Articles on Threat Intelligence

Below are my perspectives on Threat Intelligence, drawn from my work as a security leader and practitioner.

• Threat Intelligence A Report Template for Cyber Threat Intelligence
  Cyber threat intelligence analysts produce credible reports by weighing signals at tactical, operational, and strategic levels. A customizable CTI report template helps analysts capture activity,...
• Threat Intelligence Six Signals for Threat Attribution
  Credible threat attribution weighs six signals together. Each signal has a disciplined methodology behind it, with citations and stress tests to back the conclusions.
• Threat Intelligence How You Can Write Better Threat Reports
  Writing about cybersecurity threats requires deciding what details to include, demonstrating sound analysis, and addressing multiple audiences. A rating sheet checklist can help ensure threat reports...
• Threat Intelligence Anticipating Cyber Threats Beyond APT
  Organizations that experienced APT attacks years ago may offer insights into threats that will eventually reach other companies. Predicted trends include greater use of purchased exploits,...
• Threat Intelligence When Indicators of Compromise (IOCs) Entered the Mainstream Enterprise
  Indicators of Compromise (IOCs) are custom, incident-specific signatures that organizations use to detect attacker artifacts. Mandiant popularized the term around 2007, and by 2013 the concept gained...
• Malware Analysis A Report Template for Malware Analysis
  A malware report is only as useful as readers' ability to find in it what they need. This customizable template organizes the findings into a coherent structure, so a responder, a manager, or a...