2024-10-24 –, Europe - Main Room
Let's talk about some design principles for CTI data visualisation around threat actor tooling.
There's a wealth of data visualisations that are easy to produce using generic frameworks, but often they're an answer in search of a question. In this session, I'll briefly talk about some questions I had around a dataset concerning tools used by Russian threat actors, the data visualisation principles used, how it was built, and the insights gained.
Chris Horsley is the CTO and co-founder at Cosive, a consultancy specialising in cyber threat intelligence and security operations. At Cosive, Chris leads the company's threat intelligence sharing and MISP initiatives and is a frequent speaker and trainer at industry conferences and meetups on these topics. Prior to co-founding Cosive, Chris spent many years in the international CSIRT community including working as an incident responder for both AusCERT and JPCERT/CC, the Japanese national CSIRT.