment increases ROI of your security investments

    Expert Speakers:
    Earl Matthews, Maj Gen, (Ret), Vice President of Strategy, Mandiant Security Validation
    Ryan Dodd, Founder and CEO, Cyberhedge
  • Take Measure of Your Cloud Security Recorded: May 1 2021 16 mins
    Allison Wong, Sr. Product Manager, Cloudvisory, FireEye; Rajesh Rajeshirke, Principal Consultant, Mandiant
    Managing complex cloud deployments is challenging, especially when determining how pervasive rogue cloud instances, or cloud sprawl, is in your environment. But once you obtain a realistic measure of your cloud security posture, then you can effectively correct it.

    Watch this twenty-minute session to learn how FireEye Mandiant can bring world-class prevention, detection, and response capabilities to proactively outmaneuver threats in your cloud environment. We’ll discuss: The value of baselining your cloud security posture; How to gain greater visibility across hybrid, public, private, and multi-cloud environments; and Best practice cloud security based on frontline use cases.

    For the full Cyber Summit 2020 event program, please visit: https://www.fireeye.com/company/events/cyber-summit-2020.html
  • How Continuous Validation Helps Protect the Supply Chain Recorded: May 1 2021 59 mins
    Matt Shelton, Director, Technology Risk and Threat Intelligence, FireEye
    The Expanding Attack Surface: How Continuous Validation Helps Protect the Supply Chain

    Organizations are increasingly using third party providers to manage critical components of their infrastructure. The introduction of cloud services, managed service providers, and Software-as-a-Service (SaaS) has increased the size of an organization’s attack surface. A breach of proprietary and confidential information is just as impactful coming from the supply chain as it is from an organization’s infrastructure. Join Matt Shelton, Director, Technology Risk and Threat Intelligence, as he explains how intelligence-led validation can help tighten controls and reduce risk. In this webinar:

    -Hear about the realities of today’s threat landscape, sophisticated attackers and the implications on managing your security stack and processes
    -Learn how threat intelligence helps you take decisive action
    -Find out how continuous validation helps you understand the true measure of your security
    -Get insights into an actual use case where a company’s supply chain was breached to see how intelligence-led validation could have helped prevent it

    Register Now
  • M-Trends: A Canadian Perspective Recorded: Apr 28 2021 60 mins
    Ali Arasteh, Managing Director at Mandiant
    As the annual publication of M-Trends from FireEye Mandiant rolls out, we would like to invite you to review M-Trends through a Canadian lens.

    Our Mandiant team will share Canadian stories based on frontline investigations of high-impact cyber attacks and remediations while reviewing key topics covered by “M-Trends 2021 Report” including:

    · Ransomware Trends and Remediation Techniques
    · SUNBURST Investigation Insights
    · Enhanced Red Teaming Tactics
    · Latest Frontline Incident Response Metrics
    · Applicable Security Lessons
  • On the Defensive: Shaping Your Cyber Strategy in the Wake of UNC2452 Recorded: Apr 24 2021 43 mins
    Bader Azzouqa, Senior Consultant, FireEye Mandiant
    On December 13, 2020, FireEye discovered a global intrusion campaign performed by a highly evasive attacker leveraging the SolarWinds supply chain to compromise multiple global victims. The campaign, which may have begun as early as Spring 2020, is the work of highly skilled and likely nation-backed actors and was conducted with significant operational security. FireEye is continuing to track the threat actors behind this campaign and has labeled them UNC2452.

    In this session, you will learn first-hand:
    ● What FireEye Mandiant knows and continues to uncover about these threat actors
    ● Multiple techniques the actors are using to achieve their mission while obscuring their activities to evade detection
    ● Insights into detection and defensive strategies that organizations should deploy in the aftermath of UNC2452

    Be sure to check out all of the sessions in our FireEye Mandiant Virtual Summit 2021, Innovation Forward. A New Era of Resilience. - Live on April 13-15. https://virtualsummit.fireeye.com/
  • Improve Program Effectiveness through Security Transformation Recorded: Apr 24 2021 20 mins
    Nicholas Bennett, Managing Director, Mandiant Consulting; John M. DeLozier, Sr. Technical Director, Mandiant Consulting
    With the chance of an attacker affecting more organizations today—notably around ransomware progression and the shift to remote work—your security function is continually challenged to keep pace with incident prevention, detection and response.

    Transformation timelines often occur in two ways: proactive action to mitigate future threats, or reactive measures to remediate an existing incident—the latter can be detrimental. It’s imperative for security teams to develop and mature their security posture through capability improvement across four key areas: security architecture, cyber defense, governance and risk management.

