Prove Skill Mastery with GIAC Certs - Free Cert Attempt Included with OnDemand Training


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

The State of Cyber Threat Intelligence: Part 1: How Cyber Threat Intelligence Is Consumed and Processed

  • Tuesday, August 16, 2016 at 1:00 PM EDT (2016-08-16 17:00:00 UTC)
  • Dave Shackleford, Arabella Hallawell, Javvad Malik, Chip Witt


  • AlienVault
  • Anomali
  • Arbor Networks
  • HP Enterprise Security
  • NETSCOUT Systems, Inc.
  • Rapid7 Inc.

You can now attend the webcast using your mobile device!



How does the IT community gather and consume cyber threat intelligence (CTI) and do their CTI implementations provide value? This webcast, the first of a two-part series, will present part of the results of the second SANS Cyber Threat Intelligence Survey.

Part 1 looks at the state of cyber threat intelligence today, including the following:

  • How mature respondents' CTI programs are
  • How their CTI programs are organized
  • Who is aware of the CTI program, who uses the intelligence information gathered and how they use it
  • Whether or not they're achieving benefits from their CTI programs
  • What challenges they face in improving their programs

Part 2, held on Wednesday, August 17, focuses on the ways in which CTI programs are enabling organizations to improve their security programs and posture, as well as looking at respondents' future plans.

Be among the first to receive the associated whitepaper written by SANS Analyst and security expert Dave Shackleford.

View the associated whitepaper here.

Speaker Bios

Dave Shackleford

Dave Shackleford, a SANS analyst, senior instructor, course author, GIAC technical director and member of the board of directors for the SANS Technology Institute, is the founder and principal consultant with Voodoo Security. He has consulted with hundreds of organizations in the areas of security, regulatory compliance, and network architecture and engineering. A VMware vExpert, Dave has extensive experience designing and configuring secure virtualized infrastructures. He previously worked as chief security officer for Configuresoft and CTO for the Center for Internet Security. Dave currently helps lead the Atlanta chapter of the Cloud Security Alliance.

Arabella Hallawell

Arabella Hallawell, senior director of product marketing at Arbor Networks, is responsible for the go-to-market positioning and activation of the company's Advanced Threat solutions. Previously, she led strategic planning at Arbor. Arabella has more than 20 years of experience in IT security and strategy. Prior to joining Arbor, she was VP of corporate strategy at Sophos, a global IT security vendor headquartered in Boston and Oxford, UK, where she led M&A strategy, market and customer insight, and global corporate communications. Prior to Sophos, Arabella was research VP at Gartner, the IT research and advisory services firm.

Javvad Malik

Javvad Malik - the man, the myth, the blogger - is a London-based IT security professional. Better known as an active blogger, event speaker and industry commentator, he is possibly best known as one of the industry's most prolific video bloggers with a signature fresh and light-hearted perspective on security. Prior to joining AlienVault as a security advocate, Javvad was a senior analyst with 451 Research, providing technology vendors, investors and end users with strategic advisory services, including competitive research and go-to-market positioning.

Chip Witt

Chip Witt has over 15 years of diverse technology experience, including product management and operations leadership roles at Webroot, VMware, Alcatel and Limelight Networks. He is currently the senior product manager of threat intelligence for HPE Security and is responsible for HPE Security Threat Central, a cloud-based subscription service that enables security analysts to create actionable threat intelligence through collaboration with other security experts worldwide. In the security realm, Chip works closely with field intelligence teams specializing in OSINT and HUMINT tradecraft, actor attribution and underground monitoring.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.