The ThreatQuotient Blog
EXPERTS SHARING THEIR CYBER THREAT INTELLIGENCE INSIGHTS AND EXPERIENCES
How To Close Security Gaps With A Threat Intelligence Library
Companies have invested in protection technologies for decades – firewalls, web and email security gateways and endpoint protection.
The butler didn’t do it, so who did?
If you’re anything like me, then you’re going to love this cyber investigation challenge we’ve put together for you. You see, when I was a kid, I wanted to be a detective.
Threat Hunting Using ThreatQ and MITRE ATT&CK
The reality is that breaches happen. It is possible to start being proactive with the ThreatQ and MITRE Enterprise ATT&CK integration.
ThreatQuotient Team Set To Speak at 6 Events in October, Locally and Abroad
ThreatQuotient is looking forward to a busy October, full of events taking place across the globe. In particular, we have team members that will be traveling to speak at six events this month, spanning from Colorado to Germany.
Kicking Off Cybersecurity Awareness Month at Splunk.conf18
If your team is heading to Orlando for Splunk.conf18, carve out some time in your schedule to come see the ThreatQuotient team.
The Top 5 Cyberthreats to the Retail Industry and How to Prevent Them
Macy’s, Adidas, Panera Bread and Chili’s are just a few of the retailers and merchants who have fallen victim to cyberattacks in the last few months.
Spear phishing is an Equal Opportunity Threat
Unless you’ve cut yourself off from all media over the last two years, you’re probably familiar with the hack of the Democratic National Committee (DNC) during the 2016 Presidential election. What you may not know is that the vector the adversaries used was spear phishing.
Clustering IOCs
There is something so absolutely freeing about staring at the stars. The milky way can be seen without a telescope. However, most stars are not visible to the naked eye.
Mitigating Risk in the Healthcare Industry
Healthcare organizations are attractive targets for today’s hackers. The data is comparatively much more valuable, so hackers stand to make big profits.
Attack Attribution
This is the third and final blog in my series on victimology. Now that we have a relatively decent baseline, we can start to compare other spear phish attacks to these to see if we’ve been targeted previously by this attacker.
Timeline Analysis to Identify Campaign Attacks
Building from our previous spearphish investigation, let’s continue to dissect the robertwanger [at] aol.com spearphish attacks.
#WheresTQRhino at Black Hat USA
In a few days, security professionals from all over the globe will travel to Las Vegas for what is known in the industry as “Hacker Summer Camp”: Black Hat USA
Victimology: Target Association
In a previous life, I managed two SOCs with 40+ analysts each, where a large component of the team was dedicated to threat intelligence, more specifically victimology.
Need Some Tips on TIPs?
As you look to establish your own threat intelligence operations and select a threat intelligence platform company to partner with, you need to make the best decision for your organization.
Linking-Up to Strengthen Threat Operations in Australia
Just two months ago, ThreatQuotient announced its expansion into Central Europe and the Asia-Pacific region with the aim of bringing our globally recognized technology and solutions to markets around the world.
How ThreatQ Helps Analysts Become the “Go To” Source for Threat Intelligence
The recent SANS 2018 Cyber Threat Intelligence Survey finds that 81% of cybersecurity professionals see value in threat intelligence. But are they getting the full value?
The Advisor’s Workbench
In my last blog, I talk about some of the changes and opinions I see in the market and started a discussion around a label and a definition of a role that while new, someone is already performing within security organizations today.
Moving to the Cloud? Buckle Up!
What seems like a million years ago, before “real” password management and Active Directory, user passwords were stored locally on each device itself.
