Studio 471

9: Learning Cybercrime Techniques through MITRE ATT&CK

Learn cybercrime techniques with MITRE Corporation and see how their ATT&CK framework helps them protect their systems from cybercriminal groups.  Over the last decade, the MITRE Corporation has grown its ATT&CK framework, which is a knowledge base of adversary behaviors that can help defenders in a variety of ways. MITRE has traditionally been focused on Advanced Persistent Threat (APT) groups but has been increasingly incorporating techniques and sub-techniques into ATT&CK that are used by cybercriminal groups. In this Studio 471, Patrick Howell O’Neill, who is a Lead Cyber Operations Analyst at MITRE, discusses these changes and why ATT&CK is useful to security professionals. Participants: Patrick Howell O’Neill, Lead Cyber Operations Analyst, MITRE Corporation Jeremy Kirk, Executive Editor, Cyber Threat Intelligence, Intel 471 ---------- Stay in Touch!  Twitter: https://twitter.com/Intel471Inc [https://twitter.com/Intel471Inc] LinkedIn: https://www.linkedin.com/company/intel-471/ [https://www.linkedin.com/company/intel-471/] YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg [https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg] Discord: https://discord.gg/DR4mcW4zBr [https://discord.gg/DR4mcW4zBr] Facebook: https://www.facebook.com/Intel471Inc/ [https://www.facebook.com/Intel471Inc/]

8: Countering Cyber Extortion and Hacktivism with Diana Selck-Paulsson of Orange Cyberdefense

Diana Selck-Paulson is the lead security researcher at Orange Cyberdefense, which is a managed security services provider that serves a worldwide client base. Her background in the social sciences as a criminologist with a specific focus on cybercrime has given her unique insight in the cybersecurity challenges facing organizations. In this episode of Studio 471, we discuss two areas where Orange Cyberdefense has produced unique research in its Security Navigator 2024 report: cyber extortion and hacktivism. We tackle whether cyber extortion can be deterred and also the deeper effects of hacktivism, which can eclipse technical disruptions. Participants: Diana Selck-Paulsson, Lead Security Researcher, Orange Cyberdefense Jeremy Kirk, Executive Editor, Cyber Threat Intelligence, Intel 471 ---------- Stay in Touch! Twitter: https://twitter.com/Intel471Inc [https://twitter.com/Intel471Inc] LinkedIn: https://www.linkedin.com/company/intel-471/ [https://www.linkedin.com/company/intel-471/] YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg [https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg] Discord: https://discord.gg/DR4mcW4zBr [https://discord.gg/DR4mcW4zBr] Facebook: https://www.facebook.com/Intel471Inc/ [https://www.facebook.com/Intel471Inc/]

7: How to Build Your Own Cyber Threat Intelligence Program

Learn how to build your own cyber threat intelligence program that keeps stakeholders happy as well as understand the Cyber Threat Intelligence Capability Maturity Model.  Starting a cyber threat intelligence program (CTI) prompts many questions: What intelligence is most useful? Where are the data sources? How can you satisfy stakeholders? And ultimately, how you demonstrate that a CTI program prevented security incidents? John Fokker, head of threat intelligence at Trellix, says that it possible to build effective CTI programs with smaller teams but stakeholder buy-in is important. In this episode of Studio 471, we also discuss the Cyber Threat Intelligence Capability Maturity Model (CTI CMM) which is a framework under development by CTI experts. The framework, due to be released later this year, aims to guide organizations to building more capable and mature CTI programs. Participants: John Fokker, Head of Threat Intelligence, Trellix Jeremy Kirk, Executive Editor, Cyber Threat Intelligence, Intel 471 ---------- Stay in Touch! Twitter: https://twitter.com/Intel471Inc [https://twitter.com/Intel471Inc] LinkedIn: https://www.linkedin.com/company/intel-471/ [https://www.linkedin.com/company/intel-471/] YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg [https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg] Discord: https://discord.gg/DR4mcW4zBr [https://discord.gg/DR4mcW4zBr] Facebook: https://www.facebook.com/Intel471Inc/ [https://www.facebook.com/Intel471Inc/]

6: Security Software Testing and Why It's Important

If you’re the buyer of security products for a large company, how do you ensure that a product works as promised? Security software testing puts products such as firewalls, endpoint protection and intrusion detection systems through their paces. But security software testing has been a contentious area, with vendors sparring over results and occasional accusations of cheating.  In this edition of Studio 471, Simon Edwards of SE Labs walks through how his company conducts ethical, realistic tests based on the cyber kill chain and MITRE ATT&CK, an index of attacker tactics, techniques and procedures. Participants: Simon Edwards, Founder and CEO, SE Labs Jeremy Kirk, Executive Editor, Cyber Threat Intelligence, Intel 471 ---------- Stay in Touch! Twitter: https://twitter.com/Intel471Inc [https://twitter.com/Intel471Inc] LinkedIn: https://www.linkedin.com/company/intel-471/ [https://www.linkedin.com/company/intel-471/] YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg [https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg] Discord: https://discord.gg/DR4mcW4zBr [https://discord.gg/DR4mcW4zBr] Facebook: https://www.facebook.com/Intel471Inc/ [https://www.facebook.com/Intel471Inc/]

5: Vulnerability Management and Patching: Outrunning Attackers

Learn about how vulnerability management, the KEV list, and threat intelligence can help with patching.  Patching remains one of the most difficult security tasks organizations face. Zero-day vulnerabilities may catch the headlines, but the truth is most organizations are caught out by n-day vulnerabilities where patches have been available for some time. The U.S. Cybersecurity and Infrastructure Security Agency has tried to simplify patching efforts by publishing the Known Exploited Vulnerabilities list, or KEV. The KEV is a list of vulnerabilities under active exploitation, and federal agencies have two weeks to patch ones on the list. In this edition of Studio 471, Patrick Garrity of Nucleus Security shares the effects of the KEV list across the security industry, his research into the KEV and how threat intelligence can guide patching efforts. Participants: Patrick Garrity, Researcher and Vice President of Marketing, Nucleus Security Jeremy Kirk, Executive Editor, Cyber Threat Intelligence, Intel 471 ---------- Stay in Touch! Twitter: https://twitter.com/Intel471Inc [https://twitter.com/Intel471Inc] LinkedIn: https://www.linkedin.com/company/intel-471/ [https://www.linkedin.com/company/intel-471/] YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg [https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg] Discord: https://discord.gg/DR4mcW4zBr [https://discord.gg/DR4mcW4zBr] Facebook: https://www.facebook.com/Intel471Inc/ [https://www.facebook.com/Intel471Inc/]