SANS Digital Forensics and Incident Response Blog: Category - Cyber Kill Chain

CALL FOR PAPERS - SANS Cyber Threat Intelligence Summit 2017

Summit Dates: January 31, 2017 and February 1, 2017 Training Course Dates: January 25-30, 2017Summit Venue: Renaissance Arlington Capital View Hotel — Arlington, VA Deadline to Submit is July 29, 2016. To submit click here This year the CTI Summit is going old school. CTI is a relatively new field, however … Continue reading CALL FOR PAPERS - SANS Cyber Threat Intelligence Summit 2017


A Threat Intelligence Script for Qualitative Analysis of Passwords Artifacts

The Verizon Data Breach Report has consistently said, over the years, passwords are a big part of breach compromises. Dr. Lori Cranor, and her team, at CMU has done extensive research on how to choose the best password policies verses usability. In addition, Alison Nixon's research describes techniques to determine valid password of an organization … Continue reading A Threat Intelligence Script for Qualitative Analysis of Passwords Artifacts


SANS Cyber Threat Intelligence Summit - Call For Papers Now Open

SANS Cyber Threat Intelligence Summit Call For Papers 2015. Send your submissions to CTISummit@sans.org by 5 pm EST on Friday, October 24, 2014 with the subject "SANS CTI Summit CFP 2015." Dates: Summit Dates: February 2 & 3, 2015Pre''Summit Course Dates: February 4''9, 2015 Location:Washington, DC Our 3rd annual Cyber Threat Intelligence (CTI) Summit … Continue reading SANS Cyber Threat Intelligence Summit - Call For Papers Now Open


Cyber Threat Intelligence Full Agenda - Government Pricing Announced

SANS is offering a one-time discount for the Cyber Threat Intelligence Summit to government employees (e.g., federal, state, local, DoD). This offer reduces the registration fee from $895 to $395 and will be available for a limited time only, on a first come, first served basis. Please select -Register Nowon the right side of the … Continue reading Cyber Threat Intelligence Full Agenda - Government Pricing Announced


Security Intelligence: Attacking the Cyber Kill Chain

Coming in much later than I'd hoped, this is the second installment in a series of four discussing security intelligence principles in computer network defense. If you missed the introduction (parts 1 and 2), I highly recommend you read it before this article, as it sets the stage and vernacular for intelligence-driven response necessary to follow what will be discussed throughout the series. Once again, and as often is the case, the knowledge conveyed herein is that of my associates and I, learned through many man-years attending the School of Hard Knocks (TM?), and the credit belongs to all of those involved in the evolution of this material.

In this segment, we will introduce the attack progression (aka "kill chain") and briefly descibe its

...