    In this session, you'll learn how Mandiant helps organizations conduct transformational changes of critical security functions and staff readiness through hands-on support across these critical areas. We’ll also share a roadmap of our new transformation services on the horizon.

    For the full Cyber Summit 2020 event program, please visit: https://www.fireeye.com/company/events/cyber-summit-2020.html
  • Considerations for Evolving to Intelligence-Led Security Recorded: Apr 24 2021 38 mins
    Gina Hill, Principle Consultant, Mandiant & Duke McDonald, Consultant, Mandiant
    An intelligence-led security posture and program recognizes that cyber threat intelligence has the potential to help keep organizations ahead of adversaries. The challenge is how to effectively and repeatedly make proper use of the intelligence that organizations collect and consume. Ultimately, organizations need to be able to understand the return on their threat intelligence investments.

    Mandiant Threat Intelligence experts Gina Hill and Duke McDonald present an in-depth explanation of what it means to be intelligence-led, how organizations should seek to increase intelligence maturity and capability, and how to get started on this journey.

    Join this session to learn:
    • The definition, characteristics and caveats of an intelligence-led security approach
    • Things to consider when assessing and evolving intelligence maturity
    • The importance of frameworks when assessing, measuring and executing on your strategy

    Register Now
  • By the Numbers: M-Trends 2021 Recorded: Apr 15 2021 58 mins
    Mandiant Experts
    The latest M-Trends 2021 report is packed with data from Mandiant’s frontline incident response experience and unparalleled threat intelligence into the most impactful breaches and attacker behaviors around the world. But there is a deeper story to be told.

    Join Mandiant and FireEye experts as they dive deeper into the latest frontline data, walk you through what these findings mean for your organization and offer insight into effective mitigation solutions that are best suited to improve your organization’s security posture.
    Topics for discussion include:
    • Global and Regional Dwell Times
    • Industry Targeting Metrics
    • New Threat Groups
    • Top Malware Families
    • Ransomware Detection Data

    This session is recommended as a post-cursor to Today’s Top Cyber Trends and Attacks: M-Trends 2021 webinar.

    Expert Presenters: Nick Bennett, Managing Director, Mandiant; Regina Elwell, Sr. Principal Threat Analyst, Advanced Practices, FireEye Mandiant; Scott Runnels, Technical Director, Mandiant; Moderator: Jennifer Guzzetta, Sr. PMM, Mandiant Services

    Be sure to check out all of the sessions in our FireEye Mandiant Virtual Summit 2021, Innovation Forward. A New Era of Resilience. - Live on April 13-15. https://virtualsummit.fireeye.com/
  • Connect the Dots of Your Security Evidence: The Role of XDR in the SOC Recorded: Apr 15 2021 40 mins
    Dan Lamorena, VP of Product Marketing, Mandiant Advantage; Eric Adams, CISO and SVP, Kyriba
    Security analysts spend more time staring at multiple screens and consoles of alerts instead of focusing on the real cyber detective work of finding attackers. Current SOC tools only fill in some of the blanks and require constant tuning and maintenance. There is a better way.

    This Virtual Summit session covers:
    -The new Extended Detection and Response (XDR) product category
    -How organizations are deploying XDR technology to address attacks faster at a fraction of the cost

    Be sure to check out all of the sessions in our FireEye Mandiant Virtual Summit 2021, Innovation Forward. A New Era of Resilience. - Live on April 13-15. https://virtualsummit.fireeye.com/
  • Closing the Backdoor: Reverse Engineering SUNBURST Recorded: Apr 15 2021 61 mins
    Mandiant FLARE Experts
    At the end of 2020, FireEye revealed the details of a sophisticated threat actor that took advantage of SolarWinds’ Orion Platform to orchestrate a wide-scale supply chain attack and deploy a backdoor we call SUNBURST.

    This attack impacted organizations worldwide, leading executives everywhere to question whether their environment fell victim. Discovering, sharing, and shutting down access to the SUNBURST backdoor, which allowed attackers to move freely and spy on victims, required the unique expertise of Mandiant’s Frontline Applied Research and Expertise (FLARE) team. And for Mandiant Managed Defense, the identification of victims started well before the public became aware of the SUNBURST campaign.

