-
Jun 1st, 2015
Adversary Intelligence: Getting Behind the Keyboard
Arguably one of the most controversial subjects in Threat Intelligence currently is the topic of Attribution, or developing Adversary Intelligence. Industry pundits will debate attribution with a rel
-
May 29th, 2015
The Cost of Bad Threat Intelligence
The Cost of Bad (and Value of Good) Threat Intelligence Written by Andy Pendergast, co-author of the Diamond Model for Intrusion Analysis Earlier this week, Sergio Caltagirone. published an article on
-
May 26th, 2015
Threat Intelligence Sharing: Empower Your Cyber Defense
I am excited to see threat intelligence sharing is catching on as a way to empower cyber security defenders with timely, relevant, and actionable threat intelligence data. I believe, and I actually
-
May 5th, 2015
What’s the RSA Conference About, Daddy?
Like many of my infosec brethren and sistren (yep; apparently it’s a word), I leave some sad kids behind every year as I make the annual pilgrimage to the RSA 2015 Conference. This year, my 8 year o
-
Apr 15th, 2015
What the Verizon DBIR Says About Threat Intelligence Sharing
Before we get started on Verizon’s 2015 Data Breach Investigations Report (DBIR), let’s address the elephant in the room. I created the DBIR back in 2008 and have led the excellent team that produ
-
Mar 23rd, 2015
Is Your Threat Intelligence Platform Just a Tool?
“If the only tool you have is a hammer, you tend to see every problem as a nail.” Abraham Maslow Throughout the enterprise there are security personnel using a variety of processes and tools to co
-
Mar 18th, 2015
Premera Latest Healthcare Insurance Agency to be Breached
Similarities with Wellpoint/Anthem Event Should be Understood The recent announcement from Premera Blue Cross Blue Shield that it has fallen victim to a sophisticated cyber attack that reportedly comp
-
Feb 27th, 2015
The Anthem Hack: All Roads Lead to China
When news of the Anthem breach was reported on February 4th, 2015, the security industry quite understandably went wild. A breach of this magnitude was certainly unprecedented. Naturally, many indus
-
Feb 15th, 2015
ThreatConnect How To: Pivoting & Exporting Data
Introduction The Diamond Model of Intrusion Analysis is the analytic methodology upon which ThreatConnect is built. Developed by a number of preeminent security researchers and analysts (including o
-
Feb 2nd, 2015
ThreatConnect Community Success Story: The Rubber Meets the Road
Communities, sharing, and collaboration have hit the hype curve in cyber security circles. While the marketplace includes products that offer information exchange or are bolting on support for coll
-
Jan 29th, 2015
ThreatConnect How To: Importing Indicators
There are many advantages to having a centralized Threat Intelligence Platform (TIP) to aggregate, analyze and act on your own threat intelligence. Among them, is empowering the threat analyst to inte
-
Jan 12th, 2015
ThreatConnect Communities: A Swiss Army Knife in Your Collaboration Arsenal
ThreatConnect Communities have become the indispensable Swiss army knife in the analyst collaboration arsenal this past year. While our community blueprint has always included – a “Common Commun