Threat Intelligence Starter Resources

Uploaded on 2017-05-16 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Creating a threat intelligence capability can be a challenging undertaking, and not all companies are ready for it. Businesses that run successful threat intelligence teams generally:

•    Collect externally available data on threats and correlate it with internal events.
•    Be aware of threats driving proactive security controls.
•    Establish proactive internal hunting for unidentified threats.
•    Invest in employee and customer threat education.
•    Expand security industry peer relationships.
•    Apply methods for collecting and analysing external threat data.

If your company is just starting out with threat intelligence and doesn’t have the time or resources to dedicate an entire department to the task, there are some easy ways to begin integrating threat intelligence into your daily routine without breaking the bank.

The following resources can help build awareness of the threat landscape and prepare your company for defense.

Google Alerts

One of the simplest ways to stay informed of potential threats is setting up Google Alerts. These can be especially useful to monitor attacks or vulnerabilities in your industry. To get the most from Google Alerts, be sure to follow Google search best practices like keeping phrases as short as possible, using quotes, leveraging domain extensions, and avoiding synonyms.

Threat Feeds

If you want to become more proactive in collecting data there are a number of open source threat feeds you can use to stay informed of suspicious IP addresses and domains as a starting point for threat research. For example, abuse.ch provides many feeds, including a ZeuS block list and ransomware tracker, and dan.me contains a full Tor node list that updates every 30 minutes.

Threat Blogs

Being well read is an important habit in life, and doubly so if you’re tasked with defending your company from cyber threats. Here’s a list of some informative blogs that range from general threat intelligence to incident response to geopolitical attacks:

•    CyberWire: Relevant briefings on critical cyber news happening across the globe.
•    Cyber Security Intelligence: Cyber News, Analyse, Directors, Management Reports and a Cyber Database.
•    OODAloop: Articles and analysis on cyber and geopolitical threats.
•    CTOvision: Context for the CTO, CIO, CISO, and data scientist.
•    FireEye: Insights on today’s advanced threats.
•    CERIAS: Articles from strategic thinkers like Gene Spafford and Sam Liles.
•    Dell SecureWorks: Articles focused on incident response and information security.
•    Palo Alto Networks: Articles and research around cyber-crime and vulnerabilities.
•    DomainTools: Content focused on domain data and internet trends.
•    ProtectedBusiness: Tips and techniques for defending your business.
•    Recorded Future: Original threat research and best practices for using threat intelligence.

Threat Reports

While blog posts can keep you informed on daily threat intelligence, sometimes it is necessary to look at an entire quarter or year to get a full view of the threat landscape.

The following cyber threat reports can help you get a grasp on lessons learned and best practices going forward:

•    Checkpoint Security Report: Yearly insights into cyber threats, including malware and botnets.
•    NTT Global Threat Intelligence Report: Analysis of global attack data.
•    Versign iDefense Cyber Threats and Trends: Overview of key cyber security trends.
•    Cisco Midyear Security Report: Threat intelligence and trend analysis report.
•    Symantec Intelligence Report: Annual and monthly intelligence reports.
•    Verizon Data Breach Investigations Report: Incident data from 67 global contributors.
•    Ponemon Institute Cost of Breach Study: Annual report on economics of breach and recovery.
•    CyberEdge Cyber Threat Report: Summary of security threats, response plans, and processes.

Threat Tools

While staying aware of the threat landscape is critical to any company’s threat intelligence strategy, there are some tools that can supplement the data without breaking the bank:

•    Maltego: Data-mining tool renders directed graphs for link analysis and finds relationships between pieces of information from various sources online.
•    Shodan: Search engine allows you to find out which of your devices are directly connected to the internet, where they are located, and if they are being used maliciously.
•    TweetDeck: Social media dashboard (free) that many use to increase their audience on Twitter, can also help companies track multiple twitter handles and add additional security.

For more information and suggestions on commercial cyber security contact Cyber Security Intelligence Ltd

Recored Future:

You Might Also Read:

Turn Threat Data Into Threat Intelligence:

Artificial Intelligence Gives Business Wings:

 

 

« Germany May Go Offensive After Russian Cyber Attacks
Bank Data Breaches Are Up And It's An Inside Job »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

AlgoSec

AlgoSec

The AlgoSec platform enables the world’s most complex organizations to gain visibility, reduce risk and process changes at zero-touch across the hybrid network.

Sucuri

Sucuri

Sucuri have offered holistic website security solutions since 2008 including malware removal, malware monitoring and website protection services.

Johnson Controls International

Johnson Controls International

Johnson Controls is a global diversified technology company with a focus on smart cities, energy, infrastructure and transportation including the security of automation and control systems.

CyberInsureOne

CyberInsureOne

At CyberInsureOne, we break down the complex world of cyber insurance, and connect you with providers that can give you and your company peace of mind.

Armenia Startup Academy

Armenia Startup Academy

Armenia Startup Academy is a pre-acceleration program for selected Armenian tech companies and startups in areas including cybersecurity.

LTIMindtree

LTIMindtree

LTIMindtree is a new kind of technology consulting firm. We help businesses transform – from core to experience – to thrive in the marketplace of the future.

Edgile

Edgile

Edgile is the trusted cyber risk and regulatory compliance partner to the world’s leading organizations, providing consulting, managed services, and harmonized regulatory content.

Exterro

Exterro

Exterro is a leading provider of e-discovery and information governance software specifically designed for in-house legal, privacy and IT teams at Global 2000 and Am Law 200 organizations.

Viettel Cyber Security

Viettel Cyber Security

Viettel Cyber Security is an organization under the Military Telecommunication Industry Group, conducting research and developing information security solutions for domestic and foreign customers.

CyberCatch

CyberCatch

CyberCatch provides an innovative cybersecurity Software-as-a-Service (SaaS) platform designed for SMBs.

Network Perception

Network Perception

Network Perception proactively and continuously assures the security of critical OT assets with intuitive network segmentation verification and visualization.

McAfee

McAfee

McAfee is a worldwide leader in online protection. We’re focused on protecting people, not devices. Our solutions adapt to our customers’ needs and empower them to confidently experience life online.

HADESS

HADESS

We are "Hadess", a group of cyber security experts and white hat hackers.

Delta Partners

Delta Partners

Delta Partners is a venture capital firm investing in Ireland and the United Kingdom with a strong focus on early stage technology companies.

CyberSG TIG Centre

CyberSG TIG Centre

CyberSG TIG Centre aims to propel Singapore as the world’s premier cybersecurity innovation hub for economic growth.

DeepTempo

DeepTempo

At DeepTempo, we build AI models and related software that protect enterprises and service providers from sophisticated cyber threats.