Blog

Thanks for stopping by and checking out our blog. Please feel free to share your knowledge, experience, and other tips, tricks, comments on the blogs. They’ll be reviewed for professionalism and posted accordingly.

When and How to Hire a Threat Intelligence Analyst

WHEN… Threat Intelligence has become the latest marketing buzzword, often abused and misused in an effort to impress a customer base. So, when do you need threat intelligence and when is the right time to hire someone to “provide customers” with threat intelligence? Well, you should never hire someone specifically

Read More »

Outlining a Threat Intel Program

(estimated read time 27min) For new readers, welcome, and please take a moment to read a brief message From the Author. Executive Summary I recently crunched the high level basics of setting up a threat intelligence (abbreviated as Threat Intel) program into a 9-tweet thread, which was met with great appreciation

Read More »

Three Myths About Threat Intelligence

For new readers, welcome, and please take a moment to read a brief message From the Author. 1. Threat intelligence is something you should provide your customers If threat intelligence products are not your flagship product or primary business function, then threat intelligence is not something you should provide as

Read More »

OSINT Data Sources: Trust but Verify

Thanks to @seamustuohy and @ginsberg5150 for editorial contributions For new readers, welcome, and please take a moment to read a brief message From the Author.  This article’s primary audience is analysts however if you are in leadership and seek to optimize or maximize the analysis your threat intelligence program is producing

Read More »

Hacking Critical Infrastructure

For new readers, welcome, and please take a moment to read a brief message From the Author. Please accept my apologies in advance if you were hoping to read about an actual technical vulnerability in critical infrastructure or the exploitation thereof. Today we discuss a plausible strategic cby3r threat, and

Read More »

People Search Sites – Erase Me Please

The good folks over at Divine Intel (Twitter @divineintel) asked to borrow a little space on my blog as they are still getting their website set up. They’ve recently tweeted 21 URLs where you can go to submit requests to have your information removed from the people search sites, and

Read More »

Phishing the Affordable Care Act

Recently, while working on a project I was asked to gather some information on Blue Cross Blue Shield (BCBS) and something scary began to unfold.  I noticed that states have individual BCBS websites, and that there is no real consistency in the URL naming convention.  Then I began imagining the

Read More »

Strategic Threat Intelligence in the Digital Realm

Thank you @Ngree_H0bit and @TXVB for your editorials on this blog. Imagine if someone walked up to your job, and fired an automatic weapon at the building or detonated a bomb in the lobby. Then the police showed up the conversation went like this: LEO: “Did anyone die or get

Read More »