by Yann LeBorgne | Jun 6, 2017 | Blog, Threat Intelligence
Using Threat Intelligence to Defend Against 0day Vulnerabilities POSTED BY YANN LEBORGNE Last month, a new 0day (CVE 2017-0199) was reported in the news. It was publicized in conjunction with a well-known malware which was dormant for a good number of months. As it is...
by Ryan Trost | May 30, 2017 | Blog, Threat Intelligence
Ransomware - The Non-Technical But Fascinating Ripple POSTED BY RYAN TROST One of the silver-lining effects of a global cyber scare such as WannaCry ransomware is the trigger to catch up with friends to discuss fact vs. fiction of the threat research, attribution,...
by Ryan Trost | May 23, 2017 | Blog, Threat Intelligence
Buy vs. Build: Tales from the Trenches POSTED BY RYAN TROST In mid-2010 I was running a large Defense contractor SOC (35+ analysts) and was forced to build what’s currently known as a threat intelligence platform (TIP) – to manage indicators, adversary profiles,...
by ThreatQ | May 18, 2017 | Blog, Threat Intelligence
It’s Time to Think Differently about Threat Operations POSTED BY THREATQ Can you really “manage” threats? Is that even a worthwhile goal? And how do you define a threat? New research by Securosis explores why the current approach of treating every attack as an...
by Kevin Libby | May 9, 2017 | Blog, Threat Intelligence
The Watchlist: Collaborating to Build Better Adversary Dossiers Faster POSTED BY KEVIN LIBBY Have you ever wanted to be alerted about new information related to the TTP of an adversary? Well now that’s possible!The ThreatQ Operations and Management Platform provides...
by Mike Clark | May 2, 2017 | Blog, Threat Intelligence
Leveraging ThreatQ and AutoFocus to Combat Ransomware POSTED BY MIKE CLARK As we discussed in the last post, one of the primary attack vectors used to deliver ransomware is spearphishing. We showed there are several OSINT tools that can help, however, some commercial...
