How You Can Write Better Threat Reports

Writing about cybersecurity threats, such as phishing campaigns, malware infections, and attack groups, is challenging for many reasons. How should you decide what details to include? How can you persuade the readers that your analysis is sound? How might you address the needs of multiple audiences?

I’m happy to share what I’ve learned over the years about writing effective threat reports in the following 36-minute video. These tips draw upon the advice I share in my Cybersecurity Writing course, which you can take online from SANS Institute.

In addition, to help you decide what information the readers of your threat reports want to see, I prepared a Rating Sheet for the Right Information: Threat Reports. You can use it as a checklist to make sure you’ve included the necessary details about the threat in your reports.

Updated

About the Author

Lenny Zeltser develops products and programs that use security to achieve business results. He is the CISO at Axonius and Faculty Fellow at SANS Institute. Lenny has been leading efforts to establish resilient security practices and solve hard security problems for over two decades. A respected author and practitioner, he has been advancing tradecraft and contributing to the community. His insights build upon real-world experience, a Computer Science degree from the University of Pennsylvania, and an MBA degree from MIT Sloan.

Learn more