Overview
Discover how to create genuine threat intelligence using Evernote in this 58-minute conference talk from BruCON 0x07. Explore the concept of threat intelligence, learn valuable lessons, and understand why building your own system is preferable to buying one. Delve into specific requirements, background information, and the importance of data-driven feeds. Gain insights into task management, the GTD methodology, and the current threat intelligence market. Examine the Pyramid of Pain and its relevance to your organization. Learn how to leverage Evernote for open-source intelligence gathering, data collection, and information sharing. Explore various sources, techniques for importing data into Evernote, and effective search strategies. Conclude with future ideas and tips for managing quality in your threat intelligence efforts.
Syllabus
Introduction
Testing
Disclaimer
What is Threat Intelligence
Lessons Learned
Build Before You Buy
The Problem
Specific Requirements
Background
Google Reader
Datadriven feeds
Task management
Secret weapon
GTD methodology
Threat Intel market
The Pyramid of Pain
The Circle
This is your organization
Take it in house
Evernote
Open Source Intel
Sources
Getting Data into Evernote
Recipe Title
Information Sharing
Search
Requirements
Future Ideas
Conclusion
Managing Quality
Taught by
BruCON Security Conference