Explore the evolution of cyber threat intelligence and its impact on Security Operations Centers (SOCs) in this 37-minute Black Hat conference talk. Delve into the challenges posed by the exponential growth of malicious indicators of compromise (IOCs) and learn about the revolutionary solution: the threat intelligence library. Discover how this new technology enhances SOC battle rhythm, improves operational efficiency, and streamlines the process of discovering, ingesting, analyzing, and responding to threat intelligence. Gain insights from a large defense industrial base SOC, examine IOC overlap by source, and evaluate various tools for managing threat intelligence. Benefit from valuable implementation lessons learned and understand the critical role of threat libraries in dismantling adversarial assaults in modern cybersecurity landscapes.
Overview
Syllabus
Intro
Detection Evolution
SOC Battle Rhythm
Threat Intelligence Library
Threat Intelligence Library Players
Threat Intelligence Providers
Overlap
Whos Getting Me
Timeline Analysis
Open Source
Conclusion
Questions
Taught by
Black Hat