Watch the webinar to learn how to manage indicator deprecation in the ThreatConnect Platform
Did you miss our webinar, “Managing Indicator Deprecation in ThreatConnect?” It’s about some of our best practices for managing the data that we keep in the Platform, specifically, the millions of indicators that populate the ThreatConnect Sources we use for hunting and enrichment. The goal is to actually help you avoid spring cleaning - that yearly ritual where you have to stop what you’re doing to clean up the historical inform that has accumulated over the past 12 months.
The webinar talks about how best to use the tools that ThreatConnect provides--namely Indicator Deprecation--to automatically and periodically clean things up.
The webinar first discusses ThreatConnect’s threat and confidence rating system. Then we highlight some specific reasons for deprecation and a scenario that demonstrates its use. After that, we dive into how to set everything up in the Platform as well as discuss some suggested approaches and best practices.
In this webinar, you’ll learn what the difference is between a two skull threat and a three skull threat, or 45% confidence vs 55% confidence. These are important, especially if you have multiple people working with the same set of indicators, or if you just want your ratings to be consistent with the rest of the ThreatConnect ecosystem.
To provide some additional context, we published a blog post , wrote a Knowledge Base article and created a downloadable handy cheat sheet with some best practices and tables for determining threat and confidence ratings.
Watch the webinar here:
Oh, and while you are on our YouTube channel, don’t forget to subscribe to the page. You don’t want to miss any informative recorded trainings like this one.