Podcast appearances and mentions of katie nickels

On this episode of the Cybersecurity Defenders podcast, we explore threat intelligence with Jamie Williams, Threat Intelligence Researcher at Palo Alto Networks' Unit 42.Jamie is a seasoned professional in the field of cybersecurity. Before joining Unit 42, he made significant contributions at the MITRE Corporation as a Senior Principal Cyber Operations Engineer. During his tenure at MITRE, Jamie led the development of MITRE ATT&CK® for Enterprise, focusing on adversary emulation and behavior-based detections.In addition to his full-time role, Jamie is also a member of the IANS Faculty, where he shares his extensive knowledge and experience with the cybersecurity community. With a rich background that includes time at the National Security Agency, Jamie brings a wealth of expertise to the podcast.Katie Nickels blog can be found here.Google Mandiant's article on requirement-driven intelligence can be found here.

We've made it to the third installment of our Stronger Together Mini Series! In this episode we're joined by researchers, threat analysts, and C-Suites including Katie Nickels from Red Canary and the SANS Institute, Don Jeter from Torq, Ben April from Maltego, Lesley Carhart from Dragos, and Jeff Stout from Akamai. We have some great discussions on the pros and cons of AI, protecting industrial control systems, imposter syndrome, and more.

Guests: Katie Nickels, Certified Instructor and Director of Intelligence Operations at SANS Institute [@sansforensics] and Red Canary [@redcanary]On LinkedIn | https://www.linkedin.com/in/katie-nickels/On Twitter | https://twitter.com/likethecoinsOn Mastodon | https://infosec.exchange/@likethecoinsJohannes Ullrich, Dean of Research at SANS Technology Institute [@sansforensics]On LinkedIn | https://www.linkedin.com/in/johannesullrich/On Twitter | https://twitter.com/sans_iscOn Mastodon | https://infosec.exchange/@jullrich____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode's SponsorsBlackCloak | https://itspm.ag/itspbcwebBrinqa | https://itspm.ag/brinqa-pmdpSandboxAQ | https://itspm.ag/sandboxaq-j2en____________________________Episode NotesIn this new RSA Conference Coverage podcast episode with ITSPmagazine, cybersecurity experts and SANS instructors, Katie Nickels and Johannes Ullrich, delve into the "Five Most Dangerous New Attack Techniques" panel, a discussion they've been part of for the past few years. They shed light on how they identify these top techniques by examining their increasing prevalence and potential impact. Joined by an outstanding panel of experts, including Heather Mahalik, a mobile technology specialist, and Steve Sims, an offensive security guru, they offer unique insights from different sides of the industry while also highlighting the importance of practical, hands-on advice and defense strategies against these threats.The panel emphasizes the importance of practical, hands-on advice and defense strategies to combat these emerging threats. Furthermore, Johannes shares valuable information about the Internet Storm Center's role in monitoring attacks and disseminating knowledge within the cybersecurity community.Tune in to this must-listen episode for a sneak peek of the latest attack techniques, evolving defense mechanisms, and the collaborative efforts of the cybersecurity community that will be presented during the panel so you can stay one step ahead of the attackers.Don't forget to share and subscribe to ITSPmagazine's RSA Conference Coverage to keep up with the latest trends in technology and cybersecurity.____________________________ResourcesSession | The Five Most Dangerous New Attack Techniques: https://www.rsaconference.com/USA/agenda/session/The%20Five%20Most%20Dangerous%20New%20Attack%20TechniquesInternet Storm Center Diaries: https://isc.sans.edu/Learn more, explore the agenda, and register for RSA Conference: https://itspm.ag/rsa-cordbw____________________________For more RSAC Conference Coverage podcast and video episodes visit: https://www.itspmagazine.com/rsa-conference-usa-2023-rsac-san-francisco-usa-cybersecurity-event-coverageAre you interested in telling your story in connection with RSA Conference by sponsoring our coverage?

