by Liz Bush | Mar 26, 2019 | Blog, Cybersecurity, Threat Intelligence
The MITRE ATT&CK Framework – A Sign of the Times POSTED BY LIZ BUSH There was a time when we believed that we could prevent every attack. But despite a defense-in-depth strategy, as the years progressed we realized this wasn’t possible. Attacks are happening with...
by Liz Bush | Mar 12, 2019 | Blog, Cybersecurity, Threat Intelligence
Spear Phishing Analysis Using ThreatQ and ThreatQ Investigations POSTED BY LIZ BUSH Although spear phishing has been around for years, organizations continue to fall victim as criminals evolve their methods. According to the most recent quarterly report from the Anti...
by Ryan Trost | Feb 26, 2019 | Blog, Cybersecurity, Threat Intelligence
TLP Inheritance - a minor but powerful feature POSTED BY RYAN TROST Traffic Light Protocol (TLP) is a pretty universal term these days, especially as STIX/TAXII is gaining momentum within the *-ISAC communities. However, for completeness its a sensitivity marking term...
by Liz Bush | Feb 12, 2019 | Blog, Cybersecurity, Threat Intelligence
How ThreatQ and ThreatQ Investigations work with Endpoint Detection & Response (EDR) Systems POSTED BY LIZ BUSH For decades, cyber technologies have been built for the common purpose of detecting and blocking threats. When a new type of threat appeared, companies...
by Liz Bush | Feb 5, 2019 | Blog, Cybersecurity, Threat Intelligence
Ovum’s Analysis of Threat Intelligence Platforms POSTED BY LIZ BUSH If you plan to use one of the many security events this spring as an opportunity to research threat intelligence platforms (TIPs), consider arming yourself with the new Ovum Market Radar: Threat...
by Ryan Trost | Jan 29, 2019 | Blog, Cybersecurity, Threat Intelligence
Intelligent Consolidation Rules All - the Underbelly of Communities POSTED BY RYAN TROST As an analyst you are always subconsciously consolidating information looking for investigation patterns, trends, or even the slightest hint of an attacker bending RFC rules to...
