Dismiss this notice
Avast Premier Photo Caption - [Only registered and activated users can see links Click here to register]

Dismiss this notice
FastestVPN Accounts Giveaway - [Only registered and activated users can see links Click here to register]

Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Evaluating threat intelligence sources
[Image: evaluating-threat-intelligence-featured.jpg]

With the expanding attack surface and a growing sophistication of threats, just reacting to an incident is not enough. Increasingly complex environments provide multiple opportunities for attackers. Each industry and each organization has its own unique data to protect, and uses its own set of applications, technologies, and so forth. All of that introduces an enormous number of variables into possible methods of executing an attack, with new methods emerging daily.

Over the past few years, we have observed a blurring of boundaries between types of threat and types of threat actor. Methods and tools that were previously a threat to a limited number of organizations have spread to the broader market. One example of this is the dumping of code by the Shadow Brokers group, which put advanced exploits at the disposal of criminal groups that would not otherwise have had access to that kind of sophisticated code. Another example is the emergence of advanced persistent threat (APT) campaigns focused not on cyberespionage, but on theft — stealing money to finance other activities that the APT group is involved in. And the list goes on.

A new approach is needed

With enterprises increasingly falling victim to advanced and targeted attacks, it’s clear that a successful defense requires new methods. To protect themselves, businesses need to take a proactive approach, constantly adapting their security controls to the ever-changing threat environment. The only way to keep up with these changes is to build an effective threat intelligence program.

Threat intelligence has already become a key component of security operations established by companies of varying sizes across all industries and geographies. Provided in human-readable and machine-readable formats, threat intelligence can support security teams with meaningful information throughout the incident management cycle and inform strategic decision-making.

However, the growing demand for external threat intelligence has given rise to an abundance of threat intelligence vendors, each offering a host of different services. An extensive and competitive market with innumerable, complex options can make choosing the right solution for your organization highly confusing and extremely frustrating.

Threat intelligence that isn’t tailored to the specifics of your business can exacerbate the problem. In many companies today, security analysts spend more than half their time sorting out false positives instead of on proactive threat hunting and response, leading to a significant increase in detection times. Feeding irrelevant or inaccurate intelligence to your security operations will drive the number of false alerts even higher and have a serious, negative impact on your response capabilities — and the overall security of your company.

Where the best intelligence lives…

So, how do you evaluate the numerous threat intelligence sources, identify the ones that are most relevant to your organization, and effectively operationalize them? How do you navigate the enormous amounts of meaningless marketing with almost every vendor claiming that its intelligence is the best?

These questions, although valid, are definitely not the first ones that you should be asking. Attracted by flashy messages and lofty promises, many organizations believe that an external vendor can provide them with some kind of superpower X-ray vision, completely overlooking the fact that the most valuable intelligence resides within the perimeter of your own corporate network.
[Only registered and activated users can see links Click here to register]
[-] The following 1 user Likes harlan4096's post:
  • JM Safe
With the time malware threats worldwide become always more advanced and more smart and so harder to detect and defeat. On the other side we have also very good security methods that need to be updated constantly to be ready to fight against new malicious threats but at the same time not detecting too false positives.
[-] The following 1 user Likes JM Safe's post:
  • harlan4096

Forum Jump:

Users browsing this thread: 1 Guest(s)
You have to register before you can post on our site.



Recent Posts
RogueKiller V13.4.4
V13.4.4 09/16/2019...harlan4096 — 12:50
Avast Blog_Security News: U.S. sanctions...
Can threats to ...harlan4096 — 07:44
Avast Blog_Security News: DDoS attack fo...
Plus, a BEC bus...harlan4096 — 07:41
How Deepfakes Can Ruin Your Business
And How You Can...harlan4096 — 07:33
64-Core AMD EPYC Rome Achieves World's F...
On Friday, Beam...harlan4096 — 07:26

Today's Birthdays
avatar (42)rarinsWax
Upcoming Birthdays
avatar (32)fapedDow
avatar (42)pohudidere
avatar (32)eqiduseb
avatar (39)ThomasLYDAY
avatar (34)upakoExapy
avatar (43)skepwHug
avatar (32)RicardoGoase
avatar (37)Denpokhew
avatar (29)azidony
avatar (34)maskbSleew

Online Staff
There are no staff members currently online.