[mk_page_section bg_image=”https://www.energysec.org/wp-content/blogs.dir/24/files/2017/10/disneynew2.jpg” attachment=”fixed” bg_position=”center top” bg_repeat=”no-repeat” bg_stretch=”true” enable_3d=”true” video_color_mask=”#000000″ video_opacity=”0.4″ top_shadow=”true” min_height=”0″ full_width=”true” padding_top=”86″ padding_bottom=”86″ top_shape_color=”#ffffff” bottom_shape_style=”folded-bottom” bottom_shape_size=”small” bottom_shape_color=”rgba(22,84,30,0.5)” bottom_shape_bg_color=”#000000″ first_page=”false” last_page=”false” sidebar=”sidebar-1″][vc_column width=”1/4″][mk_padding_divider][/vc_column][vc_column width=”1/2″][mk_fancy_title color=”#ffffff” size=”30″ font_weight=”300″ txt_transform=”capitalize” margin_bottom=”0″ font_family=”Montserrat” font_type=”google”]

14th Annual Security
& Compliance Summit

[/mk_fancy_title][/vc_column][vc_column width=”1/4″][mk_padding_divider][/vc_column][/mk_page_section][mk_page_section][vc_column][mk_fancy_title font_family=”none”]

Sharing What Matters: Accelerating Incident Response and Threat Hunting By Sharing Behavioral Data

[/mk_fancy_title][vc_column_text css=”.vc_custom_1534180706297{margin-bottom: 0px !important;}”]Abstract
When an intrusion happens, it is often hard to know when sharing intrusion data is appropriate. Additionally, it is often hard to know what to share. As a result, a majority of data sharing revolves around indicators usually at the expense of keeping critical behavioral signs of the attack internal. In this talk, we will look at how asset owners can share behavioral data observed during an intrusion with other asset owners. We will talk about what data might be valuable to other asset owners and how asset owners can sanitize data as not to leak inappropriate intrusion details. Finally, we will look at how the asset owner receiving the data can use the behavioral data in both a threat hunting and incident response scenario. Quicker sharing of information means less dwell time for an adversary in a victim network.[/vc_column_text][mk_divider style=”thin_solid”][vc_single_image image=”6568″ img_size=”medium”][vc_column_text css=”.vc_custom_1534180763921{margin-bottom: 0px !important;}”]Dan Gunter

Dan Gunter is a Principal Threat Analyst at the industrial cyber security company Dragos, Inc. where he discovers, analyzes and neutralizes threats inside of ICS/SCADA networks. In this capacity, he performs threat hunting, incident response, and malware analysis mission for the industrial community. Previous to his role at Dragos, Dan served in a variety of Information Security roles as a Cyber Warfare Officer in the United States Air Force with duties ranging from Incident Response at the Air Force Computer Emergency Response Team to developing innovative capabilities for multiple Department of Defense partners. Dan previously presented at Blackhat, s4x18, and Shmoocon.[/vc_column_text][vc_single_image image=”6569″ img_size=”medium”][vc_column_text css=”.vc_custom_1534180806743{margin-bottom: 0px !important;}”]Marc Seitz

Marc Seitz is a Threat Analyst, Threat Operations Center, at the industrial cyber security company Dragos, Inc. where he coordinates industrial control system cyber test lab functions as well as performing threat hunting services in ICS networks. Marc is a specialist in designing and implementing innovative simulated industrial environments to provide a safe and realistic training and attack simulation experience for internal and external analysts. He also conducts onsite vulnerability assessments and threat hunting services for customers in a variety of verticals.[/vc_column_text][/vc_column][/mk_page_section][mk_page_section][vc_column width=”1/2″][/vc_column][vc_column width=”1/2″][/vc_column][/mk_page_section][mk_page_section bg_color=”#336699″ min_height=”0″ padding_top=”0″ padding_bottom=”0″ first_page=”false” last_page=”false” sidebar=”sidebar-1″][vc_column width=”1/2″][mk_fancy_title tag_name=”h6″ color=”#ffffff” size=”26″ font_weight=”300″ txt_transform=”capitalize” margin_top=”60″ margin_bottom=”0″ font_family=”Montserrat” font_type=”google”]

Join Our Fast Growing Membership Base Today!

[/mk_fancy_title][/vc_column][vc_column width=”1/4″][mk_padding_divider size=”30″][vc_column_text disable_pattern=”false” align=”center”]

Memberships Start At

[/vc_column_text][mk_fancy_title color=”#ffffff” size=”43″ margin_bottom=”0″ font_family=”none”]

$1,195/YR

[/mk_fancy_title][/vc_column][vc_column width=”1/4″][mk_padding_divider size=”50″][vc_btn title=”Get Started!” style=”flat” shape=”square” color=”green” size=”lg” align=”center” link=”url:http%3A%2F%2Fwww.energysec.org%2Fmembership%2F|||”][/vc_column][/mk_page_section]