How to Leverage CTI to Defend From Ransomware
How CTI can be leveraged in practical terms from a tactic and a strategic point of view.
For SOC analysts and Incident Responders, we will review how, by leveraging CTI, a single malicious indicator detected by the SIEM can lead to the discovery of an ongoing attack in progress, the malware and tools being used all the way up to the campaign behind the attack and the Threat Actor leveraging it.
For IT Security Departments, we will see how CTI powered advanced knowledge of Threat Actors TTPs allows to focus on strengthening specific sections of the IT infrastructure and/or provide relevant trainings to IT staff and/or the user community.
For high level managers and stakeholders, we will see how CTI can provide the strategic awareness necessary to assess the threat level specific for their organization and allocae the appropriate resources to increase the security posture where it is most necessary.
- Ippolito Forni, Threat Intelligence Consultant
- Jess Garcia, Senior SANS Instructor