Explore the development of a threat intelligence program using open source tools in this 52-minute conference talk from DerbyCon 4. Dive into topics such as incident response, enhanced monitoring, and honeypots. Learn about the Collective Intelligence Framework and how to identify new attack profiles. Discover the importance of understanding potential attackers, their motivations, and targets. Gain insights on implementing router access control lists, conducting audits, and leveraging native tools. Understand how a robust threat intelligence program can serve as a business enabler and help protect your organization from emerging cyber threats.
Open Source Threat Intelligence - Developing a Threat Intelligence Program Using Open Source Tool
via YouTube
Overview
Syllabus
Intro
Overview
First Attack
Travel Advisory
Router Access Control Lists
Incident Response
Enhanced Monitoring
Proof of Concept
Open Source
Honey Pots
Geek Card
Audit
Collective Intelligence Framework
Honeypots
Proof Concept
Native Tools
Identifying new attack profiles
Identifying maps of interest
Who would attack us
Why are we targets
What I accomplished
Business enabler
Thanks
