Standards for Cyber Threat Intelligence
- Greg Farnham - Master's Degree Candidate
- Friday, March 7th, 7:00pm - 7:40pm
The recommended approach for countering cyber threats is by a defense-in-depth strategy. One valuable component of a defensive strategy is leveraging shared cyber threat intelligence. Sharing cyber threat intelligence across organizations requires standards for defining and sharing cyber threat intelligence. This presentation provides an overview of standards for cyber threat intelligence, comparison of features, and examples of how they are used.
Greg Farnham began his career as a rocket scientist for a major defense contractor. He is currently working as a senior computer forensics engineer in the financial services industry. He has over 20 years of experience in IT and security. Prior to his current position, Greg was an information security consultant in Silicon Valley. In that role he implemented a wide variety of security solutions for clients in automotive, transportation, animation, clean tech, semiconductor, and financial industries. Greg is a candidate in the Master of Science Degree Program of SANS Technology Institute, and holds several GIAC Certifications.
The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:
- SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
- Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
- Lunch & Learn: Short presentations given during the lunch break.
Wednesday, March 5
|Welcome to SANS||Rob Lee||Wednesday, March 5th, 8:15am - 8:45am||Special Events|
|DFIReception - Forensicators Unite!||—||Wednesday, March 5th, 6:00pm - 7:00pm||Reception|
|Keynote: Have no fear - DFIR is here!||Rob Lee, Chad Tilbury, Alissa Torres, Phil Hagen, and Lenny Zeltser||Wednesday, March 5th, 7:00pm - 8:30pm||SANS@Night|
Thursday, March 6
|Malware Analysis Essentials Using REMnux||Lenny Zeltser||Thursday, March 6th, 6:00pm - 7:00pm||SANS@Night|
|Panic! Hysteria! No malware required!||John Strand||Thursday, March 6th, 7:00pm - 8:00pm||SANS@Night|
|There's *GOLD* in them thar package management databases!||Phil Hagen||Thursday, March 6th, 8:00pm - 9:00pm||SANS@Night|
Friday, March 7
|Sick Anti-Forensics Mechanisms in the Wild||Alissa Torres||Friday, March 7th, 6:00pm - 7:00pm||SANS@Night|
|Forensic Handling of the iPhone 5c and 5s||Heather Mahalik||Friday, March 7th, 7:00pm - 8:00pm||SANS@Night|
|Standards for Cyber Threat Intelligence||Greg Farnham - Master's Degree Candidate||Friday, March 7th, 7:00pm - 7:40pm||Special Events|
|A 10 Second Journey: Parsing the structure of the Windows 8 Prefetch Artifact||Jared Atkinson||Friday, March 7th, 8:00pm - 9:00pm||SANS@Night|
Saturday, March 8
|GIAC/STI Overview||—||Saturday, March 8th, 12:30pm - 1:15pm||Lunch and Learn|
Sunday, March 9
|Closing the Door on Web Shells||Anuj Soni||Sunday, March 9th, 7:00pm - 8:00pm||SANS@Night|