Guests: Katie Nickels, Certified Instructor and Director of Intelligence Operations at SANS Institute [@sansforensics] and Red Canary [@redcanary]On LinkedIn | https://www.linkedin.com/in/katie-nickels/On Twitter | https://twitter.com/likethecoinsOn Mastodon | https://infosec.exchange/@likethecoinsJohannes Ullrich, Dean of Research at SANS Technology Institute [@sansforensics]On LinkedIn | https://www.linkedin.com/in/johannesullrich/On Twitter | https://twitter.com/sans_iscOn Mastodon | https://infosec.exchange/@jullrich____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode's SponsorsBlackCloak | https://itspm.ag/itspbcwebBrinqa | https://itspm.ag/brinqa-pmdpSandboxAQ | https://itspm.ag/sandboxaq-j2en____________________________Episode NotesIn this new RSA Conference Coverage podcast episode with ITSPmagazine, cybersecurity experts and SANS instructors, Katie Nickels and Johannes Ullrich, delve into the "Five Most Dangerous New Attack Techniques" panel, a discussion they've been part of for the past few years. They shed light on how they identify these top techniques by examining their increasing prevalence and potential impact. Joined by an outstanding panel of experts, including Heather Mahalik, a mobile technology specialist, and Steve Sims, an offensive security guru, they offer unique insights from different sides of the industry while also highlighting the importance of practical, hands-on advice and defense strategies against these threats.The panel emphasizes the importance of practical, hands-on advice and defense strategies to combat these emerging threats. Furthermore, Johannes shares valuable information about the Internet Storm Center's role in monitoring attacks and disseminating knowledge within the cybersecurity community.Tune in to this must-listen episode for a sneak peek of the latest attack techniques, evolving defense mechanisms, and the collaborative efforts of the cybersecurity community that will be presented during the panel so you can stay one step ahead of the attackers.Don't forget to share and subscribe to ITSPmagazine's RSA Conference Coverage to keep up with the latest trends in technology and cybersecurity.____________________________ResourcesSession | The Five Most Dangerous New Attack Techniques: https://www.rsaconference.com/USA/agenda/session/The%20Five%20Most%20Dangerous%20New%20Attack%20TechniquesInternet Storm Center Diaries: https://isc.sans.edu/Learn more, explore the agenda, and register for RSA Conference: https://itspm.ag/rsa-cordbw____________________________For more RSAC Conference Coverage podcast and video episodes visit: https://www.itspmagazine.com/rsa-conference-usa-2023-rsac-san-francisco-usa-cybersecurity-event-coverageAre you interested in telling your story in connection with RSA Conference by sponsoring our coverage?

Host John Hubbard, Blueprint host and SANS Cyber Defense Curriculum Lead, moderated a panel of cyber security experts including Heather Mahalik, Katie Nickels and Jeff McJunkin for this powerful discussion.John and guests share their wisdom on trends they are seeing in the cyber industry and offer advice as to how we should be looking at cyber defense in 2022 and beyond.Guests: Heather MahalikKatie NickelsJeff McJunkinFilmed live at SANSFIRE 2022Sponsor's Note:Support for the Blueprint podcast comes from the SANS Institute.If you like the topics covered in this podcast and would like to learn more about blue team fundamentals such as host and network data collection, threat detection, alert triage, incident management, threat intelligence, and more, check out my new course SEC450: Blue Team Fundamentals.This course is designed to bring attendees the information that every SOC analyst and blue team member needs to know to hit the ground running, including 15 labs that get you hands on with tools for threat intel, SIEM, incident management, automation and much more, this course has everything you need to launch your blue team career.Check out the details at sansurl.com/450  Hope to see you in class!Follow SANS Cyber Defense: Twitter | LinkedIn | YouTubeFollow John Hubbard: Twitter | LinkedIn

2022 is a new world in the cyber attack space, and Katie Nickels, SANS instructor, and director of intelligence at threat detection vendor Red Canary, describes the top five new attack they are seeing in the space. Spoiler alert: one of them is attacks against backups! Learn from an expert as we discuss the top five attacks they are seeing right now. We talk about living off the cloud, MFA exploits, an increase in nation-state hackers, the increased use of stalkerware, and YES: attacks against backup infrastructure. We discuss each of these in this important episode of Restore it All! Mentioned in this episode: Free eBook version of O'Reilly's Modern Data Protection For a limited time, you can get a free ebook copy of my latest O'Reilly book, Modern Data Protection. Just go to druva.com/podcast and download it!

