My Top 20 CTI/DFIR Talks for 2018

Another year has passed and lots of good CTI/DFIR stuff have been presented! I took some time to watch again some of my favourite talks within 2018 and list my favourite 20 ones. The list provided below has a CTI focus, however some of the most representative talks related to blue team/red team as well as ICS have been selected. I hope you enjoy it!

  1. [ATT&CK] MITRE ATT&CKcon 2018: Advancing Infosec
    Presenter : John Lambert
    URL : https://www.youtube.com/watch?v=yslLIqfOKCU
  2. [CTI] Threat Intelligence Naming Conventions: Threat Actors, & Other Ways of Tracking Threats
    Presenter : Robert M. Lee
    URL : https://www.youtube.com/watch?v=3CUNlgQBwc4
  3. [CTI} Attributing Active Measures, Then and Now – SANS CTI Summit 2018
    Presenter : Thomas Rid
    URL : https://www.youtube.com/watch?v=XEYc7VnTFSc
  4. [CTI] A Brief History of Disinformation, and What to Do About It
    Presenter : Matt “Pwn all the Things” Tait
    URL : https://www.youtube.com/watch?v=yTla4rCblzQ
  5. [CTI] Area41 2018:  Keynote – Attribution 2.0
    Presenter : Costin Raiu
    URL : https://www.youtube.com/watch?v=jeLd-gw2bWo
  6. [CTI] Black Hat Asia 2018 Day 2 Keynote: A Short Course in Cyber Warfare Presenter : thegrugq
    URL : https://www.youtube.com/watch?v=gvS4efEakpY
  7. [CTI] DEF CON 26 – NSA Talks Cybersecurity
    Presenter : Rob Joyce
    URL : https://www.youtube.com/watch?v=gmgV4r25XxA
  8. [CTI] I Can Haz Requirements?: Requirements and CTI Program Success – SANS CTI Summit 2018
    Presenter : Michael Rea
    URL : https://www.youtube.com/watch?v=Aqo3IcVQs_M
  9. [CTI] Survival Heuristics: My Favorite Techniques for Avoiding Intelligence Traps – SANS CTI Summit 2018
    Presenter : Carmen Medina
    URL : https://www.youtube.com/watch?v=kNv2PlqmsAc
  10. [CTI} Leveraging Curiosity to Enhance Analytic Technique – SANS Cyber Threat Intelligence Summit 2018
    Presenter : Chris Sanders
    URL : https://www.youtube.com/watch?v=E4oJdOhLEnU
  11. [CTI] Intelligence Preparation of the Cyber Environment – SANS Cyber Threat Intelligence Summit 2018
    Presenter : Rob Dartnall
    URL : https://www.youtube.com/watch?v=3bXr-CF9NBI
  12. [Blue Team/Red Team] Invoke-DOSfuscation: Techniques FOR %F IN (-style) DO (S-level CMD Obfuscation)
    Presenter : Daniel Bohannon
    URL : https://www.youtube.com/watch?v=mej5L9PE1fs
  13. [ATT&CK] ATT&CKing the Status Quo: Improving Threat Intel and Cyber Defense with MITRE ATT&CK
    Presenters : Katie Nickels & John Wunder
    URL : https://www.youtube.com/watch?v=p7Hyd7d9k-c
  14. [ATT&CK] x33fcon 2018 – Threat-based Purple Teaming with ATT&CK
    Presenters : Chris Korban and Cody Thomas
    URL : https://www.youtube.com/watch?v=OYEP-YAKIn0
  15. [Blue Team] BruCON 0x0A – $SignaturesAreDead = “Long Live RESILIENT Signatures” wide ascii nocase
    Preseneters : Daniel Bohannon and Matthew Dunwoody
    URL : https://www.youtube.com/watch?v=YGJaj6_3dGA
  16. [Red Team] HITBGSEC 2018 D2: Traversing The Kill-Chain: The New Shiny In 2018 Presenter : Vincent Yiu
    URL : https://www.youtube.com/watch?v=w1fNGOKkeSg
  17. [Red Team] Red Teaming in the EDR age
    Presenter : Will Burgess
    URL : https://www.youtube.com/watch?v=l8nkXCOYQC4
  18. [APT]  APTinder: An optimized approach for finding that perfect APT match
    Presenter : Matthew Berninger
    URL : https://www.youtube.com/watch?v=zMdHGY53VEw
  19. [ICS] a) TRITON – Schneider Electric Analysis and Disclosure
    Presenter : Schneider Electric
    URL : https://www.youtube.com/watch?v=f09E75bWvkk
    b) TRITON – Mandiant Analysis at S4x18
    Presenter : Blake Johnson
    URL : https://www.youtube.com/watch?v=nAU8X03Eg9c
    c) TRITON – Reverse Engineering the Tricon Controller
    Presenter : Reid Wightman
    URL : https://www.youtube.com/watch?v=m51JrxdvEV8
  20. [ICS] ICS Threat Intelligence: Moving from the Unknowns to a Defended Landscape – SANS ICS Summit 2018
    Presenter : Robert M. Lee
    URL : https://www.youtube.com/watch?v=IvkB90JTRjk
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.