Threat Intel and IR Tools for Dummies: Real-Life Use Cases

Wednesday, May 15 | 8:00AM–9:00AM CT | Montreux, Second Floor Event Centre
Session Type: Breakout Session
Delivery Format: Interactive Presentation
Sometimes the hardest part of using a new tool is just getting started. We'll walk you through our own experiences trying out and using some free and open-source threat intelligence, incident response, and forensics tools to detect and respond to real incidents that otherwise would have been much more difficult to handle. We'll share our failures and wins, including how we've successfully leveraged open-source tools to exponentially increase our effectiveness as an IR team.

Outcomes: Learn how to automate threat intelligence, IR, and forensics tools * Understand how to leverage free tools that can be deployed easily by resource constrained teams * Learn how to implement threat intel, IR, and forensics tools in diverse situations, including cloud and decentralized environments


  • Kevin Cheek

    University Incident Response Lead, University of Michigan-Ann Arbor
  • Matthew Coons

    Incident Responder and Threat Analyst, University of Michigan-Ann Arbor

Resources & Downloads

  • Threat Intel IR tools for dummies Real Life Use Cases

    Updated on 5/29/2023