This event has ended. Visit the official site or create your own event on Sched.
Back To Schedule
Friday, October 11 • 5:15pm - 6:15pm
RT-1053 Predictive Analytics using Aggregated Threat Intelligence

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.

Talk Details:

In this talk I'll discuss how DHS is leveraging classified threat intelligence to monitor, track, and hunt foreign intelligence activity in US Based Critical Infrastructure. We'll also discuss how you can use the same techniques to label threat intelligence and begin to perform predictive analytics based on aggregated threat intelligence and historical metrics.

We'll cover:

  • Organizing threat intelligence into meaningful and useful data
  • Ingesting historical metrics into structured databases to provide calculable metrics
  • Processing databases through supervised learning data science algorithms to uncover patterns
  • Analyze uncovered patterns to develop cautionary predictions around industry based attack patterns
  • How to pair observed threat activity with MITRE ATT&CK TTPs to research potential attribution

This presentation is born out of the DHS ECS (Enhanced Cybersecurity Services) program that is designed to quickly bring actionable classified threat intelligence to all US Based Critical Infrastructure.

Details about the DHS ECS program can be found here.

avatar for David Evenden

David Evenden

Exploitation Analyst, CenturyLink
David Evenden is an experienced offensive security operator & analyst with over a decade of experience working in the Intelligence Community where he learned Persian Farsi, worked at NSA Red Team and was a member of an elite international team operating in conjunction with coalition... Read More →

Friday October 11, 2019 5:15pm - 6:15pm CDT
TEXAS BALLROOM - C Track 1 600 E Market St, San Antonio, TX Floor 4