sign in sign up
<<
Home , Palantir Technologies

AGENDA

OPTIONAL PRE-CONFERENCE INTRODUCTION TO PALANTIR

8:30-9:30 PALANTIR 101 New to Palantir? This special pre-conference session will SALON cover the basics. Additionally, please see page 6 for the on- site training schedule.

MAIN SESSIONS

10:00 WELCOME AND INTRODUCTION SALON Dr. Alex Karp, CEO, Palantir

10:10 HUNTING ADVANCED PERSISTENT THREATS IN CYBERSPACE SALON Rafal Rohozinski, Principal and CEO, SecDev Group Nart Villeneuve, Chief Security Officer, SecDev Group

10:50 USING PALANTIR TO ANALYZE IRANIAN GLOBAL INFLUENCE SALON Doug Philippone, Palantir

11:30 SIGINT & PALANTIR: THE FUSION OF TARGET DATA, REPORTING AND TRAFFIC SALON Trae Stephens, Forward Deployed Engineer, Palantir

12:00-13:00 LUNCH & DEMOS FOYER

13:15 USING PALANTIR WITH OPEN SOURCE DATA: FINDING AND PREVENTING FRAUD IN STIMULUS SPENDING SALON Douglas R. Hassebrock, Assistant Director, Investigations, Recovery Accountability and Transparency Board Alex Fishman, Forward Deployed Engineer, Palantir

13:45 WHAT’S NEW IN PALANTIR GOVERNMENT 2.4 SALON Bob McGrew, Director of Engineering, Palantir

14:15 ATTACK THE NETWORK SALON Bruce Parkman, CEO, NEK Advanced Securities Group

14:45-15:00 COFFEE BREAK FOYER

4 AGENDA

CHOOSE YOUR NEXT SESSION - PART ONE

15:00-15:40 CYBER SECURITY ANALYSIS IN PALANTIR SALON Geoffrey Stowe, Forward Deployed Engineer, Palantir

15:00-15:40 PROTECTING PRIVACY AND CIVIL LIBERTIES WITH COMMERCIALLY AVAILABLE TECHNOLOGY PLAZA Bryan Cunningham, Senior Counsel and Advisory Board Member, Palantir

15:00-15:40 MANAGING A COMPLEX DISTRIBUTED SYSTEM: MADE SIMPLE IN PALANTIR COLONNADE Frank-Robert Kline, Software Engineer, Palantir Khan Tasinga, Software Engineer, Palantir

CHOOSE YOUR NEXT SESSION - PART TWO

15:50-16:30 PROJECT HORIZON: EXPLORING SALON John Garrod, Software Engineer, Palantir Will Barley, Forward Deployed Engineer, Palantir

15:50-16:30 ICD 501: MULTI-LEVEL SECURITY ENABLED BY PALANTIR PLAZA Asher Sinensky, PhD, Palantir

15:50-16:30 PALANTIR EXTENSIBILITY: USING CUSTOM INTEGRATIONS TO ENRICH ANALYTIC WORKFLOWS COLONNADE Lawrence Jesper, Forward Deployed Engineer, Palantir Bryan Knight, Developer Support Engineer, Palantir Robin Lim, Forward Deployed Engineer, Palantir

COCKTAIL HOUR

16:30-18:00 COCKTAIL HOUR SPONSORED BY NEK FOYER Please join us for drinks and appetizers in the foyer.

5 ON-SITE TRAINING SCHEDULE

8:30-9:45 INTRO TO PALANTIR WORKSPACE ATTACHÉ (PRE-CONFERENCE)

8:30-9:45 INTRO TO PALANTIR WORKSPACE CONSULATE (PRE-CONFERENCE)

10:15–11:30 INTRO TO PALANTIR WORKSPACE ATTACHÉ

10:15–11:30 USING PALANTIR FOR GEOSPATIAL ANALYSIS CONSULATE

12:30– 13:45 INTRO TO PALANTIR WORKSPACE ATTACHÉ

12:30– 13:45 ENTITY EXTRACTION AND TAGGING CONSULATE USING PALANTIR

14:15– 15:30 USING PALANTIR FOR GEOSPATIAL ATTACHÉ ANALYSIS

14:15– 15:30 ENTITY EXTRACTION AND TAGGING CONSULATE USING PALANTIR

AMBASSADOR LOUNGE We invite you to relax and enjoy complimentary snacks and refreshments throughout the day in the Ambassador Lounge on the 6th floor.

