How to Create, Share, and Leverage Threat Intel and SOC Metrics Efficiently

Thursday, April 12 | 11:00AM–12:00PM ET | Maryland Ballroom E, Fifth Floor
Session Type: Breakout Session
Delivery Format: Interactive Presentation
The key to creating your threat intel is to build it into your incident response ticketing system. By combining TheHive, LimeSurvey, MISP, and automation, we have been able to document IOCs from individual incidents and start consolidating similar IOCs to profile attackers. With this information, we can respond quickly and understand what controls we need to have in place to stop each threat group.

Outcomes: Understand the value proposition of creating your own intel and tracking * Devise a strategy to leverage your own intel to prevent current attacker tools and techniques * Create your own threat intel using the tools discussed

Presenters

  • James Perry

    Chief Information Security Officer, University of South Carolina
  • Tom Webb

    Deputy CISO, University of South Carolina

Resources & Downloads

  • Educause 2018hive

    3 MB, pptx - Updated on 10/25/2018