OnDemand & vLive - Get a GIAC Cert Attempt Included or $350 Off thru 10/31

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

Tailored Intelligence for Automated Remediation: SANS Review of IntSights' Enterprise Intelligence and Mitigation Platform

  • Wednesday, May 2nd, 2018 at 10:30 AM EDT (14:30:00 UTC)
  • Sonny Sarai and Alon Arvatz
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

Sponsor

  • IntSights

You can now attend the webcast using your mobile device!

Overview

Overworked and understaffed IT security teams are trying to integrate threat intelligence into their detection, response, and protection processes -- but not very successfully, according to the SANS 2017 SOC and CTI surveys. Respondents to both surveys also indicate they need fewer intelligence alerts and more visibility into external threats (usually found on the Dark Web) that actually matter to their enterprises. (They want to know: should they be worried or not?) They also want to utilize new intelligence to find and remove unknown vulnerabilities.

In this webcast, SANS Analyst Sonny Sarai will discuss his experience reviewing IntSights' Enterprise Threat Intelligence and Mitigation Platform, which was created specifically to address these challenges. IntSights' platform integrates customized intelligence with threat blocking and threat takedown, remediation and workflow to reduce administrators' workloads.

Attend this webcast and learn how IntSights worked under a variety of attack scenarios. As results of the review are released, attendees will also learn:

  • The six typical steps in an attack chain
  • Three newly discovered steps that adversaries execute even before conducting reconnaissance
  • How your own assets matter: the difference between tailored and generic intelligence feeds
  • The need to filter intelligence that doesn't apply to save employees from chasing leads
  • The value of counterthreat intelligence: utilizing external threat information found on the dark web and IOCs to protect your brand
  • The difference between internal threat remediation and external threat takedown
  • How remediation speed and capabilities are improved with integrated, automatic device updates 

All of the above information and more will be covered in this webcast as Sonny describes his experiences reviewing the IntSights platform under simulated attack, detection, and remediation scenarios. Those who attend this webcast will also receive access to the written review.

View the associated whitepaper here.

Speaker Bios

Sonny Sarai

Sonny Sarai, SANS GIAC Advisor, has more than 10 years' IT experience, seven of them in an information security capacity. He now works as a senior information security analyst, responsible for data governance, compliance, penetration testing, digital forensics and incident response. Sonny holds a degree in forensic investigation, specializing in computer crime. He holds a CISSP and industry-leading certifications from SANS in advanced digital forensics (GCFA), network intrusion detection (GCIA) and security essentials (GSEC). Sonny has an extensive lab dedicated to research, development and analysis, where he continually hones his skills and enhances his capabilities.


Alon Arvatz

Alon served in an elite intelligence unit in the Israel Defense Forces. While serving for three years in the most innovative and operational setting, he led and coordinated large operations in the cyber intelligence world. He also led core cyber threats discussions. Alon established Cyber School, a center providing teenagers with courses, seminars and workshops on cyber intelligence. Today, he is the co-founder and vice president of product development at IntSights. 

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.