Threat Intelligence

11/10/2017
11:00 AM
Steve Zurier
Steve Zurier
Slideshows
Connect Directly
Twitter
RSS
E-Mail

6 Steps for Sharing Threat Intelligence

Industry experts offer specific reasons to share threat information, why it's important - and how to get started.
2 of 7

Understand threat events you are seeing in-house

Get your own house in order: Start by understanding the events within your four walls and how they correlate. You can't begin to share information with others until you have an understanding of what's going on inside your own organization. There are many tools out there today that can give you this picture of your event data. Some vendors in this space include TruStar Technology, which specializes in aggregating threat intelligence to share with other verticals and regional geographies, and threat intel providers Anomali and ThreatConnect.

Image Source: Andrey_Popov via Shutterstock

Understand threat events you are seeing in-house

Get your own house in order: Start by understanding the events within your four walls and how they correlate. You can't begin to share information with others until you have an understanding of what's going on inside your own organization. There are many tools out there today that can give you this picture of your event data. Some vendors in this space include TruStar Technology, which specializes in aggregating threat intelligence to share with other verticals and regional geographies, and threat intel providers Anomali and ThreatConnect.

Image Source: Andrey_Popov via Shutterstock

2 of 7
Comment  | 
Print  | 
Comments
Newest First  |  Oldest First  |  Threaded View
intelJunky
50%
50%
intelJunky,
User Rank: Apprentice
2/22/2018 | 4:59:01 PM
intel sharing
You guys should seriously check out Perch. They do everything this article talks about. They actually make all the intel from my ISAC useful and I think they're still doing free PoCs too. https://www.perchsecurity.com
tcritchley07
50%
50%
tcritchley07,
User Rank: Moderator
11/11/2017 | 6:19:41 PM
Sharing Security Info
I am a believer that a radical new cybersecurity architecture is needed and the exponential rise over many years in breaches shows this. Sharing info on these events, a suggested. is fine but it  is like people telling each other how wet they are in the rain when the solution is a (new) umbrella.
Higher Education: 15 Books to Help Cybersecurity Pros Be Better
Curtis Franklin Jr., Senior Editor at Dark Reading,  12/12/2018
Worst Password Blunders of 2018 Hit Organizations East and West
Curtis Franklin Jr., Senior Editor at Dark Reading,  12/12/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
10 Best Practices That Could Reshape Your IT Security Department
This Dark Reading Tech Digest, explores ten best practices that could reshape IT security departments.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-20161
PUBLISHED: 2018-12-15
A design flaw in the BlinkForHome (aka Blink For Home) Sync Module 2.10.4 and earlier allows attackers to disable cameras via Wi-Fi, because incident clips (triggered by the motion sensor) are not saved if the attacker's traffic (such as Dot11Deauth) successfully disconnects the Sync Module from the...
CVE-2018-20159
PUBLISHED: 2018-12-15
i-doit open 1.11.2 allows Remote Code Execution because ZIP archives are mishandled. It has an upload feature that allows an authenticated user with the administrator role to upload arbitrary files to the main website directory. Exploitation involves uploading a ".php" file within a "...
CVE-2018-20157
PUBLISHED: 2018-12-15
The data import functionality in OpenRefine through 3.1 allows an XML External Entity (XXE) attack through a crafted (zip) file, allowing attackers to read arbitrary files.
CVE-2018-20154
PUBLISHED: 2018-12-14
The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated users to discover all subscriber e-mail addresses.
CVE-2018-20155
PUBLISHED: 2018-12-14
The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated subscriber users to bypass intended access restrictions on changes to plugin settings.