Threat intelligence. You keep using that term. I'm not sure it means what you think it means. Plagued by meaningless generalized URLs and file hashes was supposed to be the role of AVs and proxies, how it came about that threat intelligence vendors keep providing those? Actionable threat intelligence is the rainbow burping unicorn of infosec where such provided intelligence is actually useful for the specific organization. In this talk we'll discuss about SOME of the way that this can be achieved and utilized in a risk management program.
Iftach (Ian) Amit, Vice President at ZeroFox, has over a decade of experience in hands-on and strategic roles, working across a diversity of security fields: business, industry, marketing, technical and research. At ZeroFOX, Ian leads the company’s customer solutions offerings and runs ZeroFOX’s New York offices. Previously, Ian served as Director of Services at IOActive. His career also includes time at Security-Art, Aladdin, Finjan, and Datavantage, as well as speaking at conferences such as BlackHat, DefCon, and InfoSecurity. A skilled researcher, Ianhas deep technical knowledge of programming, operating systems (particularly Unix and Win32), applications (including most network server applications), penetration testing, databases and infrastructures. He founded the Tel-Aviv DefCon chapter (DC9723) and also was a founding member of the Penetration Testing Execution Standard (PTES). Ian studied Computer Science and Business Administration at the Herzliya Interdisciplinary Center and lives in Manhattan