Every year at major security conferences, you can tell the trends in security because seemingly every product and service is being positioned as “look at how we make $thing easier/cheaper/better.” A few years ago, that was cyber threat intelligence (CTI). Then, it inexplicably changed to threat hunting. But practitioners know that you can’t really separate threat hunting and threat intelligence any more than you can separate logs from a SIEM. Just as a SIEM is useless without log sources, threat hunting without threat intelligence suffers the same fate – maximum value is not achieved for the org and practitioners are left high and dry.
Far too often, purchasing threat intelligence platforms and feeds doesn’t provide the organization with the expected value. In part, that’s because the value of intelligence is hard to quantify. After all, how do you measure the return on investment of knowing the tradecraft or indicators used by a threat actor before they target your organization? This problem is further complicated by the fact that many orgs struggle to operationalize the intelligence that they buy – sure the list of IOCs sounded great and you heard some use cases, but how will YOU use it?
Join us for the 2022 Cyber Solutions Fest and hear talks on: