Top Cybersecurity Training Protects Your Assets - Learn From the BEST and Apply New Knowledge Immediately!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Creating Understanding from Data

  • Thursday, November 09, 2017 at 10:30 AM EST (2017-11-09 15:30:00 UTC)
  • John Bambenek

You can now attend the webcast using your mobile device!



We talk about threat intelligence but often people are really only referring to raw data. Organizations and the industry at large is great about producing data but tools and techniques to drill down to create understanding are lacking. This webcast will cover how to take individual observables, find patterns, and to use those patterns to create understanding about the specific adversary and their intentions. By taking and automatically processing attack data organizations see (and often discard) and run through some steps in the kill chain, it becomes possible to link disparate classes of data into a true context to see how attacks and events relate to each other and can be correlated across months and years. 

This webcast will show a few open source tools and data sets that are online and how organizations can use them in the short term to start creating tailored intelligence not just on attackers, but intelligence on the specific attackers targeting them.

To learn more on the topic, join SANS for its Cyber Threat Intelligence Summit & Training in Bethesda, MD this January. The two-day Summit features in-depth presentations by top experts and practitioners addressing specific analytical techniques and capabilities that can be utilized to generate and maintain cyber threat intelligence for your organization.

Speaker Bio

John Bambenek

John Bambenek is Manager of Threat Systems at Fidelis Cybersecurity and an incident handler with the Internet Storm Center. He has been engaged in security for 18 years researching security threats. He has participated in many incident investigations spanning the globe and runs several private intelligence groups focusing on takedowns and disruption of criminal entities.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.