This panel will feature David Zielezna (Cosive) alongside Claire Healey and Prescott Pym (Deloitte) for a discussion on threat intelligence engineering best practices to set up your CTI program for success.

Panelist

David Zielezna

Principal Consultant

So you have heard about digital forensics and are intrigued. You've watched NCIS and wondered what it would be like to be Abbey pulling apart hard drives and bringing the winning hand against crime. So you then delight at the announcement of a DFIR CTF and clear your diary for the weekend, excitement and anticipation driving you, you download the evidence, open the challenges and then everything becomes unstuck as you simply do not know where to begin. There are so many tools and they all look so complicated. You close your laptop and head to the couch for a beer instead. Well we are here to save your liver and help you kick start that DFIR career.

Trainer

Shanna Daly

Principal Consultant

Join us for an insightful event as we delve into the current cyber threat landscape, both in Australia and beyond. Led by industry experts, this session will provide an overview of the geopolitical and technological trends shaping the threat landscape.

Panelist

Shanna Daly

Principal Consultant

Shanna Daly is an absolute legend of DFIR and CTI both in Australia and internationally. She has spent many many years leading Response Operations to high profile cybersecurity incidents, built DFIR teams and capabilities, has delivered talks at some of the most prestigious infosec conferences in the world, and is just an all round top kind of lady too. We are incredibly lucky to have her join us this month to present on Web Shell Hunting techniques; a topic she has written about and presented on extensively and has updated her content just for us!

Presenter

Shanna Daly

Principal Consultant

Cyber threat intelligence panel discussion featuring Cosive's Shanna Daly and Chris Horsley alongside Bex Nitert and Brett W.

Panelists

Shanna Daly

Principal Consultant

Chris Horsley

Chief Technology Officer

Cosive CTO Chris Horsley was one of the first to explore the potential of ChatGPT to help us give structure to unstructured threat reports. In this presentation Chris shares the results of his initial experiments using ChatGPT to enhance a piece of unstructured threat intelligence with MITRE ATT&CK codes.

Presenter

Chris Horsley

Chief Technology Officer

The purpose of this presentation is to provide some practical ideas for handling large amounts of open source intelligence and how to extract and store relevant information.

Presenter

Shanna Daly

Principal Consultant

Shanna Daly appeared on a panel alongside Corch X, Chloe Hatzis and Daisy Wong to discuss what's next for women in cyber.

Panelist

Shanna Daly

Principal Consultant

With so many possible threats, it might seem daunting to understand how we can learn from our previous incidents, or incidents experienced by other organisations. Traditionally when threat intelligence has been focused on Indicators of compromise (IOCs) it can seem a daunting task to know how to get all that information and put it to good use. The thing is, IOCs are not everything, IOCs are ephemeral. They have a shelf life, and that shelf life can be very short in some instances. So a defence plan that focuses on ingesting IOCs and blocking them will never increase the maturity of a detect and respond capability. This is why MITRE ATT&CK was developed.

Instructor

Shanna Daly

Principal Consultant

With so many possible threats, it might seem daunting to understand how we can learn from our previous incidents, or incidents experienced by other organisations. Traditionally when threat intelligence has been focused on Indicators of compromise (IOCs) it can seem a daunting task to know how to get all that information and put it to good use. The thing is, IOCs are not everything, IOCs are ephemeral. They have a shelf life, and that shelf life can be very short in some instances. So a defence plan that focuses on ingesting IOCs and blocking them will never increase the maturity of a detect and respond capability. This is why MITRE ATT&CK was developed.

Instructor

Shanna Daly

Principal Consultant

This talk covers Security Orchestration, Automation and Response (aka SOAR) and the differences between SOAR and regular orchestration.

Keynote Speaker

Kayne Naughton

Co-founder & Contract Principal

Organisations have an increasing number of detective controls in their information security environments. With more and more logs and monitoring there can only be more events to investigate and triage. In this tutorial Cosive will show participants how they can use open source tooling to automate the contextualisation and remediation of security threats in their environment.

Instructor

Kayne Naughton

Co-founder & Contract Principal