Name: Operationalizing Threat Intelligence, Part II: Threat Hunting & Incident Response
Start: 2025-07-16T14:00:00Z
End: 2025-07-16T14:01:00.000Z
Location: BrightTALK
Rating: 0

Cyberint is now a Check Point Company. Its impactful intelligence solution combines cyber threat intelligence, external attack surface management, brand protection, and digital supply chain intelligence into a single, powerful solution. By leveraging autonomous discovery of all of an organization’s external-facing assets, coupled with open, deep & dark web intelligence, the solution enables cybersecurity teams to accelerate the detection and disruption of their most pressing cyber risks. Global customers, including Fortune 500 leaders across all major market verticals, rely on us to prevent, detect, investigate, and remediate phishing, malware, fraud, brand abuse, data leaks, external vulnerabilities, and more, ensuring continuous external protection from cyber threats.

Enterprise Security Operations teams must understand the threat landscape in which they operate: the specific threats affecting their industry and region, the threat actors who are most likely to target them, and the tactics, techniques, and procedures (TTPs) used by those bad actors. Threat Modeling helps SOC teams to shift from a theoretical understanding of the threat landscape to a more tangible analysis of the specific attacks their organization is most likely to face. 

In this session, Leo Sojref, Solution Architect for External Risk Management at Check Point, will discuss how to conduct strategic Threat Modeling and how it helps SOC Managers and other Information Security leaders to proactively defend against the most probable cyber attacks. By leveraging advanced cyber threat intelligence-- including an understanding of the threat groups most active in a particular sector or geographic region, as well as the TTPs and IOCs of each group-- cyber defenders can increase security preparedness, optimize defenses against the attacks they're likely to face, and reduce the risk of a major cyber incident.

Join us at 10am EST / 4pm CET on Wed, Aug 13th for this 3rd session in a three-part series on Operationalizing Threat Intelligence. 

Part I: Continuous Monitoring & Detection is scheduled for Wed, June 18th. Register here: https://www.brighttalk.com/webcast/20101/641932

Part II: Incident Response & Threat Hunting is scheduled for Wed, July 16th. Register here: https://www.brighttalk.com/webcast/20101/641934

Operationalizing Threat Intelligence, Part III:  Threat Modeling & Security Preparedness

Cyber threat intelligence has become a standard component of the modern Security Operations Center, but many organizations are under-utilizing the CTI they already have access to. Fully operationalizing threat intelligence doesn't just maximize the value of CTI investments - it also helps to detect threats earlier in the kill chain and keeps the enterprise secure.

In this session, Leo Sojref, Solution Architect for External Risk Management at Check Point, will discuss how SOC Managers and other Security Operations leaders can enhance monitoring and detection capabilities with CTI. This will include examples of specific use cases and workflows that increase efficiency, reduce false positives, identify threats faster, and help reduce cyber risk.

Join us at 10am EST / 4pm CET on Wed, June 18th for this 1st session in a three-part series on Operationalizing Threat Intelligence. 

Part II: Incident Response & Threat Hunting is scheduled for Wed, July 16th. Register here: https://www.brighttalk.com/webcast/20101/641934

Part III: Threat Modeling & Security Preparedness is scheduled for Wed, Aug 13th. Register here: https://www.brighttalk.com/webcast/20101/641940

Operationalizing Threat Intelligence, Part I: Continuous Monitoring & Threat Detection

Initial Access Brokers (IABs) are threat actors who infiltrate networks, systems, or organizations and sell this unauthorized access to other malicious actors. Instead of executing the entire cyber attack, IABs focus on the initial breach and monetize it by selling access to compromised systems. They assist ransomware operations, particularly RaaS schemes, by streamlining attacks and reducing workload at the start.

In this webinar, Adi Bleih, a Security Researcher at Check Point, will dive deep into the world of Initial Access Brokers. The discussion will focus on the trends, statistics, tactics, and other insights collected by Adi and his peers on the research team. Additionally, Adi will discuss strategies for protecting your organization from IAB intrusion.

