Date: September 8, 2023
Time: 8:30 AM MDT | 9:30 AM CDT | 8:00 PM IST
Topic: Threat Intel Analysis and its Influences on Hunt Team Operations and SOAR
Abstract: Threat hunting helps locate gaps in detection, discover new threats and TTPs, etc., that could add to the threat intelligence process and analysis. This webinar will discuss intel analysis from the stance of predictive analytics leveraging the TAHITI (Targeted Hunting Integrating Threat Intelligence) methodology and how it can feed accurate intelligence with a focus on gathering data and developing informational use cases based upon industry (Market Verticals) modeled threats.
- Understanding threats and risks for organizations based on intelligence and reporting (VERIS, MITRE ATT&CK, Threat Actor Intel)
- Understanding the TAHITI threat hunt methodology and how it feeds new use cases and coverage of risks
- Understanding the Threat Intelligence and Security Operations Lifecycle and how Intelligence and Threat Hunting can make the SOC more efficient and effective
- Understanding how to prioritize risks presented by threats and inefficiencies and how to combat them with automation
Randy Thomas, Director of Advanced Security Services at Syntax
Bio: Randy is responsible for the SOC, security product development (which includes Detection as Code), DFIR, incident command (IC), vulnerability management, threat intelligence-driven security operations, threat hunting, and offensive security at Syntax, a leading managed cloud provider.
Randy has over 21 years of experience in enterprise cyber security in various environments, including the U.S. Military and intelligence for commercial ECOM, retail, and MSP/MSSP markets. He leverages his combined 28+ years of enterprise IT experience and 18 years of experience in DevOps/DevSecOps SOC, security engineering, and software development to deliver high-quality security products and solutions.
Bryan Austin, Manager of Security Operations at Syntax
Bio: Bryan is the Manager of Security Operations at Syntax. He heads up the development of operational maturity, threat intelligence, automation, threat analysis, and incident response. Bryan has over 20 years of cyber security and IT experience in organizations ranging from MSSPs to retail and finance organizations. As the security operations manager, Bryan coordinates response and active hunts in multiple large organizations. He coordinates with teams worldwide to ensure customers and the organization manage risk effectively.
*Examples, analysis, views and opinion shared by the speakers are personal and not endorsed by EC-Council or their respective employer(s)