For some organizations, threat intelligence is lists of malicious IP, domains, and file hashes. Indicators are a key tool for every analyst, but technical threat intel is even more valuable when itās linked to other forms of external intel and context. This session presents a specific threat intelligence use case, in which attackers evaded detection by traditional security measures using PowerShell and a Base64 encoded RAT. Learn how threat intelligence enables analysts to move from flash intel about adversary tactics to specific security and threat intel actions.