webinar register page

Topic

IOB: Tracking adversary behaviors closes gaps in cyber threat intelligence sharing

Description

There is a significant gap in CTI sharing when that sharing is solely focused on IOCs. IOCs by their very nature have a limited time window of being actionable towards network defense. While significant progress has been made in responding to IOCs through automation, there remains a clear need for sharing data that can help a community of network defenders proactively defend against advanced attacks. This need led to the founding of our effort to define Indicators of Behavior (IOBs).

IOBs are dynamic digital impressions and identifiers that monitor the interaction of foreign bodies with host systems or networks. From a threat detection and awareness perspective, IOBs help add context. They also help you understand the behavior of potential cyber attackers.

The goal of our IOB effort at OCA is to create a standard way to represent cyber adversary behaviors to make it easier to:
~~share repeatable sets of observed adversary behaviors spanning multiple campaigns,
~~share the analytics to detect those behaviors, and
~~create and share playbooks to correlate those detections.

We’ve seen that an effective defense couldn’t happen without leveraging the power of community, but it also couldn’t happen without a common language to share information. The STIX and TAXII standards help to provide the key to achieving our OCA-IOB results.

During this panel, our guest speakers will share information on the work being done at OCA-IOB that allows actionable threat intelligence to be shared across multiple communities at machine speed and how that intelligence can translate directly into detections and correlations that are both repeatable and have lower false positive rates. They’ll review how past experiences with CTI sharing impacted this work, what’s behind the motivation to represent adversary behavior, and provide access to several reference implementations and analysis capabilities, and finally, how and why you should be involved in the next evolution of OCA-IOB.

Time

Mar 1, 2023 11:00 AM in Eastern Time (US and Canada)

Webinar is over, you cannot register now. If you have any questions, please contact Webinar host: .

Time Zone:

Your Information
Send to
Message preview	Hi there, You are invited to a Zoom webinar. When: Mar 1, 2023 11:00 AM Eastern Time (US and Canada) Topic: IOB: Tracking adversary behaviors closes gaps in cyber threat intelligence sharing Register in advance for this webinar: https://us06web.zoom.us/webinar/register/WN_iw4C_NC_SxS1NPZVOEE4WA After registering, you will receive a confirmation email containing information about joining the webinar. ---------- Webinar Speakers Harley Parkes (IACD Lead @Johns Hopkins University Applied Physics Laboratory) Jason Keirstead (Co-Chair @Open Cybersecurity Alliance (OCA) and IBM Security) Charlie Frick (Chair @OCA-Indicators of Behavior Project and Johns Hopkins Applied Physics Laboratory (APL)) Carter Bullard (Technical Committee Member @OCA-Indicators of Behavior Project and Neya Systems Division)

webinar register page

Share via Email

Switch Time Zone

Upcoming Meetings