Gain Top-Notch Cyber Security Skills at SANS Pittsburgh 2018. Save $200 thru 6/27.

Cyber Threat Intelligence Summit

Bethesda, MD | Mon, Jan 29, 2018 - Mon, Feb 5, 2018
This event is over,
but there are more training opportunities.

CTI Summit Agenda

We strive to present the most relevant, timely and valuable content. As a result, this agenda is subject to change. Please check back frequently for changes and updates.

Monday, January 29th
Time Presentation Speaker
8:45-9:00 am Welcome & Introductions

Rick Holland (@rickhholland), Summit Co-Chair, SANS Institute
Robert M. Lee (@RobertMLee), CEO, Dragos Inc.; Summit Co-Chair, Author, Certified Instructor, SANS Institute

9:00-10:00 am

Keynote Address: Survival Heuristics: My Favorite Techniques for Avoiding Intelligence Traps

Carmen Medina (@milouness), Retired CIA & Co-author, Rebels at Work: A Handbook for Leading Change from Within
10:00-10:30 am Networking Break
10:30-11:05 am There Is MOAR To Structured Analytic Techniques Than Just ACH! Rick Holland (@rickhholland), Summit Co-Chair, SANS Institute
11:05-11:40 am

I Can Haz Requirements?: Requirements and CTI Program Success

Michael Rea (@ComradeCookie), Senior Security Researcher, McAfee
11:40 am - 12:15 pm Intelligence Preparation of the Cyber Environment (IPCE) Rob Dartnall (@cyberfusionteam), Director of Intelligence, Security Alliance Ltd.
12:15-1:30 pm Lunch & Learn Sessions
1:30-2:05 pm

Event Threat Assessments: G20 as a Case-Study for Using Strategic CTI to Improve Security

Lincoln Kaffenberger (@LincolnKberger), Threat Intelligence Officer, IMF
2:05-2:40 pm Hunting Hidden Empires with TLS Certified Hypotheses

Dave Herrald (@daveherrald), Staff Security Strategist, Splunk
Ryan Kovar (@meansec) (@splunk), Senior Security Architect, Splunk

2:40-3:10 pm Networking Break
3:10-3:45 pm

Intelligent Hunting: Using Threat Intelligence to Guide Your Hunts

Keith Gilbert (@Digital4rensics), Security Technologist, Sqrrl/Malformity Labs
3:45-4:20 pm

Homemade Ramen & Threat Intelligence: A Recipe for Both

Scott J. Roberts (@sroberts), Bad Guy Catcher, GitHub; Summit Advisor, SANS Institute

5:30-7:30 pm Off-site Networking Event
Tuesday, January 30th
Time Presentation Speaker
9:00-9:15 am Day 2 Welcome & Overview
9:15-10:00 am

Keynote Address
Attributing Active Measures, Then and Now

Thomas Rid (@RidT), Professor of Strategic Studies, Johns Hopkins University's School of Advanced International Studies; Author, Rise of the Machines
10:00-10:30 am Networking Break & Vendor Expo
10:30-11:05 am The Challenge of Adversary Intent and Deriving Value Out of It Robert M. Lee (@RobertMLee), CEO, Dragos Inc.; Summit Co-Chair, Author, Certified Instructor, SANS Institute
11:05-11:40 am

Legal Implications of Threat Intelligence Sharing

Jason Straight (@UnitedLex), Chief Privacy Officer, UnitedLex
11:40 am - 12:15 pm Leveraging Curiosity to Enhance Analytic Technique Chris Sanders (@chrissanders88), Founder, Applied Network Defense
12:15-1:30 pm Lunch
1:30-2:05 pm

AlphaBay Market: Lessons From Underground Intelligence Analysis

Christy Quinn (@ChristyQuinn), Security Specialist - Cyber Threat Intelligence, iDefense - Accenture Security
2:05-2:40 pm Determining the Fit and Impact of CTI Indicators on Your Monitoring Pipeline (TIQ-Test 2.0) Alex Pinto (@alexcpsec), Chief Data Scientist, Niddel
2:40-3:10 pm Networking Break & Vendor Expo
3:10-3:45 pm

Upgrading your Cyber Threat Intelligence to Track Down Criminal Hosting Infrastructures

Dhia Mahjoub (@DhiaLite), Head of Security Research, Cisco Umbrella (OpenDNS)
3:45-4:20 pm ElasticIntel: Building an Open Source, Low-Cost, Scalable and Performant Threat Intel Aggregation Platform Matt Jane (@PansyMcCoward), Principal Security Engineer, Okta
3:45-4:20 pm

Information Anarchy: A Survival Guide for the Misinformation Age

Rebekah Brown (@PDXbek), Threat Intelligence Lead, Rapid7; Summit Advisor, SANS Institute
5:00- 6:15 pm Networking Reception
6:15-7:00 pm

Bonus Session
Getting on the Same Page: Leveraging a Common Framework for Enhanced Intel Sharing

Jim Richberg, National Intelligence Manager for Cyber, Office of the Director of National Intelligence

7:00-8:00 pm

Pass the Popcorn: Cyber Threat Intel Pros Get Real