Open Source Threat Intelligence: Building A Threat Intelligence Program Using Public Sources & Open Source Tools
Edward McCabe

Tech2 - Session #4 - Edward McCabe Summary: Overview of building a threat intelligence program outlining the processes, tasks and activities associated with the development of a functional intelligence program. Abstract: Developing an Open Source Threat Intelligence Program from Open Source Tools and Public Sources is aimed at bringing business value and technical mitigation efforts, while dispelling common myths like "We're too small", "Who would attack us, we make widgets?" and "We have nothing anyone would want". Follow one geek's journey developing a Threat Intelligence program on the Internet of (bad) things as he began a mission to slay FUD Dragons. Learn how to leverage public sources and open source tools to protect your organization. This high?level overview centers on building a Threat Intelligence program and includes topics ranging from the threat intelligence lifecycle to specific tasks, in addition to lessons learned and what to keep in mind when developing your own Threat Intelligence program.

Bio: Edward McCabe is an information security professional with over 20 years consulting experience with Fortune 100 companies, various domestic state & federal government, in addition to various foreign government agencies. Edward has presented to numerous organizations and conferences on issues such as Social Engineering, Practical Security Data Visualization, Attack & Penetration Testing, Internal IT Audit Practice Development, Enterprise Risk Management, and Adopting Information Security into the Business Corporate Culture. Edward is an active speaker and presenter on Information Security Management, Governance, and Compliance for both the commercial and government sectors. Edward is also typically engaged in a number of pet projects or volunteering with others to make the Internet a better place. A veteran of the United States Navy, Edward holds various ISACA certifications, including the Certified in the Governance of Enterprise Information Technology (CGEIT), Certified in Risk and Information Systems Controls (CRISC) and Certified Information Security Manager (CISM), in addition to being an ISO/IEC 27001 Lead Implementer and a former Payment Card Industry Qualified Security Assessor (PCI QSA). Based in Columbus, Ohio, Edward is a Principal Consultant for Rendition InfoSec, Rendition InfoSec is a boutique, industry recognized leader in malware analysis & reverse engineering, apt2, digital forensics, incident response and training firm located in Augusta GA and supporting clients internationally.

Back to Central Ohio Infosec Summit 2015 video list