logo
allArticlesConferencesPresentations

Connecting the Dots: How Threat Intelligence Protects the Applications

Conference:  OWASP 20th Anniversary Event

2021-09-24

Authors:   Catalin Curelaru

Summary

The presentation discusses the importance of cyber threat intelligence in protecting applications and businesses. It provides insights on how to integrate it into an application security program and automate data collection and processing to prevent or mitigate cyber attacks.
  • Digital technologies have revolutionized the world's economic and cultural institutions but have brought additional risk in the form of cyber attacks
  • Cyber Threat Intelligence (CTI) is important in consolidating a company and protecting applications
  • CTI is the collection and analysis of information about cyber threats and adversaries to provide context and prevent/mitigate attacks
  • CTI should be objectively actionable and help reduce the effectiveness of cyber threats
  • CTI can be a driver for cybersecurity return of investment
  • CTI is lacking a methodology in the application world
  • Intelligence is often shared but hardly used and distribution is difficult
  • Lessons from the intelligence community can be applied to CTI
The speaker works for Visma, a conglomerate with over 130 companies and 5k developers, facing around 30 incidents per year. To deliver secure products, they offer various services such as training, code scanning, pen testing, and hybrid intelligence. They also have a gamified governance UI that provides a maturity index of an application's security. This illustrates the importance of implementing CTI in a company with a large and complex structure.

Abstract

Today we can see that digital technologies are the core of every business. The automation and the connections achieved with these technologies have revolutionized the world’s economic and cultural institutions but they have brought additional risk in the form of cyber attacks.What is Cyber Threat Intelligence, how you can implement it properly to protect your business and why is an important component into the AppSec World?In this presentation you will find how to integrate it into you Application Security Program but also solutions that automate data collection and processing, integrate with other solutions or services, take in unstructured data from disparate sources, and then connect the dots by providing context on indicators of compromise (IoCs) and the tactics, techniques, and procedures (TTPs) of threat actors. To put it short, Threat intelligence - knowledge that will allow you to prevent or mitigate those attacks.
Materials:
Tags:
Cyber Threat Intelligence
AppSec World
Application Security Program
cyber attacks
digital technologies

Post a comment

Related work

When Knowledge Graph Meets TTPs: Highly Automated and Adaptive Executable TTP Intelligence for Security Evaluation

Conference:  Black Hat Asia 2023
Authors: Lorin Wu, Porot Mo, Jack Tang
2023-05-11

macOS: Tracking High Profile Targeted Attacks, Threat Actors & TTPs

Conference:  RSA Conference 2023
Authors: Dmitry Bestuzhev, Ismael Valenzuela Espejo
2023-04-24

Death to the IOC: What's Next in Threat Intelligence

Conference:  BlackHat USA 2019
Authors:
2019-08-08

Operation Clairvoyance: How APT Groups Spy on the Media Industry

Conference:  Black Hat Asia 2023
Authors: Yue-Tien Chen, Zih-Cing Liao
2023-05-11

Debunking the Core Myths of Responsible AI

Conference:  Transform X 2022
Authors: Navrina Singh
2022-10-19

Talent Need Not Apply: Tradecraft and Objectives of Job-themed APT Social Engineering

Conference:  Black Hat USA 2022
Authors:
2022-08-11