RFUN 2017

October 4-5, 2017 in Washington, DC

6th Annual Threat Intelligence Conference



Disrupting Intelligence

Recorded Future customers, partners, and threat intelligence experts will congregate for two days of education, networking, and fun at the sixth annual Recorded Future User Network (RFUN) Conference. Attendees will gain valuable insight into threat intelligence best practices by hearing from industry luminaries, peers, and Recorded Future experts.

To deliver the most relevant information, RFUN will feature a wide breadth of threat intelligence sessions ranging from strategy to hands-on use of the Recorded Future product.

RFUN 2017 is a must-attend event for all information security professionals. Watch this video for a recap of last year’s conference.

World-Class Speakers

Brian Scavotto, Manager, Cyber Threat Intelligence, Fannie Mae
Henry Canivel, Security Operations Engineer at Splunk
Roberto Sanchez, Vice President of Intelligence at GroupSense
Mario Vuksan, CEO and Founder at ReversingLabs
Ismael Valenzuela, Principal Engineer, Threat Hunting at McAfee
Rob Kraus, Senior Director, Global Threat Intelligence at NTT Security
Marc Spitler, Senior Manager, Security Research at Verizon
Christopher Mascaro, Vice President of Threat Intelligence at First Data
David Brown, Intelligence Analyst, Security Threat Intelligence at BT
Joe Coleman, Cyber Threat Intelligence Analyst at PepsiCo
Zakary Baumann, Information Security Analyst at TIAA
Bryan Campbell, Senior Security Researcher at Fujitsu
Jason Wonn, Threat Intelligence Analyst, Global Emancipation Network
Christopher Ahlberg, CEO and Co-Founder at Recorded Future
Staffan Truvé, CTO and Co-Founder at Recorded Future
Matt Kodama, Vice President of Product at Recorded Future
Levi Gundert, Vice President of Intelligence at Recorded Future
Andrei Barysevich, Director of Advanced Collection at Recorded Future
Allan Liska, Solutions Architect at Recorded Future
Glenn Wong, Director of Product Management at Recorded Future
Storm Swendsboe, Threat Analyst at Recorded Future

The Grugq


The Grugq is an information security professional who has worked with digital forensic analysis, binary reverse engineering, rootkits, voice over IP, financial security, and telecommunications.

Myke Cole


Myke Cole is a cyber threat intelligence analyst with a major metropolitan police department. He has a long career in federal intelligence, including positions at the CIA and FBI. Myke is the author of six novels and is part of the cast for CBS’ new reality series, "Hunted."

Teresa Shea


Teresa Shea is executive vice president and director of cyber reboot at In-Q-Tel, where she focuses on improved cyber security for the nation. Ms. Shea retired in 2015 from the National Security Agency (NSA), where she last served as the director of signals intelligence.

Priscilla Moriuchi


Priscilla Moriuchi is an experienced threat intelligence manager and senior expert on East Asia and Pacific regional and cyber issues. She spent 12 years in the U.S. intelligence community and, most recently, led the NSA’s East Asia and Pacific cyber threats office.

Robert M. Lee


A National Cybersecurity Fellow at DC-based think tank New America, Rob was named one of Passcode’s Influencers, awarded EnergySec’s Cyber Security Professional of the Year 2015, and was inducted into Forbes’ 30 under 30 for Enterprise Technology 2016.

Chris Poulin


Chris Poulin is Principal/Director in Booz Allen Hamilton’s Strategic Innovations Group, where he leads the Internet of Things security strategy. He was recently at IBM where he lead their X-Force research teams and built the first prototype Watson for cybersecurity.

Errol Weiss


Errol Weiss provides timely and actionable strategic and tactical cyber threat intelligence to key decision makers globally across Bank of America. Errol has over 20 years of experience in information security including eight years with the NSA.

Agenda: Day 1

  • 10:00 AM – 11:00 AM: Registration, Help Desk, Networking, Discovery Center
  • 11:00 AM – 12:15 AM: How Recorded Future Does Threat Intel
    John Wetzel
  • 11:00 AM – 12:15 AM: Escape the UI: Security Automation and Orchestration With RFAPI
    Glenn Wong
  • 11:00 AM – 12:15 AM: USGOV Employees and Contractors Only
    Lauren Zabierek
  • 12:15 PM – 1:15 PM: Lunch, Networking, Discovery Center
  • 1:15 PM – 2:15 PM: Hunting External Threats: From Vulnerability Research to Campaign Attribution and Actor Research
    John Wetzel
  • 1:15 PM – 2:15 PM: Putting Recorded Future In Its Proper Place: Integrations Workshop
    Allan Liska
  • 1:15 PM – 2:15 PM: USGOV Employees and Contractors Only
    Garth Griffin
  • 2:15 PM – 2:45 PM: Break, Networking, Discovery Center
  • 2:45 PM – 3:45 PM: Data Structure and Q&A With Data Science
    Garth Griffin and Bill Ladd
  • 2:45 PM – 3:45 PM: Operationalizing Insikt Group Reports
    David Peduto
  • 2:45 PM – 3:45 PM: USGOV Employees and Contractors Only
    Lauren Zabierek
  • 3:45 PM – 4:15 PM: Networking, Discovery Center
  • 5:00 PM – 8:00 PM: Opening Reception, International Spy Museum
    Keynote: Myke Cole

