On this episode of Defense in Depth, you’ll learn:

  • Threat intelligence is about telling a story. And that story is broken up into three parts: strategic, operational, and tactical intelligence. Threat intelligence today really isn’t about creating that story. Most of the cases are about correlating data points.
  • Threat intelligence becomes stale when you are reactionary vs. being proactive.
  • Threat intelligence fails when you don’t mix multiple intelligence points to form a more complete full story of your adversaries.
  • Feeds are not valuable by themselves. When you combine it with your internal data, that’s when you could actually come up with something actionable.
  • If you’re not ingesting and onboarding your data appropriately into your internal threat intelligence team, why do you even have it?