BACK TO SPEAKERS
Chris Adams
ThreatConnect Inc.
Chris Adams is the Director of Sales Engineering at ThreatConnect where he leads a team of analysts and engineers to deliver the industry’s most versatile threat intelligence and security orchestration platform in the market.

For the last 7 years, Chris has worked directly with security teams across industry to establish best practices in cyber threat intelligence programs and defining workflows and processes to make threat intelligence actionable with orchestration and automation.

Prior to ThreatConnect, Chris worked with MITRE Corporation where he designed Identity and Access management solutions for large government entities, performed security vulnerability assessments on products and led implementation of cross-security domain systems that bridged the gap between networks operating at different security classifications.

Threat Intelligence & Automating Security Processes
Technical Level (3 being the highest score): 1

In this talk, we’ll provide a general overview of what threat intelligence means and address what it takes to establish a threat intelligence program via maturity model. We’ll also present details about how orchestration plays a role in integrating multiple security products leveraging intel to drive processes binding security teams and products.

The presentation will cover the following topics:

(a) What threat intelligence is and why sometimes the most important threat intelligence is in your own systems and network;
(b) Threat intelligence maturity model and leveraging methodologies to better describe intel as its discovered internally;
(c) How correlating intelligence captured over time and visualizing relationships gives your analysts the best ability to understand the intent and methods used in attacks;
(d) Intelligence dissemination techniques, both at a human-partner sharing level and programmatic level (API) offer the best defense in getting ahead of attacks;
(e) An actual detailed orchestration use case involving phishing emails, malware sandbox, threat intelligence feeds, SIEM and ticketing system;

The goal of this presentation is to improve the audience's understanding of how threat intelligence is being used by some of the world’s largest security teams and how orchestration and automation promises to reduce the risk of attacks.

Presentation video can be found HERE