Cyber Intel F3EAD

Adam Meyers | August 2-3 & 4-5


On This Page


Overview

The US Special Operations Forces pioneered a methodology called F3EAD, which enabled amongst other things the ability to take out insurgent and terrorist networks. This methodology focuses on ‘Finding’ the adversary, ‘Fixing’ their location, ‘Finishing’ their operational utility, and collecting the materials associated with the target. This material is then ‘Exploited’ or used to extract operational details of the network they are associated with, ‘Analyzed’ for intelligence which is useful to find other targets, and ‘Disseminated’ for other friendly forces to conduct operations. This class focuses on modifying the F3EAD methodology for utility in Cyber Defense Operations to allow cyber defenders to incorporate intelligence practices into their daily operations and focus not only on one off indicators but the overall threat actor. Intelligence enables cyber defense teams to look at the cyber battlefield from the 50,000-foot view and piece together all aspects of the cyber adversary’s operations. From what altitude are you viewing the cyber battlefield?

In this class you will learn the importance of Threat Intelligence, how to consume intelligence, and how to integrate it into your enterprise. This integration will focus on real time integration to allow threat intelligence to be processed at 'line speed'.


Student Requirements

General understanding of computer security, ability to use VMware, a desire to learn how to leverage intelligence methodologies to hunt down adversaries


What Students Should Bring

• VMware Player, VMware Fusion, or VMware Workstation
• USB Port
• Administrative Privileges on their workstation


Trainers

Adam Meyers is the Director of Intelligence for CrowdStrike; in this role he overseas the team's daily activity, provides direction and strategic vision for the company's intelligence collection, reverse engineering, and analysis efforts. He also serves as a senior security researcher, who focuses on reverse engineering targeted malware threats, mobile malware and related technologies. Previously he was the Director, Cyber Security Intelligence with the National Products and Offerings Division of SRA International. In that role Mr. Meyers served as a senior subject matter expert for cyber threat and cyber security matters for a variety of SRA projects. Mr. Meyers provided both technical expertise at the tactical level and strategic guidance on overall security program objectives. Mr. Meyers also acted as the product manager for SRA Cyberlock, a dynamic malware analysis platform.