How to Collect and Use Internal Threat Intelligence

Logo
Presented by

Anthony Stitt, Regional Director APAC, ThreatQuotient Robert Streamer, Threat Intelligence Engineer APAC, ThreatQuotient

About this talk

When it comes to threat intelligence, context and relevance are paramount. The most contextually relevant threat information is based on the actual attacks an organisation faces every day. Often, organisations overlook the opportunity to leverage this internal threat intelligence, instead focusing on external threat intelligence. For example, many organisations now use sandboxing to detect new malware attacks, however they might only use a single SHA from the sandbox for detection or blocking. However, a typical sandbox generates tens or even hundreds of threat indicators covering a wealth of information about the malware and how it operates. These can be used for detection of previous activity that was missed at the time, or used for future detection of related intrusion attempts. In this webinar, we will explore some of the sources of internal threat data and how an organisation can leverage its own systems to provide the most relevant and actionable intelligence available.
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (0)
Subscribers (604)
Prioritize, automate & collaborate with a platform purpose-built for threat-centric security operations.