Four Days Left to Get an iPad (32G), Galaxy Tab A, or $250 Off Online Training!

Vendor Briefing

Washington, DC | Fri Mar 27, 2020
Vendor Briefing
Event starts in 68 Days

Cyber Threat Intelligence Solutions Forum: Intel-Use Cases For Destructive Scenarios


This forum is free to attendees with Discount Code CTIForum2020.
(Note: To enable the Discount Code, enter CTIForum2020 in the Registration Discount Code block. Pick Check as Payment Method, then click Review Order. $0 fees will be reflected.)

Chairman: Robert M. Lee
Date: Friday, March 27, 2020
Time: 8:30am EST - 12:30pm

Cyber threat intelligence has a wide range of use-cases for security practitioners. Over the past few SANS cyber threat intelligence forums we've focused on tactical level insights and lessons learned from the field as well as operational level tracking of threat groups. It is clear though lately there is a trend of destructive scenarios including ransomware cases that hold companies and entire cities hostage. Cyber threat intelligence's use-cases are not always so straight forward for folks on how to leverage intel when the impact is destructive versus simply long term tracking and understanding of adversary motivations, priorities, and capabilities. The SANS Cyber Threat Intelligence Solutions Forum seeks to identify use-cases seen from some of the leading cyber threat intelligence vendors and solutions providers so that they can share their knowledge from the field with the SANS community.

This day event is free to cybersecurity professionals. Networking lunch immediately following.

You will earn 4 CPE credit hours for attending this event.

Agenda Coming Soon

Time Event
TBD Opening Remarks/Keynote
Robert M. Lee, SANS Certified Instructor
TBD Session Coming Soon
TBD Networking break
TBD Session Coming Soon
TBD Closing address
TBD Networking lunch


Robert M. Lee

Robert M. Lee

SANS certified instructor Robert M. Lee brings to the classroom one of the most valuable and respected of credentials: real-world experience. Robert is the CEO and founder of his own company, Dragos, Inc., that provides cyber security solutions for industrial control system networks. Consider the 2015 attack on the Ukraine power grid when for the first time in history a power grid went down due to an intentional cyberattack. Robert and a few others formed a specialized team to analyze the event and passed information to the impacted parties as well as the U.S. government and private sector. "I was the first in the industry to publicly confirm the attack and wrote the industry standard report on the attack exploring how it occurred, the lessons learned, and what must be done to protect other infrastructure sites," Robert says. He and his team also analyzed the malware from the 2016 cyber attack on Ukraine's Kiev substation and dubbed it CRASHOVERRIDE as the first ever malware tailored to specifically disrupt electric grid operations.


Can't join us in person for this important briefing? This event will also be Simulcast. Register for the Simulcast!

Venue Information