BSidesSF 2016 has ended
Back To Schedule
Monday, February 29 • 11:00am - 11:55am
Sharing is Caring: Understanding and measuring Threat Intelligence Sharing Effectiveness

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

For the last 18 months, MLSec Project and Niddel collected threat intelligence indicator data from multiple sources in order to make sense of the ecosystem and try to find a measure of efficiency or quality in these feeds. This initiative culminated in the creation of Combine and TIQ-test, two of the open source projects from MLSec Project. On this talk, we have gathered aggregated usage information from intelligence sharing communities in order to determine if the added interest and "push" towards sharing is really being followed by the companies and if its adoption is putting us in the right track to close these gaps. We propose a new set of metrics on the same vein as TIQ-test to help you understand what does a "healthy" threat intelligence sharing community looks like, and how to improve the ones you may be a part of today! We will be conducting this analysis with usage data from some high-profile threat intelligence platforms and sharing communities.

avatar for Alex Pinto

Alex Pinto

Chief Data Scientist, Niddel
Alex Pinto is the Chief Data Scientist of Niddel and the lead of MLSec Project. He is currently dedicating his waking hours to the development of machine learning algorithms and data science techniques to support the information security monitoring practice. He has almost 15 years... Read More →

Monday February 29, 2016 11:00am - 11:55am PST
DNA Lounge 375 11th St, San Francisco, CA 94103