Cyber Threat Intelligence SIG
To define Threat Intelligence in the commercial space. To discuss common applications of threat intelligence capability with a view to agree best practice in the context of supporting effective digital forensics and incident response (DFIR) operations.
- Workshop on Threat Intelligence - collating a common FIRST view of threat intelligence
- Briefing Paper – Using Threat intelligence to Support Incident Response
- Creation of a FIRST wide common body of knowledge (CBK) on Threat Intelligence
- Definitions of commonly used terms and terminology
- Collate list of Open Source Threat Intelligence Tools that can be used by Threat Intelligence Teams
- Glossary Collate list of Cyber Threat Intelligence Feeds and sources
- Description of methods, models and techniques
- We are considering training modules as an output. There is a severe lack of training in this area at present.
- Stock slide-deck for FIRST members to present the topic of Threat Intel to their executive management
- Krassimir Tzvetanov
- Hendrik Adrian
- James Chappell
Experience in the commercial or government space relevant to the SIG mission and at discretion of the chairs.