An Attacker’s View:

Combining Internal Data with External Intelligence

background image

It's incredible to think how far organizations have come in gaining visibility into their enterprise in just the last five years to detect and respond to threats. Analysts used to have conversations about how and where to enable logging. One quantum leap later, and these conversations are now about optimizing queries and response efforts to get the most out of the vast amounts of internal data available to them.

Today, security analysts operate with an extreme amount of context, but their internal collection is just one side of what their organization looks like. The most successful and secure enterprises recognize that they must pair their internal data with external intelligence to have real visibility into their attack surface—and how they appear to would-be attackers. Attack surface visibility is increasingly relevant given the autonomy and distributed nature of teams and systems today.

In this webinar, Adam (CrowdStrike) and Brandon (RiskIQ) discuss the value of bridging internal endpoint telemetry with external internet intelligence and how CrowdStrike leverages RiskIQ to accelerate their investigations and research.

Topics to be covered

  • Current state of threat intelligence and how it's evolved over the past ten years to become a critical component of a security program.
  • Ways in which organizations can accelerate their investigations and complete their response efforts by automating how they bridge internal and external data.
  • How CrowdStrike leverages RiskIQ external internet intelligence within their own services and threat intelligence teams.

Speaker Bios

Guest Speaker: Adam Meyers
VP of Intelligence for CrowdStrike
Twitter / LinkedIn

Adam Meyers is the VP of Intelligence for CrowdStrike; in this role, he over-sees the team's daily activity, provides direction and strategic vision for the company's intelligence collection, reverse engineering, and analysis efforts. He also serves as a senior security researcher, who focuses on reverse engineering targeted malware threats, mobile malware and related technologies. Previously he was the Director, Cyber Security Intelligence with the National Products and Offerings Division of SRA International. In that role, Mr. Meyers served as a senior subject matter expert for cyber threat and cyber security matters for a variety of SRA projects. Mr. Meyers provided both technical expertise at the tactical level and strategic guidance on overall security program objectives. Mr. Meyers also acted as the product manager for SRA Cyberlock, a dynamic malware analysis platform.

Brandon Dixon
Co-Founder of PassiveTotal & VP of Strategy for RiskIQ
Twitter / LinkedIn

Brandon has spent his career in information security performing analysis, building tools, and refining processes. As VP of Strategy, he is responsible for aligning RiskIQ to the market, influencing product strategy and furthering partnerships. Prior to RiskIQ, Brandon was the co-founder of PassiveTotal (acquired by RiskIQ) where he led development and product direction. Throughout the years, Brandon has developed several public tools, most notably PDF X-RAY, and NinjaJobs. His research and development on various security topics have gained him accolades from many major security vendors and peers in the industry.

Watch the Webinar