SOC Summit Talk: From Cyber Threat Intelligence (CTI) to Detection
With Hayden Covington
March 25 @ 3:00 pm – 3:25 pm EDT
How do you go from reading a threat intel report to deploying a working detection?
Join Hayden Covington, Black Hills Infosec SOC SecOps Lead, for a technical session on the practical workflow of transforming threat intelligence into detections.
You’ll learn how to extract the detection logic buried in CTI reports, translate it into queries your SIEM understands, and validate that it actually works.
Walk away with a clear method you can apply the next time a new threat report hits your desk.
Chat with your fellow SOC Summit attendees in the Antisyphon Discord server: https://discord.gg/antisyphon
This talk is part of the Antisyphon Training SOC Summit, a free, 6-hour, live virtual event designed to give you an honest, practical look at what it’s really like to work in a SOC.
For those who want to go further, multiple hands-on, high-quality, and affordable training courses are available March 26-April 10 to help you deepen your skills and become more effective at protecting what matters most.
Hayden Covington will be teaching his SOC Detection Engineering Crash Course on April 10.
See the entire Antisyphon Training Course Catalog for affordable cybersecurity training!
About the Instructor
Hayden Covington
Bio
Hayden Covington is a Senior Analyst in Black Hills Information Security’s SOC where he specializes in training, quality assurance, detection engineering, and investigative analysis. With a previous background as a SOC analyst for a US naval contractor, Hayden has extensive experience in Digital Forensics and Incident Response (DFIR), Security Orchestration, Automation, and Response (SOAR), and insider threat.
