Threat Intelligence: Music or Noise?

save
Share and earn Cybytes
Facebook Twitter Google+ LinkedIn Email

Threat Intelligence: Music or Noise?

POSTED BY CYRILLE BADEAU

During my college days, I played guitar in a band and it was rarely easy. Practicing in my bedroom so that I could learn how to play the song correctly was difficult, but with time I sounded pretty good. However, delivering that same song in a harmonious way when playing with the entire band was another story. We had to adjust a lot in order to create the perfect sound, and so we spent a lot of time disagreeing on details. Fortunately, we had a strong band leader who was able to make decisions and define a clear direction.

There are a lot of similarities between threat intelligence and the music world. Threat intelligence is made up of multiple, aggregated threat data points (music notes) turned into relevant intelligence for your organization (your own music track). This music track should represent your own way of building and consuming threat intelligence in order to combat the threats that matter most to your organization in a holistic and synchronized way. Each organization should play its own music track and nobody can write it for you. It has to come from your own internal artists, even if they are inspired by others most of the time.

The main challenge today in creating this music track stems from the fact that your musicians are organized in silos (the CSIRT, SOC, Risk Management, Vulnerability Management, Endpoint, Perimeter team, etc.). Each of these teams plays a different instrument what is supposed to add beauty to your music, but they all gather their music sheets from their own sources in various formats and rhythms and start playing without considering the band.

At the end of the day, you get noise and inefficiency.

A Threat Intelligence Platform is designed to aggregate the music notes coming from all available sources (external inspiration and internal touch), ingest all possible music sheets from any format and rhythm, and then turn these raw notes into one unique music track to be played by the entire band with your own arrangements. This music track evolves in real time as relevant threats are a moving target modified daily by your own threat detection and feedback. The Threat Intelligence Platform also ensures that all musicians receive in the real time the specific music sheet they need for their instrument (SIEM, IR Ticketing, Web Proxy, EDR, etc.).

Much like our band leader did for our band back in college, with a threat intelligence platform your band can play harmonious music, efficiently.

 

 

The post Threat Intelligence: Music or Noise? appeared first on ThreatQuotient.

Share this post and earn Cybytes
Facebook Twitter Google+ LinkedIn Email
Follow
76 Followers
About ThreatQuotient
ThreatQuotient™ understands that the foundation of intelligence-driven security is people. The company’s open and extensible threat intelligence platform, ThreatQ, provides defenders with the context, customization and collaboration needed to ensure that intelligence is accurate, relevant and timely to their business. Leading global companies are using ThreatQ as the cornerstone of their threat operations and management system, increasing security effectiveness and efficiency. For more information, visit http://www.threatquotient.com.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel