Anomali, Group-IB and SiloBreaker are hosting a complimentary informative full day focused on cyber threat hunting during a conference in Amsterdam on the 13th of November. Industry-leading threat intelligence experts will share their thoughts on today’s adversaries and their attack techniques and how to hunt them.
This one-day session is intended for both CXO and Sr. Technical Staff. Anticipate walking away from the seminar with tangible information for your teams to research within your own environments.
Oosterdoksstraat 4, 1011 DK Amsterdam, Netherlands
"Silence: going global"
In September 2018, Group-IB released Silence: Moving into the dark side, the first comprehensive technical research on the group’s attacks. The analysis remains the most complete source of technical information about the infrastructure and tools the cybercriminals used between June 2016 and April 2018. Since that time, however, the geography of the group’s attacks, some of their tools, and other important elements characteristic of Silence have changed. Group-IB experts continuously monitor the cybercriminals’ activities and in August 2019 published Silence 2.0: Going global, additional research about the threat actor’s evolution, tactical changes, and new targets.
Rustam Mirkasymov, Head of Dynamic Analysis Department & Threat Intelligence Expert, Group-IB
“A Full Cycle Investigation of Phishers Targeting EMEA”
Threat Intelligence has identified and analyzed 2.6 million unique phishing URLs on 727, 000 domains, which is a 9 per cent increase from 2018. Phishers specializing in massive cyber-attacks use so-called phishing kits — fully-fledged phishing websites that contain configuration files that define a site’s algorithms and specify the recipient for the compromised data. This presentation provides a detailed and technical analysis of how phishing sites were detected, the methods used to automate the collection of phishing kits, how to automate the capture of credentials that are stored in phishing logs, and the techniques used in online investigations of cybercriminals managing this type of infrastructure.
Camill Cebulla, EMEA Business Development Director, Group-IB
"Cyber Intelligence Starts Here"
AJ Nash, the Director of Cyber Intelligence Strategy for Anomali, will be providing an informative presentation on building effective cyber intelligence programs. He will walk through the problems most companies face, some fundamentals of intelligence, the keys aspect to focus on in building and maintaining an effective intelligence program, and samples of how mature intelligence programs are structured and function. Other topic highlights include; vendor and source selection, personnel challenges, budgeting and project planning to improve your intelligence posture.
AJ Nash, Director of Cyber Intelligence Strategy, Anomali
"Data as the Adversary: Understanding Threats in an Unstructured World"
Context is essential to understand the bigger picture around cyber threats. These findings are more likely to come from external unstructured data than technical threat feeds. Looking outside the perimeter is becoming a ‘must-have’ for a proactive intelligence effort. But where do you look and how do you find value?
Max Mansson, Client Director UK-Europe, Silobreaker
"OSINT – Software & Brainware"
Modern OSINT has some 30 years in the making, but many of the processes and products we were discussing back in 1990 have not changed. Many national, as well as corporate, intelligence services are inept at dealing with OSINT due to the rapid pace of openness, which contradicts their security protocols and culture. Real OSINT requires a creative and open environment that focuses on the deliverable, and is open for ever-evolving processes. Tools are secondary and not always necessary. Thirty years of experience in practice, problem-solving, and the use of dynamic technology will be shared in this session.
Mats Bjore, Co-Founder and Non-Executive Director, Silobreaker
"Protecting the Herd: Why Information Sharing Matters"
Cyber attacks are ever-evolving and increasing in both frequency and sophistication, resulting in challenges to enterprises that must protect and defend their information systems and networks. A method for thwarting adversaries and improving security posture is to work collaboratively with industry peers and exchange threat intelligence and defensive measures. This sharing of information between organizations helps enhance members ability to detect, understand, and characterize malicious activity in support of well-informed risk-based decision-making.
Roberto Sanchez, Director of Threat & Sharing Analysis, Anomali
"Keys to Unlocking a Strong Threat Intelligence Program"
This talk will discuss the keys to measure a successful threat intelligence program, and how it relates to a company’s overall cybersecurity strategy.
Nicholas Hayden, Global Head of Threat Intelligence, Anomali
"The Importance Of Requirements In Extracting Cyber Threat Intelligence Value"
Creating business value from CTI relies on a nuanced understanding of the information needs of the key stakeholders in your organisation. In this presentation, I discuss the difficulties CTI teams run into when gathering and maintaining requirements from stakeholders and propose practices that can help alleviate such issues.
Greg Wilkinson, Threat Intelligence Lead, ING
|10:00 - 10:30||Registration, Networking & Coffee|
|10:30 - 12:00||Sessions|
|12:00 - 13:00||Lunch|
|13:00 - 17:00||Sessions|
|17:00 - 19:00||Networking Drinks & Snacks|