Reading the Tea Leaves - A Comparative Analysis of Threat Intelligence

Explore a critical analysis of threat intelligence data feeds in this 20-minute conference talk from USENIX Security '19. Delve into the limitations and challenges of using existing threat intelligence for cybersecurity defense. Learn about newly defined metrics for characterizing threat intelligence data feeds and their application in assessing various public and commercial sources. Examine issues of coverage and accuracy through external measurements, and understand the implications for the computer security industry. Gain insights into the global market, data collection methods, qualitative metrics, and differential contribution of various sources. Conclude with a discussion on the comprehensiveness of current approaches and strategies to minimize potential vulnerabilities in threat intelligence utilization.

Introduction
What is Threat Intelligence
Indicator of Compromise
The Global Market
Data Collection
Metrics
Qualitative metrics
Differential contribution
Intersection rate
Sources
Extract
Coverage
Conclusions
Questions
Is this comprehensive enough
How to minimize the potential force