Join us on Wednesday, June 4th at 10am EST for this deep-dive into Initial Access Brokers.

Investigating Initial Access Brokers

Canadians, attend for a chance to win a signed Maple Leafs Jersey! 
The numbers don't lie. According to the Verizon Data Breach Report, a staggering 83% of breaches originate from external threats – think exposed digital assets, compromised credentials floating in the dark web, and damaging brand impersonation. For security teams in Canada, this reality translates into an overwhelming barrage of alerts from disparate tools, demanding more attention than their limited resources can provide.

In this webinar, discover how Check Point's latest acquisition Cyberint offers a powerful antidote to this chaos. We'll delve into how this innovative approach to external risk management delivers focused, actionable threat intelligence and unparalleled visibility across the clear, deep, and dark web. Join us to learn how Canadian organizations can proactively track their external risk landscape, gaining the crucial advantage needed to outpace threat actors and neutralize threats before they materialize into damaging attacks.

Our experts, Peter Gordon, Territory Account Manager, and Ken Towne, Senior Solutions Architect, will guide you through the capabilities of the solution and demonstrate how it can impact your security posture. Join us to learn how to effectively manage your external attack surface and proactively mitigate threats before they impact your Canadian organization.

External Risk Management in Action: Protecting Your Brand in the Deep, Dark & Clear Web

Every large organization is inundated with software vulnerabilities to analyze, prioritize, and remediate. Given the time it takes to patch and update a system while ensuring continuity, it becomes a serious challenge to manage all of these known vulnerabilities.

One approach is leverage AI to proactively test Internet-facing exposures for exploitability. If a vulnerability can be successfully exploited by advanced automation, then it represents a major risk and should be prioritized for immediate remediation. After all, if it can exploited via automation, it would not be difficult for advanced threat actors to find and exploit it themselves. 

In this webinar, Cyberint (now a Check Point Company) Product Manager Nir Ben Eliezer will discuss this new approach and how it is supported by Active Exposure Validation (AEV), a new capability within the Cyberint solution. Nir will explain how this capability is helping customers to drastically reduce cyber risk by identifying and remediating their most critical exposures. 

Join us on Wednesday, March 26th at 10am EST / 3pm CET to learn more about leveraging AI to proactively test your organization's exposures for exploitability and transforming your vulnerability & patch management program.

Validating Cyber Exposures: How To Continuously Test Exposures For Exploitability

In 2024, the research team at Cyberint, now a Check Point company, observed and documented a record 5,414 ransomware attacks on organizations worldwide. As the number of ransomware attacks continues to climb year after year, organizations across all industries and regions must find ways to mitigate the risk of a ransomware incident.

In this webinar, Cyberint Security Researcher Adi Bleih will dive deep into the ransomware activity observed in 2024. Adi will present on the following topics:

 - 2024 Ransomware Recap: Stats & Data
 - Who's At Risk? Regional & Industry Breakdowns
 - Ransomware Gangs: Who's Up & Who's Out
 - Assessing The Landscape: Trends & Development
 - Strategies For Mitigating The Risk Of Ransomware

Join us on Wednesday, February 26th at 10am EST / 4pm CET to learn more about the ransomware threat landscape and what you can do to keep your organization secure.

Ransomware Recap 2024: A deep-dive into ransomware activity from the past year

Cybersecurity leaders today face a few major challenges when it comes to reporting to stakeholders. 

First, CISOs and other leaders often struggle to demonstrate the value and success of a cyber program. After all, when a cyber program is effective, nothing happens – no breaches, no ransomware attacks, no major incidents that must be reported to regulators and customers. It’s really a case of no news is good news. A second challenge is measuring and reporting on cyber risk. Risk is ultimately a subjective topic with many dimensions and it can be hard to accurately quantify an organization’s level of cyber risk. It’s also difficult to translate a reduction in risk to dollars and cents.

