Introduction to Manual IOC Management for Threat Intelligence

Hard way or easy way, opposite signs. Two opposite signs against blue sky background.

Threat Intelligence is a popular topic in security circles these days. Many organizations are now utilizing a threat feed that comes bundled with some other security product, such as McAfee’s GTI or IBM’s X-Force feeds. These feeds deliver indicators of compromise (IOCs) to their subscribers. Lots of products, notably SIEMs, have added support for some sort of integration with specific Threat Intelligence feeds or more generic imports via STIX/TAXII. Many shops are now hoping to take advantage of the large number of open source and free intelligence feeds available. Some are even investing in commercial intelligence feeds.

Click here to continue reading