6 CONFERENCE MAP

RITZ-CARLTON - 5TH FLOOR

REGISTRATION

ELEVATORS

SALON

RITZ-CARLTON - 6TH FLOOR

AMBASSADOR COLONNADE PLAZA

CONSULATE ATTACHÉ

7

SESSION TOPICS

NEW TO PALANTIR? PALANTIR PLATFORM 101 Saad Abdali, Forward Deployed Engineer, Palantir For those who are completely new to the Palantir platform or could simply use a refresher, this talk will start from scratch and provide a broad overview of Palantir's origins and mission. A live demonstration of the product will help to familiarize newcomers with Palantir's intuitive graphical interface and revolutionary analytical functionality while highlighting the major engineering innovations that make it all possible.

HUNTING ADVANCED PERSISTENT THREATS IN CYBERSPACE Rafal Rohozinski, Principal and CEO, SecDev Group Nart Villeneuve, Chief Security Officer, SecDev Group Successful cyber investigations require an ability to piece together disparate technical and contextual datasources to develop a comprehensive picture of an adversary and their methods of attack. In this session, a complex and recent high profile investigation will be walked through, from within Palantir, and in the process present some insights into the state of the art of hunting and killing advanced persistent threats in the cyber domain.

USING PALANTIR TO ANALYZE IRANIAN GLOBAL INFLUENCE Doug Philippone, Palantir

Iran poses a unique challenge to our national defense, they are actively involved as an adversary to United States interests at the tactical, operational, strategic, and political levels. Iran is expanding its influence into Iraq, Afghanistan, Latin America, has aspirations to become a Nuclear power while sponsoring global terrorism through its surrogate, Hezbollah. In light of these issues, Palantir has worked closely with researchers and open source information to help understand Iran, its alliances and economic dependencies, military strengths and projects to help better understand this important player on the world stage.

SIGINT & PALANTIR: THE FUSION OF TARGET DATA, REPORTING AND TRAFFIC Trae Stephens, Forward Deployed Engineer, Palantir

SIGINT analysts are often derided as relying exclusively on the “traffic fairy” – trolling raw traffic databases for new knowledge. However, SIGINT analysts tap into a variety of sources outside of traffic to build their products that are distributed across the community. Potential targets are vetted prior to collection, which involves a significant amount of All-Source persona based analysis. Palantir is the ideal infrastructure for tracking this target development & knowledge and merging this analysis with metadata critical to SIGINT workflows.

9 SESSION TOPICS

USING PALANTIR WITH OPEN SOURCE DATA: FINDING AND PREVENTING FRAUD IN STIMULUS SPENDING Douglas R. Hassebrock, Assistant Director, Investigations, Recovery Accountability and Transparency Board Alex Fishman, Forward Deployed Engineer, Palantir

The American Recovery and Reinvestment Act (HR.1) established the Recovery Accountability and Transparency Board to prevent and detect fraud, waste and abuse in Stimulus Spending. Analysts use Palantir to carry out their mission by fusing open source and transactional data sets to find anomalous spending patterns. Once anomalous behavior has been discovered analysts link the corporate entities and individuals associated with the fraud to build a target package for investigation and prosecution by the appropriate agencies in the oversight community. The Board captures its analytical experience by building predictive models in Palantir that agencies use to better allocate resources to combat fraud.

WHAT'S NEW IN PALANTIR GOVERNMENT 2.4 Bob McGrew, Director of Engineering, Palantir

We are pleased to announce the release of Palantir Government version 2.4. In this release we had one major focus – enabling the Palantir community. We did by enabling the analyst through improved data scale, improved collaborative functions and a wide range of usability enhancements. We also did this by enabling the Palantir administrator through the addition of new administrative interfaces and numerous administrative usability enhancements. All these changes were driven directly by user feedback which continues to be the most important way that we prioritize product development. Together we have built the best Palantir iteration yet and we are extremely excited to share it with all of you.

