IntelliC0N 2024

Welcome to IntelliC0N! Join us for an exciting event with cyber innovators, threat intel experts, and CISOs. Get ready to dive into cybersecurity and explore the latest on threat intelligence and adversarial vs. technology advancements.

Date: Mon, Feb 12, 2024

Time: 9:00 AM - 5:00 PM (CST)

Location: Austin Public Library Special Events Center

Address: 710 W Cesar Chavez St, Austin, TX, USA

At IntelliC0N, you can attend a CISO Panel and insightful talks by cyber and threat intel experts. Discover new tools, techniques, procedures used by adversaries, and strategies to stay ahead in the cyber landscape. Network with like-minded individuals, share ideas and collaborate on exciting projects.

Join us at the Austin Public Library, conveniently located in the heart of Austin. During breaks, explore the vibrant city and indulge in its rich culture and delicious cuisine. Don't miss out on this incredible event that promises to inspire, educate, and connect!

IntelliC0N 2024 Photo Album

8:00 AM - 8:45 AM

Registration and Breakfast

8:45 AM - 9:00 AM

Opening Remarks

Speaker: Fayyaz Rajpari

9:00 AM - 9:45 AM

CISO Panel: The Benefits and Dangers of Generative AI

Moderator: Joanna Lindquist

Diving into the latest advancements in Threat Intelligence and Cybersecurity, Insights into managing Cyber Risk, and navigating the complexities of SEC Regulations. With CISO panelists: Monica Keeneth, Yabing Wang, Sameer Sait, Mishaal Khan

9:45 AM - 12:15 PM

Workshop: CTI (Cyber Threat Intelligence)

Speaker: Joe Slowik

This CTI Workshop from Joe Slowik is designed as a highly interactive, hands-on training exercise. Taking theoretical concepts from the Paralus Operational Threat Intelligence Course, attendees will perform technical analysis of recent samples or artifacts and utilize available resources for further enrichment and sample identification.

9:50 AM - 10:20 AM

Modern Asset Management (Sponsored)

Speaker: Devon Lattrell

• Historically, how organizations have managed their assets 
• Challenges of getting visibility in a hybrid world 
• Benefits of gaining complete visibility and asset context 
• Recommendations from industry experts 
• JupiterOne's perspective

10:25 AM - 11:00 AM

Laying the Foundations: Building a CTI Fortress in the Modern Threat Landscape

Speaker: Veena Susan

Building a successful cyber threat intelligence (CTI) program is a goal for cyber operations, but it can be challenging. There is no one-size-fits-all approach, as the best program will vary depending on the specific security environment of an organization. While the path to a successful CTI program is unique to each organization, valuable lessons can be gleaned from real-world experience. This talk will share key takeaways I have learned from over 15 years of building effective CTI programs. These include -- the importance of building a solid team, the need to define clear Priority Intelligence Requirements (PIRs), the importance of having a well-defined process for collecting, analyzing, and disseminating CTI, the need to identify and engage with key stakeholders, and the value of conducting proof-of-concept exercises for tools and feeds.

11:05 AM - 11:40 PM

APTeen: How the ultimate insider threat made me rethink everything I thought

Speakers: George Sandford & Naia Sanford

Raising a human is a beautiful adventure, but what happens when that human weaponizes the skills you've taught them against you? How far do you go in applying your skills to protect them from the evil they're running towards? What's the line between a draconian state and just giving up? This talk examines a real-life use case from initial detection, intelligence gathering, and analysis to investigation, panic, and disclosure. It will explore ethics, emotion, and an ongoing (hopefully) conversation with a really smart kid. Unlike some presentations, you will have the opportunity to hear from the threat actor themself. It concludes by taking an intelligence-informed approach to understanding, defending, and teaching real-world safety for our most critical stakeholders- our children.

11:45 AM - 12:15 AM

Mapping the Evolution of the Threat Landscape via Enriched Data (Sponsored)

Speaker: Jonathan Peyster

Two of the most significant challenges in cyber threat intelligence are the scale of the threat landscape and the rapid pace it evolves. To stay ahead of threats, it is critical to understand where they are, how they relate to one another, and how they change over time. This talk will demonstrate how to combine and correlate daily internet-scale collection of DNS, IP, HTML content, and certificate data to produce correlative metrics that can be used to identify and block high-risk infrastructure before it’s weaponized.

12:15 PM - 1:00 PM

Boxed Lunch (Included)

1:15 PM - 2:00 PM

Raising the Bar: Enhancing OSINT Competence

Speaker: Mishaal Khaan

Abstract: Explore the maturity of the OSINT field, discovering its numerous sub-fields and diverse categories. In this quick session, gain insights into innovative data collection, analysis, and interpretation approaches that cater to the evolving nuances within OSINT. Whether you're a seasoned investigator or a newcomer, this session promises valuable insights to take your OSINT skills to new heights, acknowledging the rich tapestry of its various domains.

1:00 PM - 3:00 PM

Workshop: Understanding Gen AI: Effective Use, Risks & Threat Models

Speakers: Martin Holste & Rob Cappiello

Generative AI is everywhere, but few truly understand it. This hands-on workshop will teach you everything you need to know about AI, including what new risks it introduces and how to guard against them. Join industry experts Rob Cappiello and Martin Holste in a small, interactive session as you learn about what AI is and how it works and see firsthand the ways it can both be used--and used against you. Learn Intro to Generative AI and available models Prompt Engineering Jailbreaking Gen AI (hands-on exercise) Risks to apps using Gen AI Detecting malicious Gen AI activity.

2:15 PM - 2:45 PM

Cyber Threats: What am I missing? (Sponsored)

Speaker: Vaughn Balter

In this session, we will discuss the current threats, their dynamic nature, and how organizations address this ever-changing landscape. Additionally, we will cover how we think about and address these ever-changing threats.

2:50 PM - 3:25 PM

Evaluating CTI Effectiveness in Operations

Speaker: Ken Dunham

Is your cyber threat intelligence (CTI) team truly “actionable,” or are they just the intelligent guys that primarily work as a team on their own and chime in during a crisis? How do you measure the effectiveness of CTI within an organization? How can you consistently baseline and measure the effectiveness of CTI within operations and different business units (BUs)? Mr. Dunham piloted a new cybersecurity CTI framework with a utility company to prove how this can be done to mature CTI operations successfully. Join us to learn what real actionability looks like to consistently measure the success of CTI integration into three core pillars of your business: tactical, strategic, and operational.

3:30 PM - 4:05 PM

How to detect everything just by looking at the network traffic with JA4+

Speaker: John Althouse

Abstract: In a world where everything is encrypted, do you struggle with network-based detection? Do you long for meaningful network metadata? There is hope! JA4+ is a suite of new network fingerprinting methods that make it easy to detect malware, C2 traffic, C2 servers, reverse shells, session hijacking, and connections from VPNs, even when all the traffic is encrypted. In this talk, I'll show you how.

4:15 PM - 5:00 PM

Red Team vs Blue TeamFireside chat

Speakers: Hector Monsegur, Alex Lanstein, & Adil Mufti

Both red and blue teams work toward improving an organization's security, but they do so differently. A red team plays the role of the attacker by trying to find vulnerabilities and breakthrough cybersecurity defenses. A blue team defends against attacks and responds to incidents when they occur. Come listen in for both perspectives!

5:15 PM - 6:15 PM

Happy Hour

Join us at The W Austin for a drink and Canapés as we end the day and talk shop or not!