In this webinar, Cyberint Chief Strategy Officer Ophir Bleiberg will dive into these challenges and potential solutions. Ophir will also discuss Cyberint’s approach to measuring cyber risk, which will ultimately help CISOs in having more informed discussions with their stakeholders and demonstrate the value of the cyber program they’re leading.

Join us on Tuesday, December 3rd at 10am EST for strategic insights on measuring and reporting on the success of your cybersecurity efforts.

Demonstrating Cyber Success: How To Report Success & Value To Executive Stakeholders

The cyber threat landscape evolves quickly, forcing cybersecurity markets to move rapidly to defend against the latest threats. This presents several challenges for MSSPs: recognizing the trends and demands of the market, selecting the right technology providers to partner with, and rapidly mastering these new tools to support service delivery. If MSSPs are slow to succeed in any of these steps, it may mean losing out on revenue.

Cyberint, a Check Point Software company, has long been a leader in External Risk Management, a market segment that combines cyber threat intelligence, deep and dark web monitoring, brand protection, and external attack surface management. While other vendors are now making efforts to acquire all of these capabilities, Cyberint has been combining them all into one seamless platform for years. 

In this webinar, Jacob Silutin, Global Head of Sales Engineering, will drill down Cyberint’s capabilities and discuss all the competitive advantages that make Cyberint a better choice for MSSPs of all sizes. This includes everything from a multi-tenant architecture and scalability to a competitive pricing model and the ability to protect your accounts while growing your business.

External Cyber Risk Management For MSSPs

NIS 2, offiziell bekannt als EU-Richtlinie 2022/2055, ist eine von der Europäischen Union erlassene Gesetzgebung, die dazu beitragen soll, kritische Infrastrukturen wie Energie, Transport, Gesundheitswesen, Banken und Telekommunikation zu sichern. 

Bis Oktober 2024 müssen alle EU-Mitgliedsstaaten diese Maßnahmen implementieren und dazu eine Beschreibung veröffentlichen, wie sie die NIS 2 einhalten werden, einschließlich der Art und Weise, wie sie Organisationen mit kritischen Infrastrukturen zur Einhaltung des Gesetzes verpflichten werden. 

Angesichts der nahenden Frist ist es für Sicherheitsverantwortliche unerlässlich die neuen NIS-2-Vorschriften genau zu verstehen, zu erfahren, was das Gesetz genau vorschreibt, und Pläne zu entwickeln, die sicherstellen, dass ihr Cyber Security Programm alle Anforderungen erfüllt. 

Seien Sie am Donnerstag, den 19. September um 17:00 Uhr MEZ dabei, wenn Thomas  Esslinger - Regional Sales Manager bei Cyberint, die neuen NIS 2-Vorschriften erläutert und erklärt, wie Sie die vollständige Einhaltung der Vorschriften in Ihrem Unternehmen optimieren können.

Sichern Sie sich Ihren Platz!

Die NIS 2-Vorschriften:   Wie man die Einhaltung der neuen Vorschriften sicherstellt

Security operations and threat intelligence teams are responsible for detecting cyber risks but, more often than not, support from other teams within the organization is needed to take mitigation actions. For instance, the SOC team may discover a high-risk CVE but help is needed from a SysAdmin on the IT team to patch the vulnerability. 
 
In this webinar, Cyberint Threat Intelligence Team Lead Anastasia Plotkin will discuss strategies for improving cooperation between cybersecurity teams and other departments. Fostering these relationships isn’t just a good camaraderie—it’s essential for managing cyber risk across the organization. Rather than being seen as a constant source of friction, the cybersecurity team should be seen as trusted partners in a company-wide effort to strengthen security and prevent a breach from taking place.
 
Join us on Tuesday, Sept 24th at 10am EST for more insights on how to improve communication and collaboration with other teams at your organization.

Bridging The Gap: How Your Cyber Program Can Improve Cross-Team Collaboration

NIS 2, officially known as E.U. Directive 2022/2055, is legislation enacted by the European Union to help secure critical infrastructure industries, such as energy, transportation, healthcare, banking, and telecommunications. By October 2024, all E.U. member states must adopt and publish measures explaining how they will comply with NIS 2, including how they will compel critical infrastructure organizations to abide by the law.

