Creating a Shared Reality - Ad-hoc Intelligence Collection for Emerging Threats

May 25, 2021

This talk is built from the background of how the EIM practice rapidly collected and consolidated threat intelligence from myriad sources following the Solarwinds supply chain attack disclosure and applied that intelligence to support our clients. I want to show other security teams how they can take advantage of many disparate sources of information and consolidate them quickly to inform leaders, develop threat hunting packages, and ensure that the security team maintains situational awareness as they face a new and unexpected threat, even if they don't have a formal intelligence program or the funds for paid sources.