Creating a threat intelligence capability can be a challenging undertaking, and not all companies are ready for it. Businesses that run successful threat intelligence teams generally:
For more information, read our white paper on building an advanced threat intelligence team.
Now, if your company is just starting out with threat intelligence and doesn’t have the time or resources to dedicate an entire department to the task, there are some easy ways to begin integrating threat intelligence into your daily routine without breaking the bank.
The following resources can help build awareness of the threat landscape and prepare your company for defense.
One of the simplest ways to stay informed of potential threats is setting up Google Alerts. These can be especially useful to monitor attacks or vulnerabilities in your industry. To get the most from Google Alerts, be sure to follow Google search best practices like keeping phrases as short as possible, using quotes, leveraging domain extensions, and avoiding synonyms.
If you want to become more proactive in collecting data there are a number of open source threat feeds you can use to stay informed of suspicious IP addresses and domains as a starting point for threat research. For example, abuse.ch provides many feeds, including a ZeuS blocklist and ransomware tracker, and dan.me contains a full Tor nodelist that updates every 30 minutes.
Being well read is an important habit in life, and doubly so if you’re tasked with defending your company from cyber threats. Here’s a list of some informative blogs that range from general threat intelligence to incident response to geopolitical attacks:
While blog posts can keep you informed on daily threat intelligence, sometimes it is necessary to look at an entire quarter or year to get a full view of the threat landscape. The following cyber threat reports can help you get a grasp on lessons learned and best practices going forward:
While staying aware of the threat landscape is critical to any company’s threat intelligence strategy, there are some tools that can supplement the data without breaking the bank:
Source: www.recordedfuture.com