Tweetchat about Threat Intelligence: The Final Analysis

May 18, 2015 | Javvad Malik
X

Get the latest security news in your inbox.

Subscribe via Email

No thanks. Close this now.

Twitter can be both an extremely fun and infuriating medium to communicate via. Limited to 140 characters, one has to resort to creative ways to make a point succinctly.

Last week, we thought we’d kick the proverbial hornets nest with a tweet chat on the topic of threat intelligence. As expected, the conversation flowed fast and furious and often down many rabbit holes; continuing long after the hour we had set aside for the chat.

Here are some of the highlights of our favourite comments:

Ali-Reza Anghaie fired off a rapid succession of tweets that he seemingly had queued up and saved for this precise moment in time

Wendy Nather chimed in with her viewpoint


@krypt3ia

And then we were off to the races. Quentyn Taylor felt the reputation of a threat intel provider was of importance when deciding on the quality of the feed.

Gabe touched upon the oft-mentioned aspect of context.

On a more technical level, Alex Pinto felt that the sources of threat intel data was of great importance.

Ian Amit touched on the importance of threat intel needing to be relevant to a company’s own threat model. Adding weight to Gabe’s earlier comment about the data needing to be contextually relevant.

Dr. Kryptia lamented the disproportionate focus put on APTs (advanced persistent threats) versus the basic threats which more common attack

Our own Jaime Blasco shared his thoughts on the question as to the importance of incorporating threat intelligence into an information security program.

On the uses of threat intelligence, Dan Glass reminded everyone that threat intelligence is a program and not a product.

To Dan’s point, AlienVaults’ Andy Manoske clarified the company perspective on IOC’s and threat intelligence.

Dan’s comment also tied into Wendy’s comment that questioned the true nature of indicators of compromise (IOCs) and whether they are just an evolution of signatures used in traditional anti-virus detection technologies.

Ian Amit summed up the sentiment in the only way you can on the internet, via a meme.

Javvad Malik

About the Author: Javvad Malik

The man, the myth, the blogger; Javvad Malik is a London-based IT Security professional. Better known as an active blogger, event speaker and industry commentator who is possibly best known as one of the industry’s most prolific video bloggers with his signature fresh and light-hearted perspective on security. Prior to joining AlienVault, Javvad was a senior analyst with 451 Research providing technology vendors, investors and end users with strategic advisory services, including competitive research and go-to-market positioning.

Read more posts from Javvad Malik ›

‹ BACK TO ALL BLOGS

Watch a Demo ›
Get Price Free Trial