This event has ended. Visit the official site or create your own event on Sched.
Back To Schedule
Saturday, October 12 • 11:15am - 12:00pm
BT-2034 Keeping Threat Intelligence in Pace with Continuous Monitoring

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.

Cyber Threat Intelligence is a term that gets thrown around allot. But what does it look like to integrate it into your continuous monitoring program? What real world experience proven strategies and tactics can an organization adopt to start making intelligence driven choices? My talk covers what I think are the most appropriate parts of a threat intelligence program to start weaving into your operations depending on the maturity level of your organization. It is not threat intelligence 101, but it will cover fundamental items which an organization can start to use to be ready for a full Threat Intelligence team or engagement with an outside partner.

Description: Threat Intelligence remains elusive and mysterious to many organizations. There is often little in the way of true CTI in many organization, new and old, aside from subscription feed services. This can lead to both complacency in the sense of “oh we have threat intel” as well as misplaced dissatisfaction with regards to the “threat intel’ they think they have and the true benefits it can provide. If you can evangelize and integrate Threat Intelligence as an organization is just getting its continuous monitoring going (i.e. A SOC and all that goes with it) then the growth of the CTI program will always be in step with the organizations capabilities as opposed to lagging behind it, or worse, out pacing it. The organizations who ask for our help are often understaffed, under-resourced, and begging for help. The suggestions that follow will help maximize their efforts as well as put them in a position to help us help them.

avatar for Michael Rodriguez

Michael Rodriguez

senior consultant, FireEye
Mr. Rodriguez is a Senior Consultant with the Government Security Programs group. In his role he provides security strategy and assessment services to public sector clients. Mr. Rodriguez assists on developing incident response processes and performing Cyber Defense Center transformations... Read More →

Saturday October 12, 2019 11:15am - 12:00pm CDT
TEXAS BALLROOM - C Track 1 600 E Market St, San Antonio, TX Floor 4