ThreatConnect’s New OSINT Dashboard
It’s a terrible cliche that so many security teams spend much of their time fighting fires. I’m not saying it’s not a big problem, but I am saying that it’s the responsibility of the security professional to ensure that they still make time for routine foundational activities that, over time, build up to result in fewer and fewer fires. I’m not just talking about continuing education, I’m talking about the daily habits that help you both prevent the fires and make you better at fighting them when they happen.
Even if it’s just five minutes a day, what matters most is getting into the habits. Let me give you an example. At ThreatConnect, we’ve developed an “OSINT Dashboard.” This dashboard is designed for a quick, five minute perusal as soon as you login to your ThreatConnect account, when you’re sitting down to your daily cup of coffee (or whatever your favorite poison). It’s not meant to take up a lot of time on deep dives, or be a confounding mess of tactical indicators and irrelevant intelligence. It’s meant as a basic leaping-off point to keep you on top of the struggles you might encounter later in the day/week/month/hopefully-never.
The dashboard is accessible to all users of our free Cloud environment (URL) by hovering over the “Dashboard” menu and selecting “OSINT Dashboard.” Let’s take a look at some of what you’ll find on the dashboard.
OSINT Tied to Named CVEs
A lot of vulnerabilities that get reported never actually show up on the wild. The point of this datatable is to give you insight into what’s actually showing you up by showing top CVEs tied to real intel. In a world of triage, these are the vulnerabilities you should consider paying attention to.
Latest Technical Blogs & Reports
In the old days, building five minute habits meant wading through dozens of your favorite blogs (and likely going over the time limit). No more! The “Technical Blogs & Reports” source in ThreatConnect is a curated, machine- and human-readable collection of more than a hundred blogs and reports from leading security companies, intel providers, academia, and armchair enthusiasts. Rather than needing to check through everything, this dashboard card compiles all of that information into the latest and greatest.
Sometimes five minute habits can result in deeper dives, and that’s okay. If something piques your interest, you should have the option of learning more. This card shows how many pieces of intel have come in in the past week, and by clicking on any item you can find out more. Want the latest Adversary intel? Click Adversary. Want to learn about the latest Campaigns? Click Campaign!
A Starting Point
These are just a sampling of the information available on the dashboard. Since it’s free, I’d encourage you to check it out for yourself and consider incorporating it into part of your daily routine.
Ultimately, the habits you build need to make sense to you. They need to be relevant. For our TC ManageTM, TC AnalyzeTM, and TC CompleteTM customers, you can actually create your own habit-forming dashboards. For example, if your “morning cup of coffee” routine includes reading about the latest threats from China, you can create a dashboard with that in mind. If your daily routine involves your favorite malware family, you can do that, too.