Angela Marafino chats with Katie Nickels (Red Canary) about her upcoming panel: The Five Most Dangerous New Attack Techniques, and more! Check out “The Five Most Dangerous New Attack Techniques” on Wednesday, June 8th at 11:30am PT!____________________________GuestsKatie NickelsCertified Instructor and Director of Intelligence, SANS Institute and Red Canary (@RedCanary)On Twitter | https://www.twitter.com/likethecoinsOn LinkedIn | https://www.linkedin.com/in/katie-nickels/____________________________This Episode's SponsorsHITRUST:

Katie Nickels, Director of Intelligence for Red Canary, joins Ann on this week's episode of Afternoon Cyber Tea. Katie has worked in security operations centers and cyber threat intelligence for nearly a decade, with degrees from Smith College and Georgetown University. Ann and Katie discuss the impact cyberattacks have on operating systems, the ransomware ecosystem, and recommendations for mitigating future risks.   In This Episode You Will Learn:     Insights about the ransomware ecosystem and the future of cybersecurity.  How to ensure your Patch Management Program is optimized to mitigate threats and risks.   How, when, what, and to whom to communicate with after an intrusion.    Some Questions We Ask:      How can organizations share information about attacks without greater risk?    What are the best practices when trying to protect your information?   What would you consider beneficial when investing against inside threats?     Resources:    View Katie Nickels on LinkedIn  View Ann Johnson on LinkedIn    Related:               Listen to: Security Unlocked: CISO Series with Bret Arsenault             Listen to: Security Unlocked             Afternoon Cyber Tea with Ann Johnson is produced by Microsoft and distributed as part of The CyberWire Network.   

How do you use threat intelligence to inform your decision making? In this episode, Davin and guest Katie Nickles take a deep dive into cyber threat intelligence. Katie explores the role threat intelligence plays in determining an organization's security posture, how threat intel helps blue teams stay ahead of and anticipate emerging threats, and what the day-to-day of a Director of Intelligence looks like. Katie shares her passion for teaching and nurturing the next generation of cybersecurity professionals and getting more girls/women interested in tech. Lastly, Kaite shares why she feels asset inventory is an inexpensive solution and great starting point for companies looking to kick off a security program. Guest Bio: Katie Nickels is the Director of Intelligence for Red Canary as well as a SANS Instructor for FOR578: Cyber Threat Intelligence and a non-resident Senior Fellow for the Atlantic Council's Cyber Statecraft Initiative. She has worked in cyber threat intelligence and network defense for over a decade for the U.S. DoD, MITRE, Raytheon, and ManTech. Links: Thank you to our friends at Axonius and Uptycs for sponsoring this episode! Stay in touch with Katie on Twitter and LinkedIn Connect with Davin on LinkedIn and Twitter Watch the live recording of this show on YouTube Continue the conversation by joining our Discord Check out Hacker Valley Media and Hacker Valley Blue

