Creating Understanding from Data

  • Webcast Aired Thursday, 09 Nov 2017 10:30AM EST (09 Nov 2017 15:30 UTC)
  • Speaker: John Bambenek

We talk about threat intelligence but often people are really only referring to raw data. Organizations and the industry at large is great about producing data but tools and techniques to drill down to create understanding are lacking. This webcast will cover how to take individual observables, find patterns, and to use those patterns to create understanding about the specific adversary and their intentions. By taking and automatically processing attack data organizations see (and often discard) and run through some steps in the kill chain, it becomes possible to link disparate classes of data into a true context to see how attacks and events relate to each other and can be correlated across months and years. '

This webcast will show a few open source tools and data sets that are online and how organizations can use them in the short term to start creating tailored intelligence not just on attackers, but intelligence on the specific attackers targeting them.

To learn more on the topic, join SANS for its Cyber Threat Intelligence Summit & Training in Bethesda, MD this January.'the two-day Summit features in-depth presentations by top experts and practitioners addressing specific analytical techniques and capabilities that can be utilized to generate and maintain cyber threat intelligence for your organization.