Uncovering A Supply-Chain Attack: Leveraging Threat Intelligence for Incident Response and Threat Hunting Initiatives
June 10th at 10:00AM (PT)
It is not a surprise that companies all over the globe are reexamining their security operations and use of threat intelligence in their investigation and remediation procedures. In fact, supply chain cybersecurity risk warnings have increased by a drastic 80% in Q2 2020.
Industry-leading organizations, Team Cymru and ThreatQuotient have joined forces to educate teams on how threat intelligence can accelerate incident response and external threat hunting. Using the recent Codecov attack as an example, our experts will walk you through:
- Leveraging ThreatQ to track an IOC from being published externally to being sighted internally via SIEM integration
- Creating an investigation and enriching data from internal detection with Team Cymru datasets and creating pivot points for multiple teams to engage
- Following the breadcrumbs within Team Cymru’s portal for external threat hunting utilizing internet traffic to determine the timeline of the event, as well as pinpoint other systems complicit in Codecov breach