On this week's show Patrick Gray, Katie Nickels and Joe Slowik discuss the week's security news, including: US Government warns of impending critical infrastructure hacks Log4j bug in VMWare gets a workout Ex Uber CSO Joe Sullivan facing wire fraud charges Signal to push ahead on cryptocurrency payments Italian literary nerd busted for running one man APT operation Much, much more This week's show is brought to you by Okta. Marc Rogers is the executive director of cybersecurity there and he's joining us this week to talk about the log4j bug and some adjacent issues. He's working on a paper with IST about the bug and what it all means, and he's joining us this week to talk about why the log4j drama was different. Links to everything that we discussed are below and you can follow Katie, Joe or Patrick on Twitter if that's your thing. Show notes US warns of Russian state-sponsored attacks on critical infrastructure - The Record by Recorded Future UK NHS: Threat actor targets VMware Horizon servers using Log4Shell exploits - The Record by Recorded Future Suspected Chinese hackers use Log4j flaw to deploy Night Sky ransomware, Microsoft warns CISA director: Log4Shell has not resulted in 'significant' government intrusions yet - The Record by Recorded Future Researchers discover Log4j-like flaw in H2 database console | The Daily Swig Prosecutors file additional charges against former Uber security chief over 2016 data breach ‘cover up' | The Daily Swig Signal's Cryptocurrency Feature Has Gone Worldwide | WIRED Alex Stamos on Twitter: "I'm glad that @CaseyNewton wrote about the legal risks of marrying E2EE with hard-to-trace money transmission and I was glad to talk to him. I think @signalapp is underestimating the legal attack surface they are opening up here. https://t.co/qx3qzwd6mk" / Twitter Signal >> Blog >> New year, new CEO Deposits to illicit crypto addresses nearly doubled in 2021, Chainalysis finds Italian man arrested for stealing unpublished book manuscripts - The Record by Recorded Future Activision Sues and Unmasks Alleged 'Call of Duty: Warzone' Cheat Sellers FBI: FIN7 hackers target US companies with BadUSB devices to install ransomware - The Record by Recorded Future Threat actors can simulate iPhone reboots and keep iOS malware on a device - The Record by Recorded Future SOHO routers impacted by bug in USB-over-network component - The Record by Recorded Future Google Docs commenting feature abused in phishing operations - The Record by Recorded Future Coming to a laptop near you: A new type of security chip from Microsoft | Ars Technica SFile (Escal) ransomware ported for Linux attacks - The Record by Recorded Future FinalSite discloses ransomware attack that crippled websites for 8,000 schools - The Record by Recorded Future Albuquerque impacted by ransomware attack on Bernalillo County government - The Record by Recorded Future Hotel chain switches to Chrome OS to recover from ransomware attack - The Record by Recorded Future Moxie Marlinspike >> Blog >> My first impressions of web3

Back in 2013, I wrote a piece for TechTarget (sadly, it's no longer online). It focused on mobile security and app security and referenced a report that included some interesting open source software stats that showed one particular shared library's use outpacing the others by a longshot. Can you guess which one?

Back in 2013, I wrote a piece for TechTarget (sadly, it's no longer online). It focused on mobile security and app security and referenced a report that included some interesting open source software stats that showed one particular shared library's use outpacing the others by a longshot. Can you guess which one?

In today's episode Monica Verma talks to Katie Nickels on importance of cyber threat intelligence, evolution of threat landscape over the last decade, trends today and moving forward, as well as security and privacy challenges with threat intelligence.Support the show (https://www.buymeacoffee.com/wetalkcyber)

Jessica interviews Katie Nickels about the latest trends in DFIR, explores Katie's journey to becoming a leading expert in the field, and discuss the patterns of CTI.

