2025-07-26 –, Track 1
Modern security teams face an ecosystem where product-based threat feeds vary wildly in quality and consistency. Simply consuming these feeds falls short of effective defense. This talk explores how to build your own threat intelligence feeds, transform network data into actionable controls, and codify these feeds using infrastructure as code. Attendees will gain a practical roadmap for moving past passive reporting into active, resilient network defense.
Threat intelligence feeds are critical to modern network defense, yet commercial feeds are often inconsistent and fragmented across platforms and products. This talk highlights the importance of reliable threat feeds, and why building your own by combining open-source intelligence with your own network data can reduce your attack surface. We’ll cover where to find high-quality open-source threat data and how to analyze your own network telemetry to enrich it.
Then we’ll explore how to codify these custom feeds with infrastructure as code for consistent, automated enforcement across firewalls, cloud services, and WAFs. Finally, the session will wrap up by reviewing challenges such as data volume, false positives, and keeping these controls current over time.
Jared is the Head of Security at Synthesis, where he specializes in enterprise cloud architecture. Jared is passionate and deeply committed to guiding large organizations through the complexities of architecting, securing and operationalizing enterprise cloud environments. Beyond Jared’s professional responsibilities, Jared is an enthusiastic advocate for community building, serving as the organizer of several local security events, including 0xcon, BSides Cape Town, and BSides Joburg. Jared’s research focuses on cybersecurity topics that intersect with national security and foreign policy issues such as encryption, privacy, surveillance, disinformation, and nation-state activity.