ATTACK THE NETWORK Bruce Parkman, CEO, NEK Advanced Securities Group

NEK’s “Attack the Network Course” was developed in order to provide analysts, operators and decision makers the tools and training necessary to quickly identify, isolate and destroy enemy networks. NEK understands that in order to gain a comprehensive understanding of one’s operational environment a robust analytical system combined with instructors and mentors possessing relevant training and experience are required. NEK combines the latest software platforms, including Palantir, with up to date TTP’s in the fields of analysis, and tactical/sensitive site exploitation both CONUS and OCONUS in order to

10 SESSION TOPICS provide the timely and accurate information required to conduct effects based operations. NEK’s experience makes us the ideal candidate for supporting a wide array of defense, intelligence and law enforcement requirements across the full spectrum of military and law enforcement operations.

CYBER SECURITY ANALYSIS IN PALANTIR Geoffrey Stowe, Forward Deployed Engineer, Palantir Palantir brings the same rich analytic framework designed for all-source intelligence applications to address the knowledge management and data enrichment needs of the CI, CNO, and SOC/CERT communities. This talk will cover ways of modeling network events, open source repositories of cyber data, and analytical best practices. The examples will center around analyzing spear- phishing and detecting malware.

PROTECTING PRIVACY AND CIVIL LIBERTIES WITH COMMERCIALLY AVAILABLE TECHNOLOGY Bryan Cunningham, Senior Counsel and Advisory Board member, Palantir. Information Security andPrivacy Lawyer.

Privacy and Civil Liberties expert and Markle Foundation Task Force Member Bryan Cunningham will dispel lingering myths of legal and regulatory "barriers" still preventing analysts and operators from fighting terrorism. Bryan will discuss specific laws and regulations often misunderstood to be barriers to collaboration and how commercially available technology can simultaneously enable our operators and analysts to most effectively defeat our adversaries and protect our cherished liberties, both in the bricks and mortar world and in cyberspace.

MANAGING A COMPLEX ANALYTICAL PLATFORM: MADE SIMPLE IN PALANTIR Frank-Robert Kline, Software Engineer, Palantir Khan Tasinga, Software Engineer, Palantir

Palantir Government provides analysts with a rich, intuitive interface to explore vast and complex sets of data from a wide array of dynamic sources. Equipping analysts with such a powerful platform requires a multifaceted suite of distributed servers, dynamic resources, and complex security constraints that would typically be exceedingly difficult to administer and maintain. Whereas our competitors have decided either to short-change or altogether ignore administrators, Palantir has carefully designed a superior suite of tools that are not only robust but also easy to understand and simple to operate.

11 SESSION TOPICS

PROJECT HORIZON: EXPLORING BIG DATA John Garrod, Software Engineer, Palantir Will Barley, Forward Deployed Engineer, Palantir

Project Horizon began as an internal Palantir skunkworks project to build an Object Explorer. Built on the Palantir platform, Horizon powers top-down “haystack to needle” analysis on vast quantities of data to find even the unknown unknowns. Knowing what you’re looking for when you start is no longer a requirement; exploring interactively until you “know it when you see it” is no longer a dream. Horizon is a cloud technology – infinitely scalable on commodity hardware – and is driving previously impossible analysis in the realms of cyber, financial, oversight, and SIGINT investigation on billion and trillion-scale datasets. Presented by one of the engineers who built it, this presentation offers a unique look into Palantir’s culture of continuous innovation and the shape of future generations of the Palantir Government platform.

ICD 501: MULTI-LEVEL SECURITY ENABLED BY PALANTIR Asher Sinensky, PhD, Palantir

Over a year ago the Office of the Director of National Intelligence signed Intelligence Community Directive 501 (ICD 501). ICD 501 succinctly outlines the roles, rights and responsibilities of the Intelligence Community with regards to the ‘Discovery and Dissemination or Retrieval of Information within the Intelligence Community’. A review of these policies reveals that many of the outlined responsibilities will require the adoption of new technologies if they are going to be implemented. In particular, ICD 501 includes the need for a multi- level security environment which Palantir is uniquely able to deliver. In this talk we will explore the ways Palantir meets the requirements laid out in ICD 501 with a specific focus on Multi-Level Security.

