Cyber Threat Intelligence SIG
Mission
To define Threat Intelligence in the commercial space. To discuss common applications of threat intelligence capability with a view to agree best practice in the context of supporting effective digital forensics and incident response (DFIR) operations.
Goals/Deliverables
- Workshop on Threat Intelligence - collating a common FIRST view of threat intelligence
- Briefing Paper – Using Threat intelligence to Support Incident Response
- Creation of a FIRST wide common body of knowledge (CBK) on Threat Intelligence
- Definitions of commonly used terms and terminology
- Collate list of Open Source Threat Intelligence Tools that can be used by Threat Intelligence Teams
- Glossary Collate list of Cyber Threat Intelligence Feeds and sources
- Description of methods, models and techniques
- We are considering training modules as an output. There is a severe lack of training in this area at present.
- Stock slide-deck for FIRST members to present the topic of Threat Intel to their executive management
Chairs
- James Chappell
- Krassimir Tzvetanov
Member section
Experience in the commercial or government space relevant to the SIG mission and at discretion of the chairs.
Mailing list