With this deadline rapidly approaching, it's essential for security leaders to fully understand the new NIS 2 regulations, learn what exactly the law mandates, and develop plans to ensure their cybersecurity program meets all the requirements. 

Join us on Thursday, August 29th at 12pm CEST as Gino Rombley, a Senior Security Architect at Cyberint, breaks down the new NIS 2 regulations and discusses how you can streamline full compliance at your organization.

Unpacking NIS 2 Regulations: How To Ensure Compliance

Major international events, such as the Olympic Games, attract all kinds of cyber threat actors with a variety of motivations and objectives. 

This includes financially-motivated cybercriminals who launch scams to make a quick buck; hacktivist groups who want to cause disruptions to promote a particular ideology; and even state-sponsored actors who engage in espionage and seek to steal sensitive information from adversarial governments.

For these reasons, the Cyberint team has been closely monitoring cyber activity around the 2024 Summer Olympic Games. 

In this webinar, Cyberint Cyber Threat Intelligence Analyst Ilana T. will discuss the cyber activity observed before, during, and immediately after the 2024 Summer Olympics. Ilana will also provide an analysis of potential risks to businesses and recommendations for proactive risk mitigation. 

Join us on Monday, August 12th at 4pm CEST / 10am EST for an overview of these Olympian threats and how you can defend your organization against them.

Olympian Cyber Threats: An Analysis Of Cyber Activity Observed During The 2024 Olympics

Cyberint helps protect hundreds of customers around the world. As part of our continuous monitoring operations, we routinely detect threats that are targeting our customers. The threat could be impersonation of a customer's brand on social media or a phishing site; a malware infection of an employee's or a customer's machine; a leak of sensitive data, such as source code, credit card details, or PII; or exposed corporate credentials. 

In this webinar, 3 cyber threat intelligence experts from the Cyberint team will break down the details of a recent investigation they conducted. We will discuss real incidents, detailing how we detected the threat, what steps were taken to validate it, and how the Cyberint team collaborated with the customer to mitigate the risk.

Join us on Tue, July 9th at 11am EST as as Darja Feldman, Leo Flores and Or Preger give you the play-by-play on recent threat detection, investigation and response case studies.

Cyber Threat Investigations: Tales From The Front Lines

Sophisticated threat groups are targeting organizations in the Asia-Pacific region with increasing frequency. These bad actors utilize a wide range of initial vectors and deploy many kinds of attacks, from phishing attacks and malware infections to vulnerability exploitation and supply chain attacks.

Join two of Cyberint's security experts in the APAC region for a deep-dive webinar on the latest risks, threats, and TTPs in APAC. Jono Angelo Biyo, Solutions Engineer, and Jay Villanueva, Cyber Threat Intelligence Analyst, will discuss the following topics:

-  phishing and smishing threats
-  the persistent threat of stolen credentials
-  increased Hacktivism risks 
-  ransomware activity in APAC
-  supply chain attacks & 3rd party risk

Join us on Tuesday, June 11th at 13:00 UTC+8 (Singapore) to uncover the APAC cyber threat landscape and receive insights on how to keep your organization secure.

Assessing The Cyber Threat Landscape In APAC, H1 2024

Defensa contra los 3 vectores de ataque mas comunes: Cómo mitigar los riesgos de filtración de credenciales, phishing y explotación de vulnerabilidades

En los últimos años, la gran mayoría de las filtraciones de datos corporativos comenzaron con los mismos tres vectores de ataque iniciales: phishing, credenciales robadas y explotación de CVE. Si bien es de conocimiento común que estas tres técnicas son las más utilizadas por los actores de amenazas, los profesionales de la seguridad de la información aún enfrentan desafíos a la hora de defender sus organizaciones contra estos ataques.

