Security Intelligence Sharing

  • ISACS - Information Sharing and Analysis Centers

    • Non-profit

    • Healthcare: h-isac.org

    • Financial sector: fsisac.com

    • Aviation: a-isac.com

    • Federal Government: ms-isac, ei-isac

    • Utilities and critical infrastructure: cisa.gov/critical-infrastructure-sectors

  • Intelligence sharing fits in the dissemination section of the threat intelligence cycle.

    • Risk management and security engineering

      • Upgrade yourself!

      • Choosing the right security controls

      • software development security

    • Incident Response

    • Vulnerability Management - the big picture

      • strategic

      • proactive

    • Detection and monitoring - use it to find threats!

      • Fine tune your defenses

      • avoid false positive

      • false negatives too

      • keep it running and up to date

    • Vulnerability Management Porcess

      • Assign responsibilities

      • Document everything

      • Managment support

      • Inventory

      • Assign risks and prioritize

      • Select the right tools

      • Scan for vulnerabilities

      • Fix ASAP

      • Don't forget about it.

PreviousIntelligence SourcesNextThreat Classification and Threat Actors

Last updated