Cyber Threat Workshops

Know Your Enemies: Cyber Threat Intelligence

background image

In this Cyber Threat Workshop, we continue our Back to School Series by exploring the 5 Key Principles of Security Intelligence. This workshop is dedicated to the third principle: Know Your Enemies (Cyber Threat Intelligence), and examines insight into the threat systems and threat actors targeting your organization across the global attack surface.

Our experts demonstrate utilizing attacks publicized in the news to identify the threat actors, their infrastructure and the tooling that was utilized in attacks.

Graph and Identify
Threat Actor Tooling

  • Internet Graphing and History
  • Infrastructure Chaining and Pivoting
  • Adversary-Threat Fingerprinting
  • Associate Threat Systems and Distribution

Threat Actor Infrastructure and
Third-Party Connections

  • Expand threat search from one to thousands
  • Identify relationships and related infrastructure, including depth indicators from certificates, banners, and NetFlow

Broad Scope, Global Scale
Attacks (and Defenses)

  • See where and how threats become entangled with threat actor infrastructure and attack surfaces
  • Learn new techniques for attribution, from system to user to threat group
  • Find and eliminate global scale attacks originating from threat actor tooling and other threat actor infrastructure.

Our team analyzes and investigates publicized attacks to determine the threat actors, tooling that was used in those attacks. Attendees gain expertise and knowledge to allow threat investigators and incident responders to determine the global scope of the attack, the threat actor’s infrastructure and their victims of the attacks.

We explore a real domain that was compromised to prompt users to accept a new fraudulent SSL certificate for the legitimate domain that could be used in a future attack. Bulletproof hosting providers are examined to identify the numerous threat actors utilizing their services. Additionally, we dissect Attacks-as-a-Service to identify malicious tools targeting your attack surface and people.

Hands-on labs and exercises show how to expose real-life malicious and/or risky applications, hosts, domains, and components from services to silicon—every layer of your exploitable attack surface.

Watch and Learn:

  • Introduction: Security Intelligence
  • Introduction to infrastructure chaining and internet graphing
  • Techniques for adversary-threat infrastructure tracking and attribution
  • How to identify bulletproof hosting providers
  • How to graph connected threats entangled with legitimate resources
  • Real-world use cases with hands-on exercises, labs, and investigations