Cyber Talk with Attivo Networks

Attivo Slides | MITRE Slides | Additional Attivo Information

Cyber Talk with Attivo Networks

Event Title
Deception for CTI collection and criticality for understanding an adversary’s wartime playbook

Todd Helfrich, Attivo Networks – Vice President of Federal
Dr. Stan Barr,
MITRE – Sr. Principal Cyber Deception Researcher
Maretta Morovitz,
MITRE – Engage Lead

Event Description
With the growing supply of valuable network-accessible data, network intrusion remains a cheap and risk-averse way for threat actors to conduct operations. We can raise the barrier to entry with defense-in-depth, but what happens when we poison the supply? In this talk, we’ll discuss cyber denial, deception, and adversary engagement and how we’ve used it to drive up our adversary’s cost to operate while driving down the value of their operations.

We believe that the deployment of adversary engagement technology provides opportunities for defense, intelligence gathering, and strategic impact, as well as basic cyber hygiene, high fidelity detections, and opportunities to observe and generate cyber threat intelligence (CTI) data to inform defensive operations. We want to make adversary engagement an accessible and pervasive cyber defense strategy for all. The more adversary engagement operations we run as defenders the more we collectively raise the cost and reduce the value of operations for our adversaries.

Who Should Attend?
This event is open to the public for those who are eager to enhance the effectiveness of the Department of the Army Defense Cyber Operations (DCO) cyberspace and cybersecurity infrastructure through critical research, experiments, development, testing, and the development of innovative technologies. US Government (military and civilian), contractors, SOSSEC members and non-members are encouraged and welcome to attend to learn more about successful technology collaboration from these Cyber Talk briefings. The recommended audience is for: program managers, development teams; engineers, architects; security managers; security specialists; system administrators; and analysts who work in DoD cyberspace.

About The Consortium
The purpose of the Army’s Cyber Operations Broad Responsive Agreement (COBRA) is to spur innovative development, demonstration, and expedited delivery of prototypes for Warfighter readiness. When awarded an Other Transaction Authority (OTA) there is a requirement to join the System of Systems Consortium (SOSSEC), the consortium manager for Program Executive Office Enterprise Information Systems (PEO EIS). For more information on joining the consortium, please go to

COVID-19 Restrictions
Due to the restrictions on group gatherings imposed by the COVID-19 conditions, this Cyber Talk will be executed virtually. To participate, please use the Zoom for Government link listed above or follow this link:

Any questions about the event or joining the consortium can be directed to Ed Aguirre of SOSSEC, Inc. at


Jun 16 2022


1:00 pm - 3:00 pm

More Info

Watch Live
Watch Live