Events

Conference presentations, workshops and training from the Cosive team.

PAST EVENT

October 19, 2023 5:50 AM
AEST
AISA CyberCon Melbourne 2023

Panel - Threat Intel Engineering: Building Scalable Threat Intel Programs

This panel will feature David Zielezna (Cosive) alongside Claire Healey and Prescott Pym (Deloitte) for a discussion on threat intelligence engineering best practices to set up your CTI program for success.

PAST EVENT

September 9, 2023 12:00 AM
AEST
B-Sides Melbourne

Workshop - Introduction to Digital Forensics

So you have heard about digital forensics and are intrigued. You've watched NCIS and wondered what it would be like to be Abbey pulling apart hard drives and bringing the winning hand against crime. So you then delight at the announcement of a DFIR CTF and clear your diary for the weekend, excitement and anticipation driving you, you download the evidence, open the challenges and then everything becomes unstuck as you simply do not know where to begin. There are so many tools and they all look so complicated. You close your laptop and head to the couch for a beer instead. Well we are here to save your liver and help you kick start that DFIR career.

PAST EVENT

July 27, 2023 11:15 PM
AEST
Level 20, 420 George Street, Sydney, NSW, 2000

[AWSN Panel] Sydney's An Analysis of the Current Cyber Threat Landscape

Join us for an insightful event as we delve into the current cyber threat landscape, both in Australia and beyond. Led by industry experts, this session will provide an overview of the geopolitical and technological trends shaping the threat landscape.

PAST EVENT

June 14, 2023 9:00 AM
AEST
142-146 Elizabeth Street, Hobart TAS

[SecTalks Hobart] Web Shell Hunting

Shanna Daly is an absolute legend of DFIR and CTI both in Australia and internationally. She has spent many many years leading Response Operations to high profile cybersecurity incidents, built DFIR teams and capabilities, has delivered talks at some of the most prestigious infosec conferences in the world, and is just an all round top kind of lady too. We are incredibly lucky to have her join us this month to present on Web Shell Hunting techniques; a topic she has written about and presented on extensively and has updated her content just for us!

PAST EVENT

March 24, 2023 2:00 AM
AEST
National Convention Centre, Canberra

[AISA CyberCon Canberra 2023] Threat Intelligence Panel

Cyber threat intelligence panel discussion featuring Cosive's Shanna Daly and Chris Horsley alongside Bex Nitert and Brett W.

Cosive CTO Chris Horsley was one of the first to explore the potential of ChatGPT to help us give structure to unstructured threat reports. In this presentation Chris shares the results of his initial experiments using ChatGPT to enhance a piece of unstructured threat intelligence with MITRE ATT&CK codes.

PAST EVENT

March 22, 2023 3:00 AM
AEST
National Convention Centre, Canberra

[AISA CyberCon Canberra 2023] Threat Intelligence Without Boiling the Ocean

The purpose of this presentation is to provide some practical ideas for handling large amounts of open source intelligence and how to extract and store relevant information.

PAST EVENT

March 22, 2023 2:00 AM
AEST
National Convention Centre, Canberra

[AISA CyberCon Canberra 2023] What's Next for Women in Cyber? Panel

Shanna Daly appeared on a panel alongside Corch X, Chloe Hatzis and Daisy Wong to discuss what's next for women in cyber.

PAST EVENT

October 22, 2022 9:00 AM
AEST
Virtual Event

[AWSN] Workshop - Mapping Incidents to ATT&CK

With so many possible threats, it might seem daunting to understand how we can learn from our previous incidents, or incidents experienced by other organisations. Traditionally when threat intelligence has been focused on Indicators of compromise (IOCs) it can seem a daunting task to know how to get all that information and put it to good use. The thing is, IOCs are not everything, IOCs are ephemeral. They have a shelf life, and that shelf life can be very short in some instances. So a defence plan that focuses on ingesting IOCs and blocking them will never increase the maturity of a detect and respond capability. This is why MITRE ATT&CK was developed.

PAST EVENT

October 18, 2022 9:00 AM
AEST
Virtual Event

[Invite Only] - Workshop: Mapping Incidents to ATT&CK

With so many possible threats, it might seem daunting to understand how we can learn from our previous incidents, or incidents experienced by other organisations. Traditionally when threat intelligence has been focused on Indicators of compromise (IOCs) it can seem a daunting task to know how to get all that information and put it to good use. The thing is, IOCs are not everything, IOCs are ephemeral. They have a shelf life, and that shelf life can be very short in some instances. So a defence plan that focuses on ingesting IOCs and blocking them will never increase the maturity of a detect and respond capability. This is why MITRE ATT&CK was developed.

PAST EVENT

May 31, 2019 1:55 AM
AEST
AusCERT 2019

Keynote: Running Your SOC Playbooks as Code

This talk covers Security Orchestration, Automation and Response (aka SOAR) and the differences between SOAR and regular orchestration.

Organisations have an increasing number of detective controls in their information security environments. With more and more logs and monitoring there can only be more events to investigate and triage. In this tutorial Cosive will show participants how they can use open source tooling to automate the contextualisation and remediation of security threats in their environment.