Workshop 13 - Building Your Open Source Intelligence Capabilities
|Speaker:||Mr. Wim Remes||
|HKPC Building, 78 Tat Chee Avenue, Kowloon, Hong Kong|
|Date:||7 Nov 2018 (1 day)||
|09:30 - 17:00|
||HK$3,600 (Early Bird: HK$3,400)|
|Member Fee for Organizer/Supporting Organization||HK$3,400 (Early Bird: HK$3,200)|
Medium of Instruction
Nature & Objectives
In this workshop we will look at all the components needed to build an Open Source Threat Intelligence capability. Using hands-on exercises we will go through all the building blocks, how they fit together, and how you can maximize the data that is available to most efficiently defend your most critical assets.
- Introduction to Open Source Threat Intelligence
- Understanding Threats & The Attack Kill Chain
- Indicators of Compromise
- What are they?
- Gathering IOCs from your own infrastructure
- Understanding IOCs
- Understanding ATT&CK
- Understanding STIX, TAXII, and CybOX
- Basic malware analysis
- High level forensics
- Using threat intelligence to build better defenses
- Automating Open Source Threat Intelligence in your infrastructure
Who Should Attend
This full day workshop is targeted at security practitioners focused on or interested in CSIRT, SOC, or Digital Forensics. While very practically focused, it can also be of interest to individuals that manage or build defensive capabilities in general.
Requirement for Participant
Each participant is required to bring a laptop with VMware Player/Fusion or VirtualBox installed, and needs ability to run at least 1 VM (VM requirements = 50GB HDD, 1 NIC, 4GB RAM). The laptop should equip with SSH Client Software and latest browsers (Chrome, Firefox or Edge).
Mr. Wim Remes
CEO and Principal Consultant
Wire Security bvba
Wim is the founder of and principal consultant at Wire Security, based in Belgium. He leverages 15+ years of security leadership experience to advise clients on reducing their risk posture by solving complex security problems and by building resiliency into their organizations.
Wim delivers expert guidance on reducing the high cost of IT security failures, both financially and in terms of brand reputation combining his deep expertise in network security, identity management, policy design, risk assessment and penetration testing to develop innovative approaches to enterprise security.
Before starting Wire Security, Wim was active as Manager Global Services EMEA at Rapid7. Previously, he has worked as managing consultant at IOActive, as manager of Information Security for Ernst and Young and as a security consultant for Bull, where he gained valuable experience building security programs for enterprise class clients.
Wim has been engaged in various infosec community initiatives such as the co-development of the Penetration Testing Execution Standard (PTES), InfosecMentors and organizing the BruCON security conference.
Wim has been a featured speaker at international conferences such as Excaliburcon (China), Black Hat Europe & US, Source Boston, Source Barcelona and various other conferences.
Wim also is a member of the (ISC)² Board of Directors. He served as the chairperson in 2014, 2016, and 2017.