Visibility on the Network: A Tactical CTI-Based Approach - A SANS Master\\'s Degree Presentation

  • Webcast Aired Thursday, 31 May 2018 10:30AM EDT (31 May 2018 14:30 UTC)
  • Speaker: Alfredo Hickman

This presentation is based on a project which demonstrates the use of the Security Onion platform to facilitate the creation of tactical cyber threat intelligence and aid in intrusion detection and analysis. The findings presented are based on practical and realistic attack scenarios founded on the Cyber Kill Chain '. The attack scenarios provide simple examples representative of adversary techniques and tactics, and the associated analysis serves to aid defenders in creating methods to secure their environments from threats and vulnerabilities.