IOC What You Mean
2023-02-11 , Track 2 - Foxhunter

Using analytical techniques to build a high fidelity escalator up the pyramid of pain


The Pyramid of Pain made by David Bianco and popularised by MITRE et al. It is ultimately a conceptual model to increase the adversaries operational cost via the effective use of Cyber Threat Intelligence.

Is the Pyramid of Pain too high to climb without very expensive vendor support? In this talk we'll slice up the pyramid of pain using analytical techniques, to reveal how you can prioritise and effectively reduce the permutations of each indicator type via the use of open-source tooling. This will result in tailored 'byte' sized high fidelity chunks for respective courses of action.

Darren runs the Threat Intelligence function at Admiral Group. Having previously worked as a tester of pens his alumni includes ECSC, NCC Group, CGI and Symantec, he routinely combines defensive and adversarial capabilities to ensure attackers don't win.