xorl %eax, %eax

Predict 21: Tradecraft Tips for Unusual Recorded Future Uses

leave a comment »

Since it’s first instance (known as RFUN back then), the Recorded Future’s intelligence summits have been one of my favourite industry events. That’s not only due to the content which is always incredible and covers multiple aspects of the intelligence world, but also for the overall atmosphere of the event. The attention to detail and passion of the organizers is apparent if you ever had the opportunity to attend either RFUN or its successor, called Predict.

In 2019, together with an amazing colleague, we had the honour to do a podcast for RFUN while attending the event. But this year, I was even more excited since a talk I had submitted was accepted and that marked my first speaking event at Predict. My talk was titled “Tradecraft Tips for Unusual Recorded Future Uses” and was about, more or less, what the title says.

That is, tradecraft tips on how you can use Recorded Future’s platform for things that aren’t so common knowledge. For example, taking advantage of the platform’s OCR capabilities, crisis monitoring, how you can take advantage (“exploit” in intelligence lingo) of “noisy” sources, threat actor tracking and alerting, enriching the platform by onboarding new sources, etc.

Now on the event itself, there were some great talks and people presenting (which makes it even more humbling to be part of it). To give you an idea talks included people like Sir Alex Younger, Former Chief of MI6, multiple CISOs of big U.S. cities like Los Angeles and New York, representatives of the Dutch High-Tech Crime Unit, and of course, lots and lots of experienced intelligence experts from both Recorded Future’s intelligence teams, and other private companies. You can check the agenda here on your own.

Now for this blog post here, I’d like to close it with something that is common knowledge but frequently forgotten… No matter how “smart” your technology is, it’s how the people use it that matters.

Think about it from the public sector side too… You might have some super impressive spy satellites with SAR CCD, dozens of sensors… And yet, what if all your analysts just use the optoelectronic and FLIR sensors? Does it matter?

So… Regardless of what technologies you have available, ensure that you make the most of what they offer. Whether this is your SIEM, your XDR, or even your spy satellites! :)

Written by xorl

October 27, 2021 at 13:17

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: