One of the challenging thing in IoC aggregation is to match all IoCs connected to one specific threat with each other due to different malware synonyms used by TI experts. Read about algorithm used by RST engine here: https://medium.com/@rst_cloud/8-steps-to-normalise-naming-of-cyber-threats-and-related-entities-817730361217
While protecting digital data, experts are faced with the need to know up-to-date information about cyber threats. This kind of data keeps you up in the arms race with a technically advanced cyber attacker. The role of the Cyber Threat Intelligence (CTI, TI) process began to grow rapidly in 2018 and is now one of…
Your network perimeter protection solution will be able to recognise risky connections or downloads and either detect or prevent them if it has the most recent information about malicious resources. Where does an NGFW get information about up-to-date malware and its indicators of compromise (IoC)? Most of the time, they come as part of periodical…
