Home Security Cisco: Operationalizing Threat Intelligence to Strengthen Defenses

Cisco: Operationalizing Threat Intelligence to Strengthen Defenses

0
Cisco: Operationalizing Threat Intelligence to Strengthen Defenses
0

Many pieces of forensic evidence come into play when investigating a crime scene – analysis of fingerprints, DNA, shoe prints, videos/photos, ballistics, etc. By analyzing the data, a picture of the crime emerges, which in the case of a serial killer often includes his or her MO or method of operation.

In the cyber world, analysts do the same thing. They analyze indicators of compromise (IoCs) or observables as they are often called – IPs, domains, URLs, hashes, etc. Pieces of information that describe an incident that has already happened. Many cyber criminals reuse tactics and techniques that produce the same observables and therefore create a pattern that can be used to detect and prevent future attacks by the same actors.

Many analysts extract the observables from the investigation to create blacklists or pattern-based signatures containing hundreds of observables of the same type, however, these “simple” lists are prone to false positives and can generate volumes of generic threat alerts. These must be manually reviewed and can overwhelm security teams, putting effective security at risk.

Read the entire article here, Operationalizing Threat Intelligence to Strengthen Defenses

via the fine folks at Cisco Systems.

Categories:
Cisco Cisco is the worldwide leader in IT that helps companies seize the opportunities of tomorrow by proving that amazing things can happen when you connect the previously unconnected.

Featured Resources:

Related Articles:

| LATEST FEATURED RESOURCES

White Papers

    Application Lifecycle Management with Stratusphere UX – White Paper

    Enterprises today are faced with many challenges, and among those at the top of the list is the struggle surrounding the design, deployment, management and operations that support desktop applications. The demand for applications is increasing at an exponential rate, and organizations are being forced to consider platforms beyond physical, virtual and cloud-based environments. Users […]

    Downloads

      Download Commvault VM Backup and Recovery: end-to-end VM backup, recovery and cloud management

      Commvault’s ability to provide end-to-end VM backup, recovery and cloud management creates a significantly better way to build, protect and optimize VMs throughout their lifecycle. Our best-in-class software for VM backup, recovery and cloud management delivers a number of significant benefits, including: VM recovery with live recovery options; backup to and in the cloud; custom-fit […]

      On-Demand Webinars

        What’s Going on in EUC Printing – A Technical Deep Dive!

        The IGEL Community and ThinPrint invite you to watch the following technical deep dive webinar. The agenda is to technically bring you up to speed on what’s going on in the EUC Printing space today along with a deep dive into new methods, technologies, printing scenarios and a discussion on why printing still matters. You […]

        Latest Videos

          Views All IT News on DABCC.com
          Views All IT Videos on DABCC.com
          Win big $$, visit ITBaller.com for more info!

          Visit Our Sponsors

          Close