There are many great firms providing cyber threat intelligence capabilities (including data and analytical tools). But one thing is clear, no one tool covers all the needs. It really takes an ecosystem. This is why it was great to see three of the greats in the field working together to host a workshop on threat hunting. RiskIQ, Flashpoint and ProtectWise are that each deliver great capabilities and are proving in this workshop series that they work well together.
I really wish I had more time on my hands. I'm not a real threat analyst, but I used to be, and I love keeping up with the latest tools and techniques. I have no doubt this will be an enjoyable day. Maybe I can catch a gist of this on YouTube one of these days.
If you are in the threat analyst world or lead teams involved in this please look over the info below and consider attending or sending someone, based on what I know of these firms and their great capabilities this will be a good event I'm sure.
Here is more on the event:
There are still a few places left for the Threat Hunting Workshop offered by RiskIQ, Flashpoint, and ProtectWise designed to introduce security analysts, incident responders and SOC personnel to new methods and new threat datasets that let you investigate attacks more quickly and thoroughly. The training includes many hands-on exercises, where you will have the opportunity to learn more about recent security threats.
As much as hackers change their tactics, they can’t avoid interacting with core components of the internet. The more threat datasets at your disposal, the fewer places they can hide. The exercises will leverage RiskIQ and partner solutions to shed light on the adversary’s infrastructure. They will also conduct their own investigations to uncover additional threat infrastructure.
The session will expand beyond the basic threat investigations, showing you how to view the specific details about the attacker. Attendees will also gain access to your organization’s own global web footprint or attack surface. A very useful snapshot to bring back to your blue team folks.
Date: Tuesday, March 27, 2018
- 8:30 a.m. - Registration & Breakfast
- 8:50 a.m. - Welcome & Introductions
- 9:00 a.m. - Hands-on Exercises with: RiskIQ, Flashpoint, and ProtectWise
- 12:15 a.m. - Discussion & Lunch
- 1:30 p.m. - Advanced Integrations Demo and Discussion
- 2:30 p.m. - Complete Risk Management with The RiskIQ Enterprise Platform
- 2:50 p.m. - Putting it All Together: Integrated Threat Hunting Use Case with RiskIQ, Flashpoint, and ProtectWise
- 3:00 p.m. - Discussion
- 3:20 p.m. - Adjourn
Latest posts by Bob Gourley
- Global Cyber Alliance Release: Perhaps the most important of the 2018 RSA Conference Season - April 19, 2018
- Fingbox: Giving you something you need now more than ever, awareness and control over your home network - April 17, 2018
- Russian State-Sponsored Cyber Actors Targeting Network Infrastructure Devices - April 17, 2018