SANS Cyber Threat Intelligence Summit

March 22, 2013
CND Tools: Post by Wesley Shields

As we continue to talk about the tools useful for active cyber defense, we don't want to lose sight of the role they also play in cyber threat intelligence.

The success of any threat-based defense depends on actionable intelligence that positions cyber defenders to prevent or quickly contain intrusion attempts. That timeliness of response comes in part from agile tools, such as ChopShop.

At this year's upcoming SANS Cyber Threat Intelligence Summit, which takes place on March 22 in Washington D.C., MITRE will talk about its approach to active defense. Reid Gilman's talk, "Better Tools Through Intelligence, Better Intelligence Through Tools," will cover the use of ChopShop and Collaborative Research Into Threats (CRITs) as elements of a cyber threat intelligence program.

Here's the Abstract for Reid's talk:

"Presenting raw data in a way that makes relevant connections obvious and easy to follow has been a major challenge in cyber threat intelligence. Too often, important details are buried in unstructured and unsearchable formats where analysts cannot effectively use them. This talk will discuss two tools (ChopShop and CRITs) that attack this problem, and how analysts use them to understand and track sophisticated cyber threats."

We'll check in with Reid after the Summit to learn more about how tools are an effective component of using cyber intelligence for threat-based defense.