Security organizations of all sizes are realizing the increasing value of cyber threat intelligence (CTI). Unfortunately, many teams get "stuck" at one phase and never get the complete value CTI offers. Whether you’re considering which services to purchase, whether to use open threat feeds or looking at integration methods it’s important to remember the final goal: Turning threat intel data into real, actionable information that can help with detection and response.
No matter which stage of CTI implementation or planning you're at, we have some tactical and real-world advice to get your CTI project to completion.
In this webcast, we'll cover the following:
- CTI Planning and Research: What types of threat intelligence should you consider? What sources of threat intelligence make the most sense for you? How can you accurately gauge the effectiveness and quality of a threat intelligence source or provider?
- CTI Implementation: What formats are most useful for CTI feeds and data? What are some best practices for integrating CTI feeds into existing monitoring and correlation tools? Do you need dedicated systems for managing and using threat intelligence data?
- CTI for Security Operations: Now that you have CTI, what are some effective use cases to get value from the data? How can you put that CTI data to good use in daily monitoring, detection, response, and investigation activities in your environment?
Join us for this and more!
Watch It Now!
Director of Solutions Architecture
Joe Schreiber is a Solutions Architect with AlienVault who has been doing IT security since the days of dial–up. With his team at AT&T Managed Security Services, Joe built one of the world's largest SIEM systems, bringing thousands of devices under real time security management and monitoring more than 2 petabytes of network traffic daily. With Joe's insight and experience, this is guaranteed to be an hour well spent.