Presentations & Appearances

Videos, podcasts and slide decks from public appearances by Cosive staff.

AUSCERT Podcast: CTI – The importance of info and why context matters with Chris Horsley
AUSCERT Podcast
December 18, 2023
AUSCERT Podcast: CTI – The importance of info and why context matters with Chris HorsleyText Link

Cosive CTO Chris Horsley stopped by the AUSCERT podcast to chat to Anthony Caruana about the importance of threat intelligence and why context is so important. There's something for every CTI practitioner in this episode.

The Glorious Theory and Sometimes Bitter Reality of Sharing CTI Packages
AusCERT 2023
May 9, 2023
The Glorious Theory and Sometimes Bitter Reality of Sharing CTI PackagesText Link

Cyber threat intelligence (CTI) sharing is something we all agree in theory is an excellent idea – until it comes time to actually do it. In this presentation Cosive CTO Chris Horsley explores solutions to the many challenges that face teams trying to share CTI. Finally, we’ll look at some exciting new ways to improve the lives of CTI analysts to produce better quality and more consistent packages faster.

Active Defence With Canary Credentials
Cyber Blue Team Meetup, Melbourne
April 27, 2023
Active Defence With Canary CredentialsText Link

This presentation will help you understand how to use canary tokens and canary credentials to combat phishing attacks. You'll see what we’re up against when using canary credentials and what we need to implement to not waste our time using canary credentials. Chris also includes a deep-dive into a phishing kit, unearthing common patterns in how phishing kits work, and how they try to avoid countermeasures.

Risky Business #700 -- Yevgeny Prigozhin's empire gets owned (with Cosive's Shanna Daly)
Risky Business Podcast
March 22, 2023
Risky Business #700 -- Yevgeny Prigozhin's empire gets owned (with Cosive's Shanna Daly)Text Link

Patrick Gray and Adam Boileau discuss the week’s security news in front of a live audience at AISA’s CyberCon in Canberra. Cosive's Shanna Daly joined the crew on stage to talk about why the infosec industry sucks.

Extracting Threat Intel Nutrients from Unstructured CTI Reports
AISA CyberCon Canberra 2023
March 21, 2023
Extracting Threat Intel Nutrients from Unstructured CTI ReportsText Link

Cosive CTO Chris Horsley was one of the first to explore the potential of ChatGPT to help us give structure to unstructured threat reports. In this presentation Chris shares the results of his initial experiments using ChatGPT to enhance a piece of unstructured threat intelligence with MITRE ATT&CK codes.

Threat Intelligence Without Boiling the Ocean
AISA CyberCon Canberra 2023
March 21, 2023
Threat Intelligence Without Boiling the OceanText Link

The purpose of this presentation is to provide some practical ideas for handling large amounts of open source intelligence and how to extract and store relevant information.

Running Your Security Operations Centre (SOC) Playbooks as Code
AusCERT 2019
January 1, 2019
Running Your Security Operations Centre (SOC) Playbooks as CodeText Link

Security Orchestration, Automation and Response, a.k.a. SOAR. It’s the one thing that Kayne Naughton, Cosive’s Managing Director, believes everyone in security should do. In this talk, Kayne argues that almost any organisation can benefit from using automation to perform repetitive tasks and provide context. Human attention should be reserved for making decisions based on this information.

Focusing Security Monitoring With TTPs
AusCERT 2017
January 1, 2017
Focusing Security Monitoring With TTPsText Link

Kayne discusses TTPs (Tactics, Techniques, Procedures) and how knowledge about them can help you to improve the value and robustness of your threat intelligence.

The Sorcerer's Apprentice
AusCERT 2016
January 1, 2016
The Sorcerer's ApprenticeText Link

As “AI” both advances and becomes more complex, with a dearth of experts who understand and operate it, we are rapidly approaching an era that will enable IT people and their screw-ups to ruin lives on an unprecedented scale.

Maturing Your Security Team: Haste Makes Waste
AusCERT 2016
January 1, 2016
Maturing Your Security Team: Haste Makes WasteText Link

Are your security teams / CSIRTs / SOCs actually prepared to use threat intel, big data and machine learning? The answer is often: “no”. Many organizations gloss over the basics, and try to integrate the latest cutting edge technology before they are ready. Learn how to get ready.

Using Linux Features to Make a Hacker's Life Hard
Linux.conf.au 2016
January 1, 2016
Using Linux Features to Make a Hacker's Life HardText Link

This presentation is aimed at arming System Administrators, Developers and Hobbyists with a collection of tools and techniques to thwart hackers post-exploitation using common Linux features.

STIX 2.0: Lego for Your Threat Intel
NZITF
January 1, 2015
STIX 2.0: Lego for Your Threat IntelText Link

STIX 2.0 is a way to structure threat intelligence language. STIX describes the threat intel in a structured format, TAXII then moves the threat intel into a threat intel repository for storage. STIX and TAXII are used by many of the biggest technology companies and governments are driving the adoption process. STIX 2.0 simplifies the process and removes onerous restrictions, making it easier for you to sight things easier and be more descriptive.

Passwords under a Cloud - Common Mistakes in Password Management
NZITF Conference 2015
January 1, 2015
Passwords under a Cloud - Common Mistakes in Password ManagementText Link

Kayne demonstrates common mistakes that organizations make managing their passwords and provides solutions to fix them.