Cyber Threat Workshops

Know Your Weaknesses: Vulnerability Intelligence

background image

In this Cyber Threat Workshop, we continue our Back to School series by exploring the 5 Key Principles of Security Intelligence. This workshop is dedicated to the fifth principle: Know Your weaknesses (Vulnerability Intelligence), and examines new common vulnerabilities and exposures (CVEs) and identifies which vulnerabilities matter, how critical they are, and how to align all teams in your organization, so you’re working toward a common goal.

Sun Tzu said, “avoid what is strong, and strike at what is weak.” This has always been the mantra of threat actors. Our experts demonstrate how you can find the weaknesses in your own attack surfaces and third parties so you can prepare your defenses and correct the weaknesses in your external attack surface to prevent threat actors’ attacks.

Vulnerability Intelligence and the RiskIQ API are utilized to analyze large amounts of data to quickly and accurately determine the risks and exposures from vulnerable applications, web components, IoT devices, and infrastructure.

Graph and Identify

  • Internet Graphing and History
  • Infrastructure Chaining and Pivoting
  • Determine the scope of a vulnerability
  • Which Threat Actors are targeting particular vulnerabilities

Threat Actor Infrastructure and
Third-Party Connections

  • Expand threat search from one to thousands
  • Identify relationships and related infrastructure, including depth indicators from certificates, banners, and NetFlow
  • Determine the dynamic reputation scores of IP addresses and hosts in investigations

Broad Scope, Global Scale
Attacks (and Defenses)

  • See where and how threats become entangled with threat actor infrastructure and attack surfaces
  • Learn new techniques for attribution— from system to user to threat group
  • Find and eliminate global scale attacks originating from threat actor tooling and other threat actor infrastructure.

Our team analyzes and investigates publicized vulnerabilities, and the threats actors are targeting. Threat actor tooling, attack vectors are examined to identify, stop and prevent these attacks.

Black Friday is around the corner, so we also examine weaknesses that threat actors are targeting to steal payment card information and malicious mobile applications targeting Black Friday sales.

We explore publicized recent vulnerabilities and determine the global scale of the issue, determine if you or your partners are victims or could be affected. We use RiskIQ Illuminate and RiskIQ’s API to determine the steps needed for an investigation and then create a Jupyter Notebook to scale the investigation and make it repeatable for others. We also analyze attack surfaces for vulnerabilities and prioritize them based upon risk and known active exploits across the attack surface.

Hands-on labs and exercises show how to expose real-life malicious and risky applications, hosts, domains, and components from services to silicon—every layer of your exploitable attack surface

Watch and Learn:

  • Introduction: Security Intelligence
  • Introduction to infrastructure chaining and internet graphing
  • Techniques for adversary-threat infrastructure tracking and attribution
  • How to identify bulletproof hosting providers
  • How to graph connected threats entangled with legitimate resources
  • Real-world use cases with hands-on exercises, labs, and investigations