1. Moscone West 3018

“Doing” threat intelligence is important—but doing it right is critical. We have been using threat intelligence for many years as part of the SOC, incident response and threat hunting teams; these are some of the use cases that have mastered it. Applying threat intelligence outside of these use cases is where it can get problematic. This is where the LEAD framework comes in play.

Pre-Requisites: General understanding of threat Intelligence concepts and principals, security orchestration and automation. Working knowledge of SIEMs architecture,Threat Hunting and Security Operations principals and concepts.

Download pdf