In the aftermath of the fall of Evernote as an inexpensive threat intel platform, free and low-cost solutions have emerged from the dismantled remains to give hope to defenders everywhere. S. Grec (grecs) continues his threat intel series, covering lessons learned from his Evernote experiment before pivoting toward improved data structures and newly discovered enterprise-friendly intel platforms to support them. And fresh off restrictions from previous employment, grecs discusses the process for bootstrapping and maturing your own threat intel program and describes a step-by-step framework for generating your own actionable intelligence to ease identification of advanced threats. As part of this fun Star Wars-themed talk, grecs demos a VM with several tools integrated to get you started.
grecs has two decades of industry experience and holds undergraduate and graduate engineering degrees, as well as a really well-known security certification. Despite his formal training, grecs has always been more of a CS person at heart, going back to his VIC-20, Commodore 64, and high school computer club days. After doing the IT grind for five years, he discovered his love of infosec and has been pursuing this career ever since. Currently, he spends his days as a senior cyber intelligence analyst enhancing customer defenses through advanced analysis, customized training, and engineering improvements. In his free time, grecs is an international speaker and blogger, covering a range of topics, including incident response, malware analysis, and threat intelligence.
©2016, O'Reilly Media, Inc. • (800) 889-8969 or (707) 827-7019 • Monday-Friday 7:30am-5pm PT • All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners. • firstname.lastname@example.org