Panel: How can you operationalize threat intelligence?

Thursday 3 October 10:00 - 10:30, Small talks

Alex Hinchliffe (Palo Alto Networks)
Selena Larson (Dragos)
Mark Kennedy (Symantec)
Pascal Geenens (Radware)

The cybersecurity industry has talked about the value of sharing threat intelligence for a long time. However, whether in terms of manual or automated sharing, putting shared threat intelligence to work effectively has proven a much harder task than many initially envisioned. Yet, with the volume of global web traffic increasing year-on-year, the challenge of threat detection, mitigation, and resolution has grown commensurately, and the job of protecting consumers and clients is both more challenging and more critical. Many companies have realized that they can’t effectively achieve their mission without shared intelligence. As a result, sharing threat intelligence, and finding innovative ways to leverage that sharing to create stronger and more agile defences, has never been more important. This session will explore the experiences of several major industry players in sharing threat data, and will dig into how that sharing of data has been operationalized to protect end-users across the industry as a whole.

(This presentation forms part of the Threat Intelligence Practitioners’ Summit)



Alex Hinchliffe

Alex Hinchliffe is a threat intelligence analyst with Unit 42 at Palo Alto Networks. Based in EMEA, his main responsibilities include research into security threats and the groups behind them – their motivations, tactics, and resources – curating and enriching data to share threat intelligence with the community and wider public. He started his career as an intern at the then Dr Solomon's Anti-Virus Company in the United Kingdom. Almost two decades later, his research has largely focused on Windows and Android malware. He regularly speaks on these and related topics. While previously working for McAfee Labs Alex co-created the industry's first cloud-based anti-malware reputation system, Artemis, using DNS to decrease time to protection without signatures to help fight the huge growth in malicious threats.




Selena Larson

Selena is a cyber threat intelligence analyst for Dragos, an ICS cybersecurity company. Selena researches and develops reports on technical behaviours, malware, and activity groups targeting ICS environments. She aims to combat fear, uncertainty, and doubt to help people better understand complex attack scenarios, concepts, and adversary behaviours.



Mark Kennedy

Mark, a Distinguished Engineer at Symantec, joined the company in 1991, and spent his first nine years there working on Norton Utilities, before making the transition to computer security in 2000. A named inventor on over 50 patents, Mark has worked over the past 20 years designing and developing new security technologies, from behaviour blocking to advanced machine learning. Mark spent 10 years as the Chair of IEEE's Industry Connections Security Group. The ICSG developed several technologies to assist the goals of security companies sharing information. In 2008 Mark helped form the Anti-Malware Testing Standards Organization (AMTSO), where he has served on the Board of Directors, and most recently, as Chairman of the Board.



Pascal Geenens

As the EMEA Cyber Security Evangelist for Radware, Pascal is a recognized cybersecurity and emerging technology thought leader with 20+ years of experience in information technology. While executing Radware’s thought leadership on topics such as the security threat landscape, blockchain, AI, cloud-based & cloud native security, and automated threats, Pascal leads the research efforts on IoT botnets and discovered BrickerBot, JenX and Demonbot botnets. Pascal holds a degree in engineering from the Free University of Brussels. Prior to Radware, Pascal was a consulting engineer for Juniper, working with the largest EMEA hyper clouds and service providers on topics of SDN/NFV, programmable infrastructure, devops and automation.

Back to VB2019 Programme page

Other VB2019 papers

For reserve paper

Reserve speaker (TBA)

Keynote: Nexus between OT and IT threat intelligence

Selena Larson (Dragos)

Politically targeted DNS in 2016 and 2020

David Rodriguez (Cisco Umbrella)
John Cunniff (Cisco Umbrella)
Andrea Kaiser (Cisco Umbrella)
Dhia Mahjoub (Cisco Umbrella)

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.