Joe Slowik and Katie Nickels are guest co-hosts in this week’s edition of the show. They join Patrick Gray to talk about: Mimecast having some stolen certificate, errr, “problems” The confusing reports about JetBrains Analysis of the malware used in the SolarWinds campaign Australian man arrested in Germany and charged with running DarkMarket The Great Deplatforming of 2021 This week’s show is brought to you by Gigamon. If you’re a Gigamon shop you should really take a look at their ThreatInsight platform, that’s a no brainer. Even if you’re not, they’re real players in the network detection and response space. Joining us in this week’s sponsor interview is Jason Tesarz, a senior product manager for Gigamon ThreatInsight. He joined the show to talk about a few things, like how these days the NDR vendors are competing more around their workflows than trying to be the most comprehensive in detection. Links to everything that we discussed are below and you can follow Patrick, Katie or Joe on Twitter if that’s your thing. Show notes Mimecast says hackers abused one of its certificates to access Microsoft accounts | ZDNet JetBrains denies being involved in SolarWinds hack | ZDNet Federal courts are latest apparent victim of SolarWinds hack CISA: SolarWinds hackers also used password guessing to breach targets | ZDNet Sealed U.S. Court Records Exposed in SolarWinds Breach — Krebs on Security The SolarWinds Hackers Shared Tricks With a Notorious Russian Spy Group | WIRED (1) New Message! SolarWinds hires Chris Krebs, Alex Stamos to boost security in wake of suspected Russian hack - CyberScoop Exclusive: FBI probes Russian-linked postcard sent to FireEye CEO after cybersecurity firm uncovered hack - sources | Reuters DarkMarket: world's largest illegal dark web marketplace taken down | Europol Rioters Had Physical Access to Lawmakers’ Computers. How Bad Is That? Trump Is Permanently Suspended From Twitter Facebook bans Trump indefinitely; risks 'simply too great,' Zuckerberg says - CyberScoop Amazon boots Parler from web hosting service over violent content - CyberScoop Google removes Parler app from Play Store | ZDNet Twitter purges QAnon accounts; Facebook targets 'Stop the Steal' - CyberScoop Some ransomware gangs are going after top execs to pressure companies into paying | ZDNet Anti-Secrecy Activists Publish a Trove of Ransomware Victims' Data | WIRED Hackers can clone Google Titan 2FA keys using a side channel in NXP chips | Ars Technica Encrypted Client Hello: Upcoming Firefox 85 rollout builds momentum for ESNI successor | The Daily Swig Telegram feature exposes your precise address to hackers | Ars Technica WhatsApp gives users an ultimatum: Share data with Facebook or stop using the app | Ars Technica More Chinese apps attract a ban from a presidential administration on the way out China CCP to Nationalize Jack Ma's Alibaba and Ant Group - Report CES 2021: Intel adds ransomware detection capabilities at the silicon level | ZDNet Critical Microsoft Defender Bug Actively Exploited; Patch Tuesday Offers 83 Fixes | Threatpost Fortinet updates web application firewall to protect against SQL injection, denial-of-service attacks | The Daily Swig Gigamon ThreatINSIGHT| Network Detection and Response | Gigamon

Katie Nickels talks about what threat intelligence is, where to get it, what you should expect from it, and how the SOC should be using it. Twitter Handles: @likethecoins | @SecHubb | @SANSDefenseAll Blueprint Podcast Episodes: sans.org/blueprint-podcast

By Sean Martin and Marco Ciappelli When preparing for your “InfoSec Camping Trip,” and you start to put together your list of things to pack, what do you include? This is one of the many questions we asked today’s guest, Katie Nickels. You might be surprised to hear what’s on her list—or, perhaps, her list is similar to your own. Chances are, the one thing that probably won’t be similar to Katie’s is the path you took into information security. We all have different upbringings, educational experiences, visions and dreams, personal journeys, and career paths. Proof in point, it would be interesting to know how many people went to Smith College in Massachusetts, graduated with a liberal arts degree, was an intern journalist for an international news station, and ended up leading the charge for “a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations” at MITRE? I doubt very few others if any. “You don’t really know if you’re going to be good at something until you try it." — Katie Nickels Of course, like all of our guests here on An InfoSec Life, Katie is made up of so much more than where she went to school and where she applies from her learnings as she pursues her career. It’s her full life experience that makes Katie excel at what she is passionate about: - Baking and cake decorating - Writing code - Camping - Data and intelligence analysis - CrossFit training Katie also shares with us what is like entering the field of cybersecurity, combining the exploration, the research, the investigation, the collection of data, and trying to figure out what it means by telling a story by asking questions such as — “What the heck does that mean?” — “How does it impact us?” — “Why does it matter?”—“What story do I need to tell, and to whom do I tell it?” Our conversation with Katie was naturally wonderful—we suspect you will enjoy listening to it as much as we did having it. So… now’s the time for you to join us. Go ahead, press play. _________________ Learn more about this column's sponsors: Nintex: www.itspmagazine.com/company-directory/nintex Find more An InfoSec Life stories on ITSPmagazine: www.itspmagazine.com/an-infosec-life

Hosts: Sean Martin & Marco Ciappelli Guests: Katie Nickels, Karen Worstell, and Dr. Ryan Louie Those fortunate enough to have the alternative path to work from home, how are you handling it? We are living in a new norm, and we don’t know how long it will last before another new norm takes over, but there’s a good chance that the state of society and group relationships may never be precisely the same. So, for those that have the opportunity to work from home (WFH)—either by choice, employer’s choice, or by city/county/state’s choice—how can we make the most of it as we try to settle into this world of limited physical contact? To help us answer this question—and so much more—we are joined by three guests with varying views on this subject: leading and being part of a virtual team, assessing the mental well-being for people on both sides of the equation, and the role of technology in all of this. Some of the key points made during our chat include: - Just because the technology makes it feasible doesn’t mean we can ignore the human element of this new working environment - Keeping in close digital contact with your team, your peers, and your managers can help reduce some of the anxiety WFHers may feel - Regular communication and honestly managing expectations can help to ensure everyone stays on the same page - Some carefully-selected technical tools can be your best friend when looking for the current status for tasks, action items, deliverables, and more when you can no longer look over the cubicle wall to ask your cube neighbor for a quick update - Approaching the situation with a positive attitude—removing preconceived notions that this is going to be “hard”—can help establish a mindset that could make things easier - Remember that a lot of people are in the same boat as you—they will hopefully acknowledge and accept the noise from the kids in the background, just as you should be considerate of their situation - Plus, a ton more … really, we cover a lot of good stuff here Ultimately let’s remember those that are working the fields because they do not have this WFH option and are, instead, on the front lines to help reduce the amount of time it will take to get us as close to the original “norm” that we were once used to. We hope you enjoy this conversation—from home, or wherever you happen to be! Be safe. _________________ This episode is sponsored by ... ITSPmagazine! To learn more about sponsorship opportunities, please visit: https://www.itspmagazine.com/podcast-series-sponsorships Find more In The News stories on ITSPmagazine: https://www.itspmagazine.com/in-the-news

It's most exciting to shake things up and get experience from multiple perspectives. In this episode, we're joined by an individual that is constantly striving to make an impact in Cyber Threat Intelligence - Katie Nickels, Principal Intelligence Analyst @ Red Canary. Katie has made incredible contributions to MITRE ATTACK framework and also SANS contributor 

[Mini-Series] The Human Element with Katie Nickels by DomainTools

News from: Shadow, Gaylord, Maxar, Zayo, Riot Blockchain, CDOT, Ping Identity, Red Canary, Automox, DarkOwl, Swimlane and a lot more! Colorado = Poorly Made Election Applications Iowa’s caucus app came from Colorado. Gaylord Rockies isn’t big enough!? Maxar is going to build robots in space. Read that sentence again. Zayo gets FCC approval to be acquired. SEC clears Riot Blockchain. A year later, we get more details about the CDOT’s SamSam incident. Ping Identity names its top partners for 2019. Red Canary prepares for RSAC. Automox’s new round goes public. DarkOwl announces a partnership. Cody Cornell (of Swimlane) is nominated for a prize. Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week’s news: Join the Colorado = Security Slack channel The problematic mobile app that caused Iowa’s Democratic presidential caucus chaos has Denver ties – The Colorado Sun Gaylord Rockies to expand resort near Denver airport Maxar Technologies wins $142M NASA contract to demonstrate construction robotics in space Boulder-based Zayo gets FCC approval for $14.3B buyout SEC clears Colorado cryptocurrency company after nearly 2-year investigation How SamSam ransomware took down CDOT and how the state fought back — twice Cheers to Ping Identity's 2019 Partners of the Year! RSA 2020 preview: Katie Nickels on adversary attribution Automox Raises $30M Series B, Plans to Hire in Boulder DarkOwl LLC and CyberQ Group Announce Strategic Partnership | WebWire Cody Cornell award nominated for Tech Trailblazer's CEO Job Openings: Ping Identity - Product Security Engineer Ping Identity - GRC Analyst - BCP & IR Ping Identity - Senior Infrastructure Security Analyst Zoll - Director of Security and Risk Management Vail Resorts - Sr Manager, Information Security Operations American Financing - Information Security Officer Invoca - Information Security Engineer TrackVIA - Cloud Security Engineer EY - Enterprise Technology IT Risk Manager Automox - Cloud Security Engineer Upcoming Events: This Week and Next: GrayLog - Graylog Community Denver Meetup - 2/10 SecureSet - Intro to Wifi - 2/11 ISSA Denver - February Chapter Meetings - 2/11-12 ASIS - CONFRONTING HATE & VIOLENT EXTREMISM IN THE U.S. - 2/13 NoCo ISSA - February Chapter Meeting - 2/13 CTA - Level Up Your Tech Career: Listening Intelligence for Leaders - 2/14 NCC (C.Springs) - Capture the flag - 2/14 CSA - February Chapter Meeting - 2/18 Emerging Tech Fan - Co-Event with IoT Colorado - 2/18 ISSA C.Springs - February Chapter Meetings - 2/18-19 DenSec - February Meetup - 2/19 ISSA Denver - Women in Security - 2/19 IAPP Denver KnowledgeNet - Mr Young AI: A case study in designing for privacy - 2/20 ISACA Denver - February Chapter - 2/20 SecureSet - Capture the Flag for Beginners - 2/21 ISSA C.Springs - Mini Seminar - 2/22 Other Notable Upcoming Events RIMS 2020 - 5/3-6 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

