Through the Eyes of the Adversary - How to Build a Threat Intel Program

Discover how to build an effective threat intelligence program from the adversary's perspective in this 29-minute RSA Conference talk. Learn to visualize conflicts with adversaries, dissect crucial information about threats, and conduct intelligence across various capability areas. Explore best practices, understand different types of threat intelligence stakeholders, and design a team to serve organizational needs. Examine two scenarios: a financially motivated eCrime actor conducting a ransomware attack and a nation-state actor performing espionage against a pharmaceutical company. Gain insights from CrowdStrike experts Scott Jarkoff and Jason Rivera on empowering your cybersecurity efforts with a focused, purpose-driven threat intelligence approach.

Intro
All conflicts between ourselves and the adversa visualized as a function of three components
Let's dissect that exact information we want to understand about the adversary
How do we conduct threat intelligence in each capability areas?
What are some of the best practices & common
There are generally three different types of thre intelligence stakeholders
The Threat Intelligence team should be designe serve the organization's stakeholders
Scenario 1: A financially motivated eCrime actor to conduct a ransomware attack
Scenario 2: A nation-state actor with intent to a espionage against a pharmaceutical company
In summary, we talked about the following