En este seminario web, Ariel Friedstadt, analista de inteligencia cibernética, y Erixsa Lewis, gerente de éxito del cliente, profundizarán en cómo los actores de amenazas explotan estos tres principales vectores de ataque y cómo las empresas pueden defenderse mejor contra este tipo de ataques. En el camino, veremos cómo los atacantes colaboran en la web profunda y oscura para llevar a cabo sus delitos cibernéticos. También revisaremos varias estrategias efectivas de mitigación de riesgos que se pueden implementar para una postura de seguridad más sólida.

Únase a Cyberint el jueves 30 de mayo a las 11:00 a. m. EST para obtener más información sobre los 3 principales vectores de ataque iniciales y lo que puede hacer para mantenerse dos pasos por delante de los atacantes.

Defensa contra los 3 vectores de ataque más comunes

Para mantenerse al día con los mercados de ciberseguridad en rápida evolución y satisfacer las demandas de los clientes, los MSSP deben ampliar continuamente su oferta. Esto presenta varios desafíos para los MSSP: reconocer las tendencias y demandas del mercado, seleccionar los proveedores de tecnología adecuados con los que asociarse y dominar rápidamente estas nuevas herramientas para soportar la prestación de servicios. 

Con Cyberint, una plataforma externa líder de administración de riesgos cibernéticos, los MSSP tienen la oportunidad de ampliar su oferta de servicios, reducir el riesgo cibernético para sus cuentas y aumentar los ingresos.

Únete a Iker Alonso del equipo de Cyberint el miércoles 14 de mayo a las 12pm EST para conocer más sobre cómo una asociación con Cyberint impulsa el crecimiento de tu negocio MSSP.

Amplíe su negocio MSSP con la impactante inteligencia de Cyberint

Threat actors often launch phishing attacks because they are reliably effective. Research shows that phishing is consistently a top initial attack vector in corporate data breaches, with as many as one-third of breaches beginning with a phishing attack.

In this webinar, Cyberint Threat Intelligence Team Lead Guy Almog will discuss the phishing threat landscape and help you improve your phishing detection skills.

In a gameshow-style webinar, Guy will show 3 websites: two will be legitimate sites but one will be malicious. Viewers will have the chance to guess which one is the phishing site. After the phish is revealed, we will review the malicious indicators found in these real-world examples. During the course of the webinar, we will play multiple rounds and examine several real phishing sites in the wild.

Join us for this webinar to see if you can catch the phish.

Catching Phish: Can You Spot The Malicious Sites?

Incident response and threat hunting have a lot in common: they are typically components of a mature cyber program, they require access to high-fidelity threat intelligence data, and they provide significant value in terms of cyber risk reduction. The difference? With incident response, the team knows that a cyber incident has taken place. With threat hunting, the team hypothesizes that an incident has taken place but they are not certain.

In this session, Leo Sojref, Solution Architect for External Risk Management at Check Point, will discuss how Incident Response professionals and Threat Hunters can improve their workflows and processes with CTI. Operationalizing threat intelligence as part of DFIR cases helps clearly define the scope of an incident, know which assets were affected, and accelerate mean time to recovery. Similarly, operationalizing threat intel helps Threat Hunters develop a realistic hypothesis, streamline hunting activities and log analysis, and uncover previously undetected threats.

Join us at 10am EST / 4pm CET on Wed, July 16th for this 2nd session in a three-part series on Operationalizing Threat Intelligence.  

Part I: Continuous Monitoring & Detection is scheduled for Wed, June 18th. Register here: https://www.brighttalk.com/webcast/20101/641932

Part III: Threat Modeling & Security Preparedness is scheduled for Wed, Aug 13th. Register here: https://www.brighttalk.com/webcast/20101/641940

Operationalizing Threat Intelligence, Part II: Threat Hunting & Incident Response

Information Security

Cyber Security

Cyber Threats

Cyber Intelligence

Threat Intelligence

Threat Detection

Threat Hunting

Incident Detection

Incident Response

Cyber Attacks

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Operationalizing Threat Intelligence, Part II: Threat Hunting & Incident Response

Presented by

About this talk

More from this channel