8:00-8:45 a.m. Breakfast
8:45-9:00 a.m. Opening Remarks – FS-ISAC
9:00 AM-10:20 a.m. Session 1
10:20-10:35 a.m. Break
10:40-12:00 p.m. Session 2
12:00-1:00 p.m. Lunch
1:00-1:30 p.m. Session 3
1:30-1:40 p.m. Break
1:40-3:00 p.m. Session 4
3:00 PM-3:15 PM: Wrap Up & Closing Remarks – FS-ISAC
3:15 PM-4:30 PM Reception
Topic: Use Cases in Deception
Title: Deception-based Adversary Intelligence: Things you want to know
Description: Deception technology is recognized for its efficacy for in-network threat detection. But advanced deception solutions are filling security threat intelligence and response needs.
- Understand how financial institutions are using deception technology to accelerate the incident response process
- See how deception can help meet standardized security framework requirements
- How deception enhances internal threat intelligence development and is used to build an "Active Defense"
Topic: Threat Intel Anonymization (Tools and Techniques)
Title: Keeping Your Cyber Research Anonymous
Description: In any threat investigation, the moment intruders realize they are being hunted they start covering their tracks. Keeping your investigation discrete and your team safe takes a special set of tools and skills. Learn some keys to staying anonymous and safe as your team pokes around the nasty corners of the Internet.
- Explore ow to build and automatically maintain the infrastructure for researchers and their digital personas online
- Review how to hide the tracks leading back to your organization
- Understand how to prevent your researchers from picking up malware as they visit nasty places
Topic: Utilizing Breached Data for Threat-Intel (Tools and Techinques)
Title: Harnessing Exposed Data to Enhance Cyber Intelligence
Description: Attack methods repeat themselves, and so does cybercriminals use breached data, such as PII, stolen account details and even compromised admin credentials. Once data is compromised, it can circulate and recirculate on the dark web for years, and be packaged and repackaged for crime, cyberspionage and fraud. Understanding how breached data is used, wheter it be to create synthetic identities, take over bank accounts or perpetrate credit card fraud, to name a few, can play a big role in threat-intelligence, too. This session reviews how security operations and threat intelligence can benefit from a better understanding of breached-data usecases, and provide insights vital to indentifying the next threat before it becomes an incident.
- Understand how the use of breached data can support threat intelligence
- Review breached data that attackers may use again
- Discuss common TTPs that attackers use when repurposing breached data for new attacks