Guests: Katie Nickels | Fred Wilmot | Ryan Kovar I was trying hard for a couple of months to organize a chat with Katie Nickels [Lead Cyber Security Engineer at MITRE] and Fred Wilmot [VP, Security Engineering at Devo] to dig into the topic of MITRE ATT&CK. I wanted to know more about the framework, how it works, why it was getting so much traction, and how organizations were successfully operationalizing the framework within their risk and security management programs. It turns out, Katie and Fred are both extremely busy. I found it a nearly-impossible task bringing these two experts together to talk about MITRE ATT&CK. They both wanted to—however, we couldn’t get the calendars to work in our favor. Until … we were all in the same town during the same week for the same set of events—can you say Hacker Summer Camp?! Knowing this, I took one more shot at connecting with Katie and Fred in an attempt to meet them in person in Las Vegas; low and behold—I had success! Not only did I succeed in bringing Katie and Fred together for this podcast, but I also got a chance to meet Ryan Kovar [Principal Security Strategist at Splunk]—who happened to be presenting on ATT&CK with Katie that week. I asked Ryan to join us for the conversation as well. He agreed. BONUS! To top it all off, we got to meet in a 39th-floor suite overlooking the Las Vegas Strip—a pretty chill environment from which to have our chat, indeed. Once we were all together and mic’d up, we got to talking. We talked a lot. We looked at what MITRE ATT&CK is, what it’s for, who it’s for, how to get started with it, how to be successful with it, and what scenarios could be leveraged to learn from others’ successes and challenges. “Risk [management] is about understanding the threats and the control gaps you have—it’s about knowing your adversaries and yourself." ~Katie Nickels We covered the obvious: MITRE ATT&CK is a framework that is threat intelligence derived. What started as a grassroots efforts from the ground up now has a groundswell of support from the community. We pulled back the covers to learn more about how and why this is the case. According to Katie, one great place to start on the threat intel side is to focus on a technique, group or malware sample that your org is concerned about and map what the adversaries are doing to where the gaps are in your controls. If the adversary is doing something you can’t protect against, that’s an excellent place to start. We also covered the role vendors can play in ensuring a successful implementation of the framework; plan to lean on them for translating the data (and its source/s) to be utilized within the organization. One of the main benefits of MITRE ATT&CK is that it provides a universal language that can use across vendors—by having security vendor competitors that are mapping to ATT&CK means you can build a better coverage map across those vendors that you use (or are considering). However, don’t forget that it’s ultimately up to the organization to understand their environment, specific business needs, relevant threat vectors, and the countering adversary cesspool that matter to their business risk profile. As we continued the conversation, it became crystal clear that storytelling is—and must be—front and center in the definition and application of MITRE ATT&CK within your environment. This is important to avoid the possibility of the framework becoming just another checkbox item. Want to learn more from the fantastic group of experts? Good! Have a listen! ________ This episode of At The Edge is made possible by the generosity of our sponsors, Interfocus and Nintex. Be sure to visit their directory pages on ITSPmagazine - Interfocus: https://www.itspmagazine.com/company-directory/interfocus - Nintex: https://www.itspmagazine.com/company-directory/nintex To catch more stories At The Edge, be sure to visit https://www.itspmagazine.com/at-the-edge

