CTI programs live and die by their own tribal knowledge. There is a large capability gap between new programs with small teams and junior analysts, and mature programs with a large team of senior analysts. Ascending the capabilities ladder is arduous and derailed by one or two key departures. We can bridge this gap.For CTI products to provide better value and sustain analyst attrition, the Center and its partners created a new standard for CTI reports. We share a set of templates with prescriptive instructions on what to include and to whom the report should be focused. This talk will also introduce a publicly available suite of tools that will support best practices, automation, and enable dissemination of human and machine-readable reports. raising These capabilities will accelerate production for teams and analysts embarking on building new programs and careers.
In this session, we will:
-Share problems with current CTI production and dissemination identified through stakeholder interviews;
-Describe how our standard and the derived templates address these problems; and
-Demonstrate how you can use the tool suite to create actionable reports.
View upcoming Summits:
SANS Cyber Threat Intelligence Summit 2024
Bridging the Intelligence Divide: Building CTI Blueprints for Value-Based Production
Ross Rustici, Capability Area Lead –Cyber Threat Intelligence, MITRE
Музыка
Фильмы
ТВ Шоу
Категории видео
