Currently in read only mode, sorry about that, please try again in a few hours.
CTI 2014: Collection, exploitation, and analytics of cyber threat intelligence
Two challenges faced by modern security organizations are far more complementary than is often appreciated: big data collection and utility of cyber threat intelligence. Many companies already have substantial investments in one or more technologies that collect massive amounts of data engineered into "big data" solutions:
Security Information and Event Management
Most of the product integration and event correlation amongst these devices is focused on compliance-oriented reporting, not situational awareness, intelligence exploitation, behavioral codification, higher-order analytics, or proactive response. There is a huge amount of hype in the IT industry around "big data" as the solution to many modern IT challenges; this hype is often manifested in the product literature of these devices, although little attention is paid to how this data can be best leveraged. SANS would like to issue a call to action for "security analytics" - tools and techniques to help experienced security managers and analysts use this flood of information to make more effective, more efficient and more timely decisions that lead to fewer successful attacks and less damage from those intrusion which successfully enable our adversaries.
In order to provide resilient capabilities for mitigating risks associated with advanced targeted attacks, security analytics tools and techniques that can support or be applied to big data are necessary. In this summit, we will focus on precisely these tools, techniques, and analytics that assist network defenders in exploiting the voluminous data produced by modern security instrumentation for enhanced cyber threat intelligence collection in ways that improve overall organizational network defense.
presented by James Purcell
presented by Jake Williams
presented by Alissa Torres
1800 Jefferson Davis Highway