    Join Mandiant experts for a retelling of the SUNBURST discovery story and a look inside how they addressed the SUNBURST threat with customers, including stories from the front lines of this customer-focused response. Our experts will also highlight:

    • How this prolific cyber-attack changes the way we view security
    • SUNBURST threat actor TTPs and how Mandiant hunts for the most relevant, and dangerous threats
    • What threat hunting techniques should be deployed to find today’s stealthiest attackers

    Be sure to check out all of the sessions in our FireEye Mandiant Virtual Summit 2021, Innovation Forward. A New Era of Resilience. - Live on April 13-15. https://virtualsummit.fireeye.com/
  • M-Trends 2021 First Look: The Top Cyber Trends and Attacks Through an EMEA Lens Recorded: Apr 15 2021 48 mins
    David Grout, CTO, EMEA, FireEye
    For more than a decade, FireEye Mandiant’s annual M-Trends report has been a reliable source of expert insights and frontline intelligence for security professionals worldwide. This year’s highly sought-after report, being released at the Virtual Summit, provides timely data and insights based on global investigations of high-impact cyber-attacks and remediations.

    Join FireEye EMEA CTO David Grout for a first-hand look at the latest incident response metrics, attacker trends and behaviours, and case study highlights from the 2021 report. This session will feature expert analysis and commentary on critical topics including:
    ● Ransomware Trends and Remediation Techniques
    ● SUNBURST / UNC2452 Investigation Insights
    ● Enhanced Red Teaming Tactics
    ● Growing Insider Threats

    Be sure to check out all of the sessions in our FireEye Mandiant Virtual Summit 2021, Innovation Forward. A New Era of Resilience. - Live on April 13-15. https://virtualsummit.fireeye.com/
  • Managing the Complexity of Zero Trust in the Cloud Recorded: Apr 14 2021 56 mins
    Allison Wong Sr. Product Mgr., Cloud, FireEye; Lisun Kung Sr. Dir., FireEye; Merritt Baer, Principal Security Architect, AWS
    In the wake of intensifying cybersecurity threats, managing and enforcing Zero Trust policies across multiple cloud environments is critical, yet also complicated and laborious. State, local, and education (SLED) government agencies in particular struggle to understand how best to implement Zero Trust in complex clouds as well as track data and keep it secure.

    In this session, attendees will gain insights into:

    ● The principles of Zero Trust and how they apply to cloud security
    ● The reference architecture for Zero Trust in the cloud
    ● Implications of the cloud Shared Responsibility Model

    Be sure to check out all of the sessions in our FireEye Mandiant Virtual Summit 2021, Innovation Forward. A New Era of Resilience. - Live on April 13-15. https://virtualsummit.fireeye.com/
  • Intel-Led Security Validation: A Strategy to Prove & Communicate Competency Recorded: Apr 14 2021 57 mins
    Colby M. DeRodeff, Chief Technology Officer, Mandiant Advantage; Rob Potter, VP of Validation Customer Success, Mandiant
    Intelligence-Led Security Validation: A Strategy to Prove & Communicate Competency

    Today we are seeing some of the most aggressive and sophisticated adversary attacks ever recorded. To ensure the health of your organization’s security infrastructure, it’s vital to validate the efficacy of security defenses with the use of authentic and relevant content based on active threat intelligence. Intelligence-led security validation enables you to quantify your risk, prioritize resources and prove competency. The result is the ability to strengthen and maintain your cyber stance against today’s evolving and aggressive adversary landscape.

    In this session, you will:

    ● Learn that testing or validation technology is not enough—The steps required for an effective security validation strategy include the use of authentic and active threat intelligence, and why the emulation of real attacks, rather than attack simulation, is critical
    ● Gain insights into how threat intelligence informs security validation efforts by identifying the threat actors that are most likely targeting your organization
    ● Understand how continuous validation can prove security effectiveness and operational competency—Ultimately, assuring security infrastructure health, identifying areas for optimization, and reducing risk exposure.

    Be sure to check out all of the sessions in our FireEye Mandiant Virtual Summit 2021, Innovation Forward. A New Era of Resilience. - Live on April 13-15. https://virtualsummit.fireeye.com/
The leading provider of next generation threat protection
FireEye is the world leader in combating advanced malware, zero-day and targeted attacks that bypass traditional defenses, such as firewalls, IPS and antivirus.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Operationalizing Cyber Threat Intel for Computer Network Defense: Focus on Iran
  • Live at: Feb 10 2020 4:00 pm
  • Presented by: Shanyn Ronis, Manager, FireEye Threat Intelligence Services; Katie Bowen, Threat Analyst, FireEye
  • From:
Your email has been sent.
or close