Threat Data vs. Threat Intelligence

March 3, 2016
By
Intel Analysis

Following up on our post the other day, we found this great example of the difference between threat data (as in all those “feeds” with indicators) and threat intelligence on Black Hills’ security blog. Basically intelligence is data with context. Creating intelligence from data often involves understanding each indicator within the larger narrative of...
Read more »

The Threat Intel Market … Exposed

March 1, 2016
By
SOC Analyst Candidates

Saw this post today over on CSO Online very accurately describing what is going on in today’s world of threat intelligence. Put bluntly … most vendors are not selling threat intelligence. Instead I would call it threat data, which lacks the context needed to be considered intelligence. Without context its difficult for an organization...
Read more »

Where You Want to Be This Week for 2-29-16

February 28, 2016
By
meetup

Where do you want to be this week? Now you’ll always know with our “Where You Want to Be This Week” feature, which will tell you about infosec meetups happening in your local area as of Sunday night. If you would like your event listed in our Calendar and in this post, let us know through our Submit Event form...
Read more »

Weekly Rewind – Threat Intel Book, Gov Threat Indicator, Jedi Passwords & More…

February 26, 2016
By
Get caught up on this week's posts with Weekly Rewind

Welcome to another edition of our Weekly Rewind – where we summarize all our posts from the last week. The top stories this week were 3) “Even Jedi Use Weak Passwords”, 2) “New Gov Threat Indicator Sharing Guidelines Released” and 1) “New Threat Intel Book”. If you missed anything or happened to be offline,...
Read more »

Will Sharing Cyberthreat Information Help Defend the US?

February 26, 2016
By
Information Sharing

The recent government release of information sharing guidelines reminded me of a post @taosecurity did a while back where he takes a stab answering this question. As usual in infosec … “it depends” is the answer. Still, it’s a great read to see how things have evolved over the past year from the original...
Read more »

New Gov Threat Indicator Sharing Guidelines Released

February 25, 2016
By
DHS

Fresh off the recent passing of the Cybersecurity (Information Sharing) Act of 2015, DHS and DOJ have issued guidance on the sharing cyber threats information. The first publication describes how non-federal entities should share indicators and countermeasures with federal entities in order to gain the legal protection granted by CISA. The second one addresses...
Read more »

New Threat Intel Book

February 24, 2016
By
Intelligence Driven Incident Response

This forthcoming book, titled Intelligence-Driven Incident Response: Outwitting the Adversary, looks to be an interesting read to add to your wish list for anyone interested in getting into, or furthering their threat intel work. Kudos to Kyle Maxwell (@kylemaxwell) and Scott Roberts (@sroberts) for getting something like this out. Too bad the Cyber Kill...
Read more »


About Us

Founded in 2008, NoVA Infosec is dedicated to the community of Metro DC-based security professionals and whitehat hackers involved in the government and other regulated verticals. Find out more on our About Us page.