In this joint session, John Skaarup from TxDOT and Andy Bennet from Apollo Information Systems discuss taking an often-under-utilized defense mechanism (threat intelligence) far beyond a standard alert.  Standard threat feeds often fall victim to low prioritization and threat fatigue.  What if, rather than another general alert for a browser update, you could get a customized feed that provided a 3-day predictive notification of a business email compromise attack directed against your specific organization?  In this session, the presenters will discuss how to analyze and dissect threat feeds, how to operationalize indicators of compromise (IOC's), and how to effectively communicate threats to the business.   They will then take this a step further into the Dark Web:  how utilizing custom threat feeds services can identify and target threats against your specific organization to provide advance warning of a potential or imminent attack or identify data that the bad guys may have exfiltrated from your organization and are now putting up for sale.

Session Objectives: Learn how to understand and meet the security needs of your business, how to analyze and dissect threat feeds, and how to operationalize indicators of compromise (IOC's).