Bees and Spiders, Oh My! : Community Threat Intelligence and Response in Near Real-Time at Large Scale
Time 12/12/19 01:40PM-02:30PM
Room Nottoway (4th)
We will provide background and details on Duke’s experience integrating threat intelligence into a security program,leading to the creation of the STINGAR project . We will discuss existing and future features, models of data sharing, evaluation methods, and metrics. Next we will cover IU’s experience deploying STINGAR and automating response based on observed activity. Then we’ll review how we spun a web to co-opt IU’s unused IP space and tackle the challenges on a high volume network. We will end by discussing IU’s experiences with home-grown automated response tools and Apache NiFi. We hope to encourage discussion around the general approach, as well as discussions on how others are generating and using threat intelligence, and any challenges they have experienced sharing data.
Primary track Information Security