4 hours 42 minutes
Hello and welcome to this third lesson integration and storage. An important part off data processing. In this lesson, we will discover together how crucial is storing and integration off indicators in cyber threat intelligence context.
After collecting data from multiple sources, this data goes through multiple steps. Off processing
and output information should be conservative to be consumed in the future. This process it data could also be integrated with security products that are used within the company.
Keep in mind that most of the threat intelligence platforms, although all processing stages by the same software.
But you can create your own tools to integrate your output information into your security tools.
Now let's see how important is storing off indicators the final stage of data processing East storage. After all of the data is processed, it is then start for future use, including temporal analyzes and campaign analysis.
Why is some information maybe,
but to use immediately? Much of it will serve a purpose later on. Plus,
properly stored data is a necessity for compliance with data protection legislations like to DPR. When data is probably start, it can be quickly and easily accessed by members off the organization when needed. When it comes to integration, integration is a key requirement
for cyber threat intelligence
because actionable indicators need to find a way back into your security devices and products that are used within your organization.
And here is a recommendation. Please avoid integrating non created or non vetted feeds into your active security devices because it is going to generate a lot off noise and lot off alerts. For your analysts,
this video was a quick lesson to introduce the importance off storage of process it data and importance off integration off actionable indicators within your infrastructure.
In the next video, we'll cover also another important part off cyber threat intelligence, which is a threat intelligence platforms.