The digital footprint of an organization is more expansive than ever before with more devices, sensors and cloud-based services connecting to the network. The amount of data that is collected and stored is massive and growing by the minute. How do security professionals properly analyze the right data to find the true threats?
Today, many organizations lack the proper tools and techniques to drill down and create a true understanding of an event or an attack. Cybersecurity professionals need to learn how to take individual observables, find patterns, and use those patterns to create an understanding about the specific adversary and their intentions. By taking and automatically processing the attack data organizations see (and often discard) and run through some steps in the kill chain, it becomes possible to link disparate classes of data into a true context to see how attacks and events relate to each other and can be correlated across months and years.
On Thursday, November 9th, 2017 at 10:30 AM EST, Fidelis Threat Research Manager and cybersecurity expert, John Bambenek (twitter: @bambenek) , will be presenting a SANS institute webcast on how to best use and analyze data for a complete understanding of an attack and the attacker. In this webcast John will show a few open source tools and data sets that are online and how organizations can use them in the short term to start creating tailored intelligence not just on attackers, but intelligence on the specific attackers targeting them.
About the Speaker:
John Bambenek is Manager of Threat Systems at Fidelis Cybersecurity and an incident handler with the Internet Storm Center. He has been engaged in security for 18 years researching security threats. He has participated in many incident investigations spanning the globe and runs several private intelligence groups focusing on takedowns and disruption of criminal entities.