On November 6, 2013, TalaTek attended the all-day “P0WNAG3”Cyber Security Summit in Greenbelt, MD, presented by TrainAce. The summit title was “Threat Intelligence Analysis Techniques and Capabilities” and its focus was threat intelligence and mobile application hacking.
Curt Schaffer, of Symbiotic Network Technologies led a discussion on “Multi-criteria Decision Making” about how to determine the source of a particular attack. The discussion dealt with assigning confidence levels to threats and selection of a threat from two possible sources.
The use of Paterva’s open-source “Maltego” mapping tool with the Canary framework was discussed, as well as the use of Threat Connect, a free service that allows for collaboration of identifying and warning of threats and threat sources.
Ned Moran, Threat Analyst for FireEye, gave a presentation on “Analysis of Competing Hypotheses” in which he discussed the use of Clustering Techniques.
Rich Barger, CIO for Threat Connect, discussed the use of the Diamond Model for identifying threats. The model takes in consideration the Advisory, Capability, Infrastructure used, and the victim.
A key panel discussion was on where the threat intelligence field is headed, which included Chris Camacho (Senior VP, Global Information Security for Bank of America), Chris Hart (CISO Life Science Technologies), Manoj Srivastava, (CTO for Cyber IQ), Rich Barger (CIO for Threat Connect).
The final presentation was given by Curt Schaffer, the event host, on “Threat Intel Relating to Mobile Hacking.”
