Practice New Skills with 4 Months of Free Core NetWars Continuous - Special Offer Ends 11/4!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Level Up Your Security Strategy with Cyber Threat Intelligence

  • Wednesday, March 11, 2015 at 1:00 PM EDT (2015-03-11 17:00:00 UTC)
  • Joe Schreiber, Dave Shackleford


  • AlienVault

You can now attend the webcast using your mobile device!



Security organizations of all sizes are realizing the increasing value of cyber threat intelligence (CTI). Unfortunately, many teams get "stuck" at one phase and never get the complete value CTI offers. Whether you're considering which services to purchase, whether to use open threat feeds or looking at integration methods it's important to remember the final goal: Turning threat intel data into real, actionable information that can help with detection and response.

No matter which stage of CTI implementation or planning you're at, we have some tactical and real-world advice to get your CTI project to completion.

In this webcast, we'll cover the following:

-CTI Planning and Research: What types of threat intelligence should you consider? What sources of threat intelligence make the most sense for you? How can you accurately gauge the effectiveness and quality of a threat intelligence source or provider?

-CTI Implementation: What formats are most useful for CTI feeds and data? What are some best practices for integrating CTI feeds into existing monitoring and correlation tools? Do you need dedicated systems for managing and using threat intelligence data?

-CTI for Security Operations: Now that you have CTI, what are some effective use cases to get value from the data? How can you put that CTI data to good use in daily monitoring, detection, response, and investigation activities in your environment?

Join us for this and more!

Speaker Bios

Dave Shackleford

Dave Shackleford, a SANS analyst, instructor, course author, GIAC technical director and member of the board of directors for the SANS Technology Institute, is the founder and principal consultant with Voodoo Security. He has consulted with hundreds of organizations in the areas of security, regulatory compliance, and network architecture and engineering. A VMware vExpert, Dave has extensive experience designing and configuring secure virtualized infrastructures. He previously worked as chief security officer for Configuresoft and CTO for the Center for Internet Security. Dave currently helps lead the Atlanta chapter of the Cloud Security Alliance.

Joe Schreiber

Joe Schreiber is a Solutions Architect with AlienVault who has been doing IT security since the days of dial-up. With his team at AT&T Managed Security Services, Joe built one of the world's largest SIEM systems, bringing thousands of devices under real time security management and monitoring more than 2 petabytes of network traffic daily. With Joe's insight and experience, this is guaranteed to be an hour well spent.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.