Please visit SANS Cyber Threat Intelligence Summit 2016.
Cyber Threat Intelligence Summit
CTI 2014: Collection, exploitation, and analytics of cyber threat intelligence
Two challenges faced by modern security organizations are far more complementary than is often appreciated: big data collection and utility of cyber threat intelligence. Many companies already have substantial investments in one or more technologies that collect massive amounts of data engineered into "big data" solutions:
- Security Information and Event Management products ingest logs from servers, PCs, network devices and security controls and provide normalization, consolidation and alerting.
- Security Monitoring products such as vulnerability assessment, digital forensics, intrusion detection and network behavior analysis provide information on active vulnerable or compromised resources.
- Threat intelligence feeds provide information streams on active threats, source reputations and indicators of attack.
Most of the product integration and event correlation amongst these devices is focused on compliance-oriented reporting, not situational awareness, intelligence exploitation, behavioral codification, higher-order analytics, or proactive response. There is a huge amount of hype in the IT industry around "big data" as the solution to many modern IT challenges; this hype is often manifested in the product literature of these devices, although little attention is paid to how this data can be best leveraged. SANS would like to issue a call to action for "security analytics" - tools and techniques to help experienced security managers and analysts use this flood of information to make more effective, more efficient and more timely decisions that lead to fewer successful attacks and less damage from those intrusion which successfully enable our adversaries.
In order to provide resilient capabilities for mitigating risks associated with advanced targeted attacks, security analytics tools and techniques that can support or be applied to big data are necessary. In this summit, we will focus on precisely these tools, techniques, and analytics that assist network defenders in exploiting the voluminous data produced by modern security instrumentation for enhanced cyber threat intelligence collection in ways that improve overall organizational network defense.
Special Offer for All Attendees!
This offer reduces the Summit registration fee from $1,495 to $495 when purchased in conjunction with a full price 4-6 day course a savings of $1,000! Register with discount code, CTI to take advantage of the bundled offer.
Special discount for Government Employees (e.g., federal, state, local, DoD).
Use "CTISummit" for a $1000 discount on the summit alone
Use "CTICourse" for free summit attendance in conjunction with a full-priced course