12 PALANTIR EXTENSIBILITY: USING CUSTOM INTEGRATIONS TO ENRICH ANALYTIC WORKFLOWS Lawrence Jesper, Forward Deployed Engineer, Palantir Bryan Knight, Developer Support Engineer, Palantir Robin Lim, Forward Deployed Engineer, Palantir

Palantir’s extensibility model enables custom plugin development and integration with third-party software to supplement out of the box analytic workflows. A small sample of plugins and integrations available in Palantir will be demonstrated by the Palantir engineer responsible for their creation. The Workflow Application plugin enables Palantir to be a light-weight case management system. The Net Helper integrates third-party data sources to extract cyber information from domain names and IP Addresses. And, the Palantir Map Application and API allow Open Street Maps, a third-party tile source, to seamlessly integrate with Palantir.

13

PARTNERS

NEK

NEK specializes in the provision of experienced, vetted Special Operations and Veterans in support of classified and unclassified U.S. Government training initiatives. The company is organized to provide qualified personnel in order to support critical experience in areas such as: tactical instruction and training, threat/vulnerability assessments, physical and personal security, intelligence collection and analysis, HUMINT operations, technical instruction and other areas where Special Operations expertise is applicable. Due to the level of quality services provided in support of the U.S. Government, the company has grown rapidly, attaining contract opportunities with numerous DoD, State and Commercial entities.

CAPGEMINI

Capgemini, one of the world's foremost providers of consulting, technology and outsourcing services, enables its clients to transform and perform through technologies. Capgemini offers a complete service portfolio around integrating Palantir within your organization ranging from the development of the business case, architecture, building your ontology, data integration, customized software development to process redesign and organizational transformation. Capgemini’s Collaborative Business ExperienceTM: Working as one team to create and deliver the optimum solution for clients. Present in more than 30 countries, Capgemini reported 2009 global revenues of EUR 8.4 billion and employs 90,000 people worldwide.

CELLEBRITE

CelleBrite’s Universal Forensic Extraction Device (UFED) solution provides cell phone data extraction technology and forensic data analysis solutions for government agencies, military, corporate security and law enforcement entities. Agencies trust CelleBrite’s UFED for fast, reliable and secure extraction of cell phone data, even if it has been deleted, enabling them to analyze and use this data to close investigations and meet crime solving objectives better than ever before. Working in close cooperation with the worldís premier carriers to receive the most up-to- date technology in the market, UFED supports more than 2,000 handset models, the most comprehensive coverage available today. For more information, visit www.ufedsystem.com.

15 PARTNERS

DUN & BRADSTREET

Dun & Bradstreet is the world's leading business information provider since 1841 and has been a trusted partner to federal and S&L governments for over 30 years. D&B's business database contains over 160 million business records from 192 countries. The database is enhanced by our proprietary DUNSRight® Process to ensure accuracy, completeness and timeliness and our DUNS® Number which is recognized as the universal standard for business identification. DNB's breadth of data coverage comes from thousands of sources around the world, including trade experiences, government registries, directories, news/media and direct investigations. Our Global Search Portal via Palantir- DNB Helper is designed to go behind the firewall for the IC.

HB GARY

HBGary, Inc is the leading provider of solutions to detect, diagnose and respond to advanced malware threats in a thorough and forensically sound manner. We provide the active intelligence that is critical to understanding the intent of the threat, the traits associated with the malware and information that will help make your existing investment in your security infrastructure more valuable.

INITIATE

Initiate, an IBM Company, provides secure information sharing and enables analysts to confidently execute associative analysis across billions of records in real time. Organizations use Initiate Entity Resolution to create accurate and complete real-time views of persons and entities of interest derived from any available enterprise application and data source. The ability to resolve various entities, reduce duplicates, disambiguate data elements and derive relationships across billions of records significantly mitigates the signal- to-noise ratio challenges. This enables more effective and accurate identification, elimination of false negatives and reduction of false positives, and assessment and monitoring of potential threats by limited analyst resources.

