Cyber Threat Workshops

Know Your Allies: Third-Party Intelligence

background image

In this Cyber Threat Workshop, we continue our Back to School Series by exploring the 5 Key Principles of Security Intelligence. This workshop is dedicated to the second principle: Know Your Allies (Third-Party Intelligence), and will examine how the rapidly evolving digital supply chain creates systemic risk for every digital organization.

Our experts demonstrate how to identify cyber threats specifically designed for ransomware and phishing attacks, then explore how these threats can be found within critical third-party attack surfaces—partners, suppliers, M&A scenarios, and other digital dependencies.

Graph and Identify
Ransomware and Phishing Threats

  • Internet Graphing and History
  • Infrastructure Chaining and Pivoting
  • Adversary-Threat Fingerprinting
  • Associate Threat Systems and Distribution

Adversary-Threat Infrastructure
and Third-Party Connections

  • Expand threat search from one to thousands
  • Identify relationships and related infrastructure, including depth indicators from certificates, banners, and NetFlow

Broad Scope, Global Scale
Attacks (and Defenses)

  • See where and how threats become entangled with third-party attack surfaces
  • Learn new techniques for attribution, from system to user to threat group
  • Find and eliminate global scale attacks originating with third-parties and other digital dependencies

Our team combines real-world observations of attackers using third-party attacks (global scale, opportunistic attacks) to scam, spam, and phish organizations like yours under the guise of a trusted third-party. Examples include expansion discovery from a single attack source into the ecosystem of third-party attack surfaces entangled with adversary-threat infrastructure.

We explore tooling and malicious distribution (sharing) to propagate ransomware and phishing tools for more scaled attacks and rapid variants accessible to thousands of threat actors and groups.

Hands-on labs and exercises show how to expose real-life malicious and/or risky applications, hosts, domains, and components from services to silicon—every layer of your exploitable attack surface.

Watch and Learn:

  • Introduction: Security Intelligence
  • Introduction to ransomware and phishing tools and instrumentation
  • Techniques for third-party infrastructure mapping
  • How to identify ransomware and phishing attacks
  • How to graph connected threats entangled with third-party systems
  • Real-world use cases with hands-on exercises, labs, and investigations