Live at 9 AM PST 11/25/2020
In the realm of cyber security, traditional threat intelligence is largely based on a retrospective analysis of observed breaches and malware campaigns, the associated modus operandi of attackers (characterised by ‘Indicators of Compromise, or IOCs) and the observed impact of the attack. However, the fast-paced and volatile nature of the threat landscape demands a paradigm shift in how enterprises obtain and leverage threat intelligence in order to deliver the protection that the business needs. Using Cloud Pak for Data, this session will show how we can leverage semantic analysis in threat intelligence to better understand the organisational context and enrich available organisational data based on Tactics, Techniques and Procedures. Moving away from the historical Indicators of Compromise approach, TTP-based threat intelligence (augmented by machine learning), enables enterprises to transform their security posture into a dynamic and pro-active approach that plays a vital role in reinforcing the organisation’s cyber defence capabilities against increasingly sophisticated attacks.