Topic of presentation: IOC sharing – we are doing it wrong (Light talk)
Threat Intel and IOC (indicators of compromise) sharing are very hot topics these days, and has been around for a few years. People tend to rely on these kind of information more and more. In my talk I will talk about why we are sharing IOCs in the wrong way, why those won’t be useful at all in large enterprises, and what we should change to make it valuable. I will also talk about what IOC types we share and don’t share, and which of those could add the most value to an organisation.
Csaba graduated in 2006, at the Budapest University of Technology and Economics as a computer engineer. He worked at Getronics as a Cisco support engineer for two years, and in 2008 he joined ExxonMobil, where he spent his time with designing and supporting global networks for 4 years. In the past four years, he is looking for information security breaches in the company’s network, and his area of focus is network forensics and malware analysis. He currently holds several security certifications (OSWP, OSCP, OSCE, OSEE, GREM, GMOB, SISE).