Got GIAC? Free GIAC Cert Attempt Included with OnDemand 5 or 6 Day Training thru July 7


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Cyber Threat Intelligence Skills and Usefulness: SANS CTI Survey Results, Part 2

  • Wednesday, February 07, 2018 at 1:00 PM EDT (2018-02-07 18:00:00 UTC)
  • Dave Shackleford, John Hurd, Rebekah Brown


  • Anomali
  • DomainTools
  • IntSights
  • Rapid7 Inc.
  • ThreatConnect

You can now attend the webcast using your mobile device!



The use of cyber threat intelligence (CTI) has been growing and capabilities are maturing. The current state of CTI is covered in Part I of this webcast series, held on Tuesday, February 6. Click here to register for that webcast.

In this second installment of the SANS CTI survey results report, SANS senior instructor, Dave Shackleford, will discuss how the growing use of CTI impacts cyber security skills and best practices. For example:

  • The type of skills required for IT professionals responsible for the CTI input and output
  • What departments CTI staff report to
  • Recommendations for security and response teams utilizing CTI
  • What departments are making the best use of CTI and how†
  • Real-life examples of respondents' CTI operations in action

Because CTI is derived from multiple sources, the webcast will also discuss best practices for managing and effectively utilizing CTI data where it is needed in the business and IT operations.

Register for this webcast and be among the first to receive the associated whitepaper written by Dave Shackleford.

View the associated whitepaper here.

Speaker Bios

Dave Shackleford

Dave Shackleford, a SANS analyst, senior instructor, course author, GIAC technical director and member of the board of directors for the SANS Technology Institute, is the founder and principal consultant with Voodoo Security. He has consulted with hundreds of organizations in the areas of security, regulatory compliance, and network architecture and engineering. A VMware vExpert, Dave has extensive experience designing and configuring secure virtualized infrastructures. He previously worked as chief security officer for Configuresoft and CTO for the Center for Internet Security. Dave currently helps lead the Atlanta chapter of the Cloud Security Alliance.

John Hurd

John Hurd is a threat intelligence research engineer at ThreatConnect who believes that technology is a powerful tool that should be intentionally leveraged to make the world a better place. As a consequence of this conviction, he enjoys developing tools and applications that enable organizations to better protect themselves. John holds B.S. in Computer Science from The Masterís College (now The Masterís University). When he isnít developing a new app or researching a threat, you can probably find him out on a hike.

Rebekah Brown

Rebekah Brown has spent more than a decade working in the intelligence community; her previous roles include NSA network warfare analyst, operations chief of a United States Marine Corps cyber unit, and a U.S. Cyber Command training and exercise lead. Rebekah has helped develop threat intelligence and security awareness programs at the federal, state and local level, as well as in the private sector. Today, Rebekah leads the Rapid7 threat intelligence programs, where her responsibilities include program architecture, analysis and operations. She is a course author and instructor for SANS FOR578 - Cyber Threat Intelligence, and author of Intelligence Driven Incident Response.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.