Agenda: Day 2

  • 7:00 AM – 8:15 AM: Registration, Breakfast, Discovery Center
  • 8:30 AM – 8:40 AM: Welcome
    Christopher Ahlberg, Recorded Future
  • 8:40 AM – 9:15 AM: Opening Keynote: The Age of the Great Leaks
    The Grugq
  • 9:15 AM – 9:50 AM: Fireside Chat on the Future of Threat Intelligence
    Errol Weiss, Bank of America and Christopher Ahlberg, Recorded Future
  • 9:50 AM – 10:25 AM: CRASHOVERRIDE: The Malware That Attacks Power Grids
    Robert M. Lee, Dragos
  • 10:25 AM – 10:50 AM: Break
  • 10:50 AM – 11:25 AM: AI in Black and White
    Chris Poulin, Booz Allen Hamilton and Staffan Truvé, Recorded Future
  • 11:25 AM – 12:00 PM: The Future of Recorded Future
    Matt Kodama, Recorded Future
  • 12:00 PM – 1:30 PM: Lunch, Discovery Center
Breakouts (Floors 7 and 8)

Security Function Sessions

  • 1:30 PM – 2:15 PM: Nation-State Threats and Influence Ops
    David Brown, BT
  • 1:30 PM – 2:15 PM: “Trafficker” Analysis: Human Trafficking Threat Intelligence
    Jason Wonn, The Walt Disney Company
  • 1:30 PM – 2:15 PM: Threat Intelligence for Security Operations
    Henry Canivel, Splunk and Glenn Wong, Recorded Future
  • 1:30 PM – 2:15 PM: Executive Takeaways From the 2017 DBIR
    Marc Spitzer, Verizon and Levi Gundert, Recorded Future

Tips and Tricks

  • 2:30 PM – 3:15 PM: Getting Started With Threat Intelligence
    Bryan Campbell, Fujitsu and Rob Kraus, NTT Security
  • 2:30 PM – 3:15 PM: Disrupt the Disruptors: Threat Hunt Like a Pro
    Ismael Valenzuela, McAfee
  • 2:30 PM – 3:15 PM: Case Study: Threat Intelligence at Fannie Mae
    Brian Scavotto, Fannie Mae
  • 2:30 PM – 3:15 PM: Intelligence Is Not a Buzzword
    Joe Coleman, PepsiCo and Levi Gundert, Recorded Future
  • 3:15 PM – 3:30 PM: Break


  • 3:30 PM – 4:15 PM: Open Sources: Threat Intelligence Is More Than IOCs
    Roberto Sanchez, GroupSense
  • 3:30 PM – 4:15 PM: Closed Sources: Fact vs. Fiction on the Dark Web
    Christopher Mascaro, First Data and Andrei Barysevich, Recorded Future
  • 3:30 PM – 4:15 PM: Technical Sources: The Science and Art of File Reputation
    Mario Vuksan, ReversingLabs and Glenn Wong, Recorded Future
  • 3:30 PM – 4:15 PM: Analyst Produced: Best Practices for Peer Validation of Intelligence
    Storm Swendsboe, Recorded Future and Priscilla Moriuchi, Former NSA

Industry-Specific Sessions

  • 4:30 PM – 5:15 PM: Case Study: Threat Intelligence at TIAA and Vanguard
    Zakary Baumann, TIAA and David DeLuca, Vanguard
  • 4:30 PM – 5:15 PM: APT on APT: Attribution and Staying Non-Attributed at the Nation-State Level
    Teresa Shea and Priscilla Moriuchi, Former NSA
  • 4:30 PM – 5:15 PM: Roadmap Directions: Intelligence and Risk
    Matt Kodama and Levi Gundert, Recorded Future
  • 5:15 PM – 7:00 PM: Closing Reception, Discovery Center


555 Pennsylvania Avenue, N.W.
Washington, DC 20001




Hyatt Regency Washington on Capitol Hill
400 New Jersey Avenue NW
Washington, DC 20001
(202) 737-1234
Book Now — $289 Per Night

The Westin Washington, D.C. City Center
1400 M Street NW
Washington, DC 20005
(202) 457-9174
Book Now — $339 Per Night

The cutoff date for room reservations is Sunday, September 3, 2017.

Courtyard Washington, D.C./U.S. Capitol by Marriott
1325 2nd Street NE
Washington, DC 20002
(202) 898-4000
Book Now — $219 Per Night

The cutoff date for room reservations is Tuesday, September 26, 2017.