Cyber Threat Intelligence SIG

Goals/Deliverables

1. Workshop on Threat Intelligence - collating a common FIRST view of threat intelligence
2. Briefing Paper – Using Threat intelligence to Support Incident Response
3. Creation of a FIRST wide common body of knowledge (CBK) on Threat Intelligence
   1. Definitions of commonly used terms and terminology
   2. Collate list of Open Source Threat Intelligence Tools that can be used by Threat Intelligence Teams
   3. Glossary Collate list of Cyber Threat Intelligence Feeds and sources
   4. Description of methods, models and techniques
4. We are considering training modules as an output. There is a severe lack of training in this area at present.
5. Stock slide-deck for FIRST members to present the topic of Threat Intel to their executive management

Chairs

• Krassimir Tzvetanov
• Hendrik Adrian
• James Chappell

Member section

Experience in the commercial or government space relevant to the SIG mission and at discretion of the chairs.

Mailing list

• cti-sig@first.org
  (subscribers only, please send requests to join to first-sec@first.org)

  Request to Join

• Cyber Threat Intelligence SIG
  • Curriculum
    • Introduction
    • Introduction to CTI as a General topic
    • Methods and Methodology
    • Source Evaluation and Information Reliability
    • Threat Modelling
    • Training
    • Standards
    • Glossary