Top 10 Threat Intelligence Resources to Follow
Access to timely cyber threat intelligence is widely acknowledged as a crucial protection tactic in our dynamic cyber threat scenario. As a result, there has been an explosion of prospective information sources providing incredible data. The objective is to develop a program for your organization that is both controllable and successful.
Therefore, you need to minimize your threat intelligence sources. In this post, we’ve compiled the top 10 credible threat intelligence resources for your organization.
The Cybersecurity and Infrastructure Security Agency (CISA) releases vary from updates on recent patches from various vendors to in-depth analyses of malware and threat actors. Additionally, their Known Exploited Vulnerabilities Catalogue is likely the most significant update to Vulnerability Management in recent memory. CISA mainly targets an American audience. However, it is worthwhile to follow them regardless of location since this site provides immediate access to information about vulnerabilities and worldwide news regarding IOC and APT organizations.
DarkReading is a fantastic community forum for Information Week. It is a source of both actionable, real-time threat information and knowledge-building material.
A website that provides the newest news from the dark web.
3- SANS Internet Storm Center
The ISC depends on unpaid volunteers to uncover issues, assess threats, and distribute technical and procedural information to the public. Thousands of sensors compatible with most firewalls, intrusion detection systems, home broadband devices, and practically all operating systems continuously collect data on undesired Internet traffic.
These devices feed the DShield database, where human volunteers and robots comb through the data in search of anomalous behavior and patterns. The resultant analysis is published on the ISC’s main website, where it may be automatically obtained by simple programs or viewed in near real-time by any Internet user.
The ISC offers free analysis and warning services to tens of thousands of Internet users and companies and actively collaborates with Internet Service Providers to repel the most destructive attacks.
4- Red Canary
Red Canary’s blog is distinctive in many ways. Their “Better Know a Data Source” series is one of the most distinctive in the business, and we could all use more of it. In addition, their Monthly Intelligence Insights include “Detection Opportunities” that you can quickly test in your preferred SIEM.
Krebsonsecurity is an excellent resource for senior executives and other managers who are new to cybersecurity. This blog is written by an investigative journalist and covers some of the day’s top news.
Microsoft’s security blog is primarily consistent with what one would anticipate from a company of its scale. Although their evaluations are less frequent than those of other sources, they are just as comprehensive. Microsoft’s official publication for current vulnerability and mitigation advice.
CrowdStrike is one of the largest organizations concerning threat intelligence. Their blog covers the latest news in the cyber security world.
Mandiant releases detailed technical analyses of malware and threat actors and have among the industry’s tightest attribution standards. This implies that you may anticipate reading about many Uncategorized (UNC) groups before Mandiant merges them into new or existing APTs.
9- Cisco Talos
Talos is most likely the most dependable (in terms of update frequency) non-member source for high-quality evaluations.
Cisco Talos Intelligence Group is one of the world’s biggest commercial threat intelligence teams, with researchers, analysts, and engineers of the highest caliber.
These teams are backed by unequaled telemetry and advanced technology to provide accurate, timely, and actionable threat information for Cisco customers, products, and services.
Talos protects Cisco clients against known and developing attacks, identifies new software vulnerabilities, and intercepts threats in the wild before they can do additional damage to the internet as a whole.
The Internet Crime Complaint Center (IC3), a part of the FBI, collaborates extensively with the CISA mentioned above. Therefore, adhering to CISA should cover the vast majority of FBI publications, with a few exceptions. The primary disadvantage is that the IC3 website lacks a native RSS feed, making it less simple to follow than CISA.