- NULLCON Webinars
- Operationalizing Threat Intelligence for Collective Defense
Speaker Name: Avkash Kathiriya
Title: Operationalizing Threat Intelligence for Collective Defense
Date: 28th August 2020
Time: 4:00 pm IST
For defenders in the current situation, Threat Intel is all about IOCs which are more technical in nature and covers aspects that have a very short lifespan. By the time controls are put in place to thwart the technical IOCs, attackers change it and counter with new attacks. So, it becomes essential for defenders to continuously automate the Threat Intelligence actioning and harness the tactical information as well used by attackers and have countermeasures in place.
By automating Threat Intel collection, analysis, and dissemination, we can deduce predictive intelligence providing greater visibility to the organizations while allowing them to anticipate and counter threats even before they attack. We will discuss how end-to-end threat intelligence automation in a closed trusted sharing environment could be used to operationalize actionable and relevant predictive intelligence by correlating, enriching, and analyzing threat data collected in real-time from a wide range of external and internal sources over a hub and spoke sharing model. We will also cover advanced automation strategies for the full threat intelligence lifecycle while detailing how mutual threat sightings could be used to identify and prioritize threats with precision confidence.
High-Level Agenda for Presentation
- Collective Defense Vs Passive Defense Vs Active Defense
- Threat Intelligence and Its types
- Threat intelligence Lifecycle: Human Vs Machine
- Threat Intelligence Maturity Model
- Threat Intelligence Orchestration
- Threat Intelligence Collaboration
- Collective Defense
Information Security professional with overall 12+ years of experience in the Information Security domain. Currently heading Research and Innovation in Cyber Fusion and Threat Intelligence domain within security product startup Cyware Labs. Also Null Mumbai(Open security community) Chapter Leader.
Experienced in SOC/CSIRT Management, Cyber Fusion, Red team, Cyber Resiliency, Threat Hunting, Threat Intelligence and research, Enterprise Security Architecture, Cyber Security governance, Network Security management.