SANS Cyber Threat Intelligence Summit 2014
CTI 2014: Collection, exploitation, and analytics of cyber threat intelligence
Two challenges faced by modern security organizations are far more complementary than is often appreciated: big data collection and utility of cyber threat intelligence. Many companies already have substantial investments in one or more technologies that collect massive amounts of data engineered into "big data" solutions:
- Security Information and Event Management products ingest logs from servers, PCs, network devices and security controls and provide normalization, consolidation and alerting.
- Security Monitoring products such as vulnerability assessment, digital forensics, intrusion detection and network behavior analysis provide information on active vulnerable or compromised resources.
- Threat intelligence feeds provide information streams on active threats, source reputations and indicators of attack.
Most of the product integration and event correlation amongst these devices is focused on compliance-oriented reporting, not situational awareness, intelligence exploitation, behavioral codification, higher-order analytics, or proactive response. There is a huge amount of hype in the IT industry around "big data" as the solution to many modern IT challenges; this hype is often manifested in the product literature of these devices, although little attention is paid to how this data can be best leveraged. SANS would like to issue a call to action for "security analytics" - tools and techniques to help experienced security managers and analysts use this flood of information to make more effective, more efficient and more timely decisions that lead to fewer successful attacks and less damage from those intrusion which successfully enable our adversaries.
In order to provide resilient capabilities for mitigating risks associated with advanced targeted attacks, security analytics tools and techniques that can support or be applied to big data are necessary. In this summit, we will focus on precisely these tools, techniques, and analytics that assist network defenders in exploiting the voluminous data produced by modern security instrumentation for enhanced cyber threat intelligence collection in ways that improve overall organizational network defense.
Available Courses:
SEC401: Security Essentials Bootcamp Style - Stephen Sims
FOR508: Advanced Computer Forensic Analysis and Incident Response - Alissa Torres
FOR610: Reverse-Engineering Malware: Malware Analysis Tools and Techniques - Jake Williams
Cyber Threat Intelligence Summit
- No refunds available after Tuesday, February 4, 2014.
| http://www.sans.org/info/150170 |
Expected Number of Attendees
250Relevant Government Agencies
Air Force, Army, Navy & Marine Corps, Intelligence Agencies, DOD & Military, Office of the President (includes OMB), Dept of Agriculture, Dept of Commerce, Dept of Education, Dept of Energy, Dept of Health & Human Services, Dept of Homeland Security, Dept of Housing & Urban Development, Dept of the Interior, Dept of Justice, Dept of Labor, Dept of State, Dept of Transportation, Dept of Treasury, EPA, GSA, NASA, State Government, County Government, City Government, CIA, FEMA, FAA
This event has no exhibitor/sponsor opportunities
When
Tue-Tue, Feb 4-11, 2014
Cost
| SEC401: Security Essentials Bootcamp Style: | $4895.00 |
| FOR508: Advanced Computer Forensic Analysis: | $5095.00 |
| FOR610: Reverse-Engineering Malware: Malware: | $4895.00 |
| Cyber Threat Intelligence Summit: | $1495.00 |
Where
Sheraton Crystal City Hotel
1800 Jefferson Davis Highway
Arlington, VA
Get directions
Website
Click here to visit event website
Organizer
SANS Institute
