Presentations

Videos and slide decks from presentations given by Cosive staff.

AusCERT 2023
The Glorious Theory and Sometimes Bitter Reality of Sharing CTI PackagesThe Glorious Theory and Sometimes Bitter Reality of Sharing CTI Packages

Cyber threat intelligence (CTI) sharing is something we all agree in theory is an excellent idea – until it comes time to actually do it. In this presentation Cosive CTO Chris Horsley explores solutions to the many challenges that face teams trying to share CTI. Finally, we’ll look at some exciting new ways to improve the lives of CTI analysts to produce better quality and more consistent packages faster.

Cyber Blue Team Meetup, Melbourne
Active Defence With Canary CredentialsActive Defence With Canary Credentials

This presentation will help you understand how to use canary tokens and canary credentials to combat phishing attacks. You'll see what we’re up against when using canary credentials and what we need to implement to not waste our time using canary credentials. Chris also includes a deep-dive into a phishing kit, unearthing common patterns in how phishing kits work, and how they try to avoid countermeasures.

AISA CyberCon Canberra 2023
Extracting Threat Intel Nutrients from Unstructured CTI ReportsExtracting Threat Intel Nutrients from Unstructured CTI Reports

Cosive CTO Chris Horsley was one of the first to explore the potential of ChatGPT to help us give structure to unstructured threat reports. In this presentation Chris shares the results of his initial experiments using ChatGPT to enhance a piece of unstructured threat intelligence with MITRE ATT&CK codes.

AISA CyberCon Canberra 2023
Threat Intelligence Without Boiling the OceanThreat Intelligence Without Boiling the Ocean

The purpose of this presentation is to provide some practical ideas for handling large amounts of open source intelligence and how to extract and store relevant information.

AusCERT 2019
Running Your Security Operations Centre (SOC) Playbooks as CodeRunning Your Security Operations Centre (SOC) Playbooks as Code

Security Orchestration, Automation and Response, a.k.a. SOAR. It’s the one thing that Kayne Naughton, Cosive’s Managing Director, believes everyone in security should do. In this talk, Kayne argues that almost any organisation can benefit from using automation to perform repetitive tasks and provide context. Human attention should be reserved for making decisions based on this information.

AusCERT 2017
Focusing Security Monitoring With TTPsFocusing Security Monitoring With TTPs

Kayne discusses TTPs (Tactics, Techniques, Procedures) and how knowledge about them can help you to improve the value and robustness of your threat intelligence.

AusCERT 2016
The Sorcerer's ApprenticeThe Sorcerer's Apprentice

As “AI” both advances and becomes more complex, with a dearth of experts who understand and operate it, we are rapidly approaching an era that will enable IT people and their screw-ups to ruin lives on an unprecedented scale.

AusCERT 2016
Maturing Your Security Team: Haste Makes WasteMaturing Your Security Team: Haste Makes Waste

Are your security teams / CSIRTs / SOCs actually prepared to use threat intel, big data and machine learning? The answer is often: “no”. Many organizations gloss over the basics, and try to integrate the latest cutting edge technology before they are ready. Learn how to get ready.

Linux.conf.au 2016
Using Linux Features to Make a Hacker's Life HardUsing Linux Features to Make a Hacker's Life Hard

This presentation is aimed at arming System Administrators, Developers and Hobbyists with a collection of tools and techniques to thwart hackers post-exploitation using common Linux features.

NZITF
STIX 2.0: Lego for Your Threat IntelSTIX 2.0: Lego for Your Threat Intel

STIX 2.0 is a way to structure threat intelligence language. STIX describes the threat intel in a structured format, TAXII then moves the threat intel into a threat intel repository for storage. STIX and TAXII are used by many of the biggest technology companies and governments are driving the adoption process. STIX 2.0 simplifies the process and removes onerous restrictions, making it easier for you to sight things easier and be more descriptive.

NZITF Conference 2015
Passwords under a Cloud - Common Mistakes in Password ManagementPasswords under a Cloud - Common Mistakes in Password Management

Kayne demonstrates common mistakes that organizations make managing their passwords and provides solutions to fix them.