ISVG

The Institute for the Study of Violent Groups (ISVG) exploits and analyzes open source information on terrorist, extremist, and transnational criminal organizations worldwide. ISVG has collection sites at academic institutions in the US and abroad, with the main activities conducted at the University of New Haven in Connecticut and at Sam Houston State University and the University of Texas-El Paso in Texas. All data is entered into a single relational database with more than 1,500 variables

16 PARTNERS

to capture specific details about terrorist and criminal operations and actors. The database has been extended using Palantir’s KITE framework to support analysis and data export to organizations with Palantir deployments.

KAPOW

Kapow Technologies, headquartered in Palo Alto, CA, is one of the fastest-growing software firms in the world with a strong presence in the U.S. Federal Government. Kapow software is used by U.S. Intelligence Community analysts and developers to collect internet content in both a targeted and broad crawl manner. Kapow is unique in that Kapow works on every website including all social networking sites. Kapow outputs data into in many standards-based formats such as PXML or into an Oracle Database for use within the Palantir platform.

For more information regarding Kapow Technologies please visit http://www.kapowtech.com.

LMN SOLUTIONS

Founded in 2005, LMN Solutions provides expertise in enterprise technology solutions, custom software development, and analysis for mission critical systems. As a strategically positioned small, disadvantaged business, LMN Solutions creates solutions for customers within the federal, commercial, and intelligence sectors. In late 2008, the company established a National Security Policy and Analysis practice to focus on mission relevant solutions for interagency collaboration and information sharing. Our team leverages the expertise of key staff positioned within the policy, multi-intelligence, and information sharing domains.

LNSSI

LexisNexis is the largest public records data company in the world. We have unique expertise in meeting the challenges inherent in engineering immense, highly complicated data collection, analysis, and delivery projects. LexisNexis Advanced Government Solutions was established specifically to deliver LexisNexis data, technology and analytics to government customers with national security missions.

LNAGS has emerged a trusted leader in enabling government and law enforcement agencies to transform data into mission-critical decisions. LNAGS also supports several important long term development efforts to further the methods and technologies needed to manage extremely large informatics challenges.

17 PARTNERS

OBJECTIVITY

Objectivity, Inc. has partnered with Palantir to provide groundbreaking link analysis capabilities built on Objectivity’s distributed data platform, Objectivity/ DB. By leveraging Palantir’s impressive extensibility with Objectivity/DB’s flexible architecture, developers can build custom applications that allow analysts to process massive amounts of data and scale their infrastructure as the need grows. Objectivity and Palantir recently worked together to demonstrate a link analysis capability that analyzes hundreds of millions of relationships, seamlessly integrated directly into the Palantir interface.

SAP

SAP Government Support & Services provides a comprehensive range of SAP enterprise software applications including SAP® Business ObjectsTM and Inxight products to help the members of the intelligence community become best-run businesses – no matter if that business is to manage the workforce of the community or to prevent the next terrorist attack.

We help customers solve business challenges with a combination of software solutions, seervices, and support in a manner that meets our customers’ most sensitive security requirements. SAP Government Support & Services serves its customers from secure facilities in Newtown Square, PA and Herndon, VA.

SECDEV

The SecDev Group specializes in providing research, investigation, and operational capabilities to address emerging security challenges. We are a full spectrum analysis, capabilities, and solutions provider. SecDev develops advanced cyber capabilities for the Palantir platform including the Cloakroom cyber investigations suite. Designed specifically for intelligence, security and law enforcement agencies conducting cyber research, Cloakroom is a powerful anonymization and identity management service that transparently protects the identities of analysts, operators and their organizations, and seamlessly integrates with the Palantir intelligence infrastructure.

The SecDev Group is headquartered in Ottawa, Canada, with offices in Ottawa and Toronto. The SecDev group of companies include: SecDev.Ops, SecDev.cyber and Psiphon. Visit us on line at: www.secdev.ca

18 © Palantir Technologies 2010

Palantir Technologies, Inc. 100 Hamilton Ave. Suite 300 Palo Alto, CA 94301

Inquiries: http://www.palantirtech.com/contact