How to Create, Share, and Leverage Threat Intel and SOC Metrics Efficiently
How to Create, Share, and Leverage Threat Intel and SOC Metrics Efficiently
Thursday, April 12 | 11:00AM–12:00PM ET | Maryland Ballroom E, Fifth Floor
Session Type:
Breakout Session
Delivery Format:
Interactive Presentation
The key to creating your threat intel is to build it into your incident response ticketing system. By combining TheHive, LimeSurvey, MISP, and automation, we have been able to document IOCs from individual incidents and start consolidating similar IOCs to profile attackers. With this information, we can respond quickly and understand what controls we need to have in place to stop each threat group.
Outcomes: Understand the value proposition of creating your own intel and tracking * Devise a strategy to leverage your own intel to prevent current attacker tools and techniques * Create your own threat intel using the tools discussed
Presenters
James Perry
Chief Information Security Officer, University of South Carolina