4 hours 42 minutes
Now let's move to the third type and final type off. Private data sources.
Threat Intelligence Platforms Threat Intelligence platform is defined as a piece of software or providers portal typically developed by security vendor,
which which organizes one or more feeds into single stream off threat intelligence
and that you can use in order to get alerts and medically data.
Most of these platforms offer a set of benefits. Let looks like this.
They combine thousands off feeds into single location. They enable you to receive alerts and real times. They can normalize feeds, feed data. They remove duplicates, enable users, said Truls et cetera. They can be integrated with some solution or firewalls, et cetera.
They can create reports,
and some off. The platforms can also include a feature off sandbox. Here is an example anomaly threat stream platform. Now, when it comes to advantages and disadvantages off these platforms
Ah, let's start with advantages are these platforms offer indicators with context and actionable indicators?
They are useful for enrichment.
They can aggregate multiple feeds and sometimes even finished intelligence or narrative based reports,
and they can have multiple integrations, including most known, some solutions.
However, these platforms are really expensive, especially if the include their own premium feats are collected from closer data sources
and like we've done for the other types of private data sources here I choose some examples like insights recorded future eclectic like you threat Kocian ce ultra from NC four and normally Threat Stream and true Star.
These, as always, are no
Onley providers within the marketplace, and these are not the best solutions. These are platforms that I am family. Or if this is why I choose to mention these are examples,
that's all for this lesson. Overall private threat sources are important investment for any organizations. Security poacher
in this video we've seen are the difference between the three types of private data sources. Ah, the Finnish intelligence, the threat intelligence feeds and the threat. Intelligence platforms with also discussed their advantages and their disadvantages.
We've also mentioned some example off vendors available on the market place,
and now it's up to you to discover what's the best option for your organization.
This doesn't mean that you have to truth now the most appropriate solution for your use case because we've only seen one type off external data collection sources
and, uh, I highly recommend watching the next video about the second type off external later sources, which is community sources,
because I believe it might be, in some cases, more suitable for your organization. So I will see you there.
MITRE ATT&CK Defender™ (MAD) ATT&CK® Cyber Threat Intelligence Certification Training
Analysts and researchers gain hands-on instruction directly from MITRE’s experts in this MITRE ATT&CK Defender™ ...
3 CEU/CPE Hours Available
Certificate of Completion Offered
SOC Analyst I Workrole Assessment
The SOC Analyst I Workrole Assessment covers fundamentals SOC I skills such as incident response, ...