true
Blog Optimize Sharing Group Intelligence Into Your Security Operations

Optimize Sharing Group Intelligence Into Your Security Operations

R-CISC-webinar

Participating in information sharing groups like ISACs and ISAOs is one of the smartest things your security team can do. They help trusted peers collect and disseminate data that has a higher likelihood of being relevant to your threat investigations.

Most SOC managers or security analysts you talk to today won’t deny the value ISAC/ISAO data could bring to a security operations team… but easily ingesting this data into your existing workflow? That’s a whole different story.

Last week TruSTAR spoke with Retail-CISC members about how to optimize sharing group IOCs into your workflow. Here are the key takeaways.

  • Correlate your ISAC/ISAO reports with open and closed source feeds. Indicators that have the highest correlations help you know what to prioritize in your investigation first.
  • Don't underestimate your historical data. When investigating certain indicators like CVEs and malware strains, seek out correlations with past ISAC/ISAO reports.
  • Automate smartly. Tools like TruSTAR can help you auto-extract indicators from listservs and automate your SIEM workflow, saving your analysts' precious investigation time.

If you’re an R-CISC member, you can view a recording of our webinar here.

Interested in learning more about TruSTAR’s partnerships with ISACs/ISAOs? Click Here.

TruSTAR To Present Blockchain Research Tool At ShmooCon 2019 TruSTAR is headed to ShmooCon 2019! As a follow-on to our blockchain research debut at Black Hat and DEF CON 2018, TruSTAR will present a second ... Read More
IBM & Rackspace Select TruSTAR To Power Unprecedented New Cloud Fraud Exchange Partnership TruSTAR, a leader in cyber intelligence management, has announced a new partnership with IBM and Rackspace to create the Cloud Fraud Exchange, a ... Read More
The Rise of the Enterprise Intelligence Officer - Panel Discussion With Former CIA and AT&T Read More
Rackspace | Finally, a Truly Secure Approach to Threat Intelligence Exchange Finally, a Truly Secure Approach to Threat Intelligence Exchange Read More