This week, we welcome Katie Nickels, ATT&CK Threat Intelligence Lead at the MITRE Corporation, to talk about the MITRE ATT&CK Framework! In our second segment, a security roundtable discussion on Vulnerability Management, Patching, Hunt Teaming, Asset Management, and System Hardening! In the Security News, Lenovo confirms 36TB Data Leak security vulnerability, Slack resets passwords after 2015 data breach, why BlueKeep hasn't reeked havoc yet, and why you don't need a burner at a hacking conference!   To learn more about MITRE ATT&CK, visit: https://attack.mitre.org Full Show Notes: https://wiki.securityweekly.com/Episode612 Visit https://www.securityweekly.com/psw for all the latest episodes!   Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Katie Nickels is the ATT&CK Threat Intelligence Lead at MITRE Corporation. MITRE ATT&CK is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. The ATT&CK knowledge base is used as a foundation for the development of specific threat models and methodologies in the private sector, in government, and in the cybersecurity product and service community. Full Show Notes: https://wiki.securityweekly.com/Episode612 Visit https://www.securityweekly.com/psw for all the latest episodes!

Katie Nickels is the ATT&CK Threat Intelligence Lead at MITRE Corporation. MITRE ATT&CK is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. The ATT&CK knowledge base is used as a foundation for the development of specific threat models and methodologies in the private sector, in government, and in the cybersecurity product and service community. Full Show Notes: https://wiki.securityweekly.com/Episode612 Visit https://www.securityweekly.com/psw for all the latest episodes!

This week, we welcome Katie Nickels, ATT&CK Threat Intelligence Lead at the MITRE Corporation, to talk about the MITRE ATT&CK Framework! In our second segment, a security roundtable discussion on Vulnerability Management, Patching, Hunt Teaming, Asset Management, and System Hardening! In the Security News, Lenovo confirms 36TB Data Leak security vulnerability, Slack resets passwords after 2015 data breach, why BlueKeep hasn't reeked havoc yet, and why you don't need a burner at a hacking conference!   To learn more about MITRE ATT&CK, visit: https://attack.mitre.org Full Show Notes: https://wiki.securityweekly.com/Episode612 Visit https://www.securityweekly.com/psw for all the latest episodes!   Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

In today’s podcast, we hear that Chinese threat group APT10 seems to have been busy lately, and up to its familiar industrial espionage. More governments express skepticism about Chinese manufacturers. The US report on election security is out: influence ops were found to have had no material effect on the midterms. Lithuania worries about Russian election meddling. A reverse RDP attack risk is reported. An industrial IoT remote code flaw. And congratulations to the finalists in RSA’s Innovation Sandbox. Emily Wilson from Terbium Labs on biometrics for sale on the dark web. Guest is Katie Nickels from MITRE on the ATT&CK knowledge base. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2019/February/CyberWire_2019_02_06.html  Support our show

In today’s ShadowTalk, we take on the Robert Mueller indictment against 12 Russian individuals for alleged US election interference. However, rather than dwell on issues of attribution and geopolitics, we focus on the detailed tactics, techniques and procedures laid out in the indictment. Katie Nickels, a member of the MITRE team, joins Rafael Amado and Richard Gold us to discuss the ATT&CK™ framework in greater detail, as well as the key lessons that organizations can takeaway. For Digital Shadows’ analysis of the indictment, visit https://www.digitalshadows.com/blog-and-research/mitre-attck-and-the-mueller-gru-indictment-lessons-for-organizations/