The book includes insights from the following experts:
- Mark Alba, Chief Product Officer, Anomali
- Alex Attumalil, Deputy CISO, Leading Sportswear Manufacturer
- Christopher Russell, CISO, tZERO Group
- Troy Rydman, CISO and VP of Cybersecurity, Fast.co
- Chris Thompson, CISO, Leading Home Remodeling Company
- Genady Vishnevetsky, CISO, Stewart Title
- Bob Fabien “BZ” Zinga, Head of Information Security, Directly
7 Experts on Threat Frameworks was generously sponsored by Anomali.
We may live in the golden age of information but, like too much of any good thing, information without context can be counterproductive.
Early attempts at instituting intelligence focused on identification and classification of discrete bits of data and making them actionable. IP addresses, domain names, file extensions, and file hashes all found their niches in defense in depth.
Threat intelligence feeds of indicators of compromise (IOCs) remain a vital component in this arsenal, but your adversaries have learned and adapted: They are keenly aware of how to defeat simple defenses. You have blocked an IP address? They rent a botnet. Blocked a domain name? They buy cheap, disposable names. Blocked a file extension or file hash? They pack and encrypt their files.
Hopeless? Hardly. Thankfully, countless hours have gone into devising ingenious frameworks that extend and expand our classification capabilities. MITRE ATT&CK, the newcomer threat intelligence framework, has fast become the most popular in large part because of its vast technical breadth and depth. Analysts can quickly gain a visual understanding of where they stand and what steps to take next.
This ebook describes the major threat frameworks, existing pain points, and opportunities, with steps to integrate and operationalize them into your security program so that you can grow the capability for more proactive, prescriptive, and predictive actions.