Cyber Threat Workshop

June 24, 2021, 10:00 a.m. PST

background image

Relevant Cyber Threat Intelligence:
Actionable Observations, Scaled Defenses

In this Cyber Threat Workshop, we continue our 2021 Summer Camp series to discover threats relevant to the enterprise attack surface. Worldwide digital change has accelerated the size, scope, and composition of an organization’s attack surface. The size of an attack surface may fluctuate over time, adding and subtracting assets and digital systems (e.g., websites, hosts, cloud and mobile apps, etc.).

Our experts will demonstrate how to identify cyber threats relevant to your unique attack surface (digital footprint) and which actions you can take to scale defenses and achieve elastic protection for today and threats yet to be deployed.

Internet Discovery
and Attack Surface Graphing

  • Internet Graphing and History
  • Infrastructure Chaining and Pivoting
  • Third-Party Attack Surface Intelligence
  • Expanded Vulnerabilities and Exposures

Enhanced Open Source Intelligence
(OSINT) and Threat Insights

  • Curate open-source intelligence relevant to your attack surface
  • Identify enhanced indicators based on infrastructure fingerprinting
  • See where and how threats become entangled with your attack surface
  • Track and expand threats dynamically

Adversary Fingerprinting:
APTs and Adversary-Threat Infrastructure

  • Examine context and complexity
  • Unmask threat groups (APTs)
  • Pinpoint threat tooling and sharing among cybercriminals
  • Find and eliminate global scale attacks and zero-day vulnerabilities

Our team of security experts will show how to leverage Attack Surface Intelligence combined with key threat indicators drawn from direct observation of attackers and their infrastructure.

We will explore tooling and malicious distribution (sharing) between threat groups, APTs, and their presence within your attack surface as well as third parties, peers, and your digital supply chain. Within the global attack surface, you will learn how to distinguish between you and others, the good and bad, adversaries and allies.

Hands-on labs and exercises will show how to expose real-life malicious and/or risky applications, hosts, domains, and components from services to silicon—every layer of your exploitable attack surface. In addition to improving your cyber threat skills, you get 2 CPE credits for attending.

Attend and Learn:

  • Introduction: Security Intelligence
  • Techniques for cyber threat analysis and management
  • How to leverage attack surface intelligence for faster threat investigations and response
  • Tools and techniques propagated by threat actors and groups, especially kits and variants
  • Real-world use cases with hands-on exercises, labs, and investigations
  • Earn 2 CPE Credits

*Certificates for completion are distributed for attending the entire workshop

Agenda

TimeSession
10:00 a.m.Welcome and Introduction
  • Internet Graphing and History
  • Introduction to RiskIQ Datasets
  • Chaining Infrastructure to Find Relationships
  • Attack Surface Intelligence
  • Third-Party Intelligence
  • Adversary-Threat Infrastructure and Fingerprinting
Use Cases – Hands-On Exercises and Investigations
  • Using RiskIQ Illuminate, we'll show two paths for threat investigations. First, we will explore an active alert requiring context, triage, and response insights. Second, we will practice strategic threat hunting by pivoting to build artifacts on adversaries and/or infrastructure of interest.
12:00 p.m.Wrap up