Judo Threat Intelligence - Frank Angiolelli

Explore threat intelligence principles and practical techniques in this 42-minute conference talk from BSidesSTL 2019. Learn about the distinction between information and intelligence, three key principles of threat intelligence, and strategies for exploiting kits and destroying developer value. Discover how to identify anomalies, analyze user agents, and utilize tools like BlackSpider. Gain insights into building custom alerts, implementing tactical actions, and leveraging artificial intelligence and machine learning for cybersecurity. Understand the importance of using your own tools and managing blacklists effectively. Engage with thought-provoking questions and discussions on modern threat intelligence practices.

Intro
Franks background
Information vs Intelligence
Three Principles
Exploit Kit
Destroy Developer Value
Anomaly Bumps
User Agents
BlackSpider Tool
Crawl Walk Run
Building Custom Alerts
Tactical Actions
Question Thoughts
Artificial Intelligence Machine Learning
Use your own tools
Blacklists
Questions