More on Threat Intelligence Feeds
ATT&CK techniques detected
T1041Exfiltration Over C2 Channel
67%
“terms to describe technology end up becoming buzzwords used by vendors to sell more products – this definitely seems to be the case with threat intelligence. to me there are two categories. the first is atomic indicators of compromise ( iocs ). these are things that cannot be bro…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1566.001Spearphishing Attachment
30%
“out and become involved with security analyst communities that analyze and share information specific to your industry. these groups do exist, and data that you get from the analysts that contribute to the intelligence will have more context than a feed from a vendor serving ever…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
Derek Banks // John’s hating on threat intelligence feeds post got me thinking. As a former blue team member that is now solidly purple team, I do not hate threat intelligence […]
The post More on Threat Intelligence Feeds appeared first on Black Hills Information Security, Inc..