What Threat Intelligence Platform/TIP do you use & Why?
That Random Guy Member Posts: 67 ■■■□□□□□□□
edited March 2022 in Cybersecurity Management
This post is really a way for me to better gauge where, who, and why any organization is using such a thing like TIP.
As with most things in the industry, things can become buzz words and only provide superficial value that isn't very valuable (in the state its delivered) at later glance.
For the past decade, I feel like one of those things has been threat intelligence. I would like to point out, however, that I am not an expert in the field, nor one to cyber nor the specific subject matter in question either. This is merely my particular observation of things as they have popped up over time within the closer circles that I participate in.
That being said, I feel like while perhaps the solutions we see now being branded as TIP are pretty much the natural evolution for that specific piece in the cyber security governance of an organization, it is a tool with very similar properties and features of already existing technologies.
I did a Google search on what's around and PaloAlto comes up among others but what I have yet to fully understand is how this differs from a SIEM.
Truthfully, it seems almost complimentary but if so, then it likely incurs its own cost. I don't see this as something that is being used by smaller orgs that can't afford it.
My questions are then:
What TIP are you using/have used in your organization now (if you use[d] one) and can you share why you needed this kind of tool in use? How did it differ from simply using a SIEM or other kind of toolset? Where did this come in place for your security governance and did you link it to some other related IT function/process such as incident response or vulnerability management? How so?
I am trying to understand better how and why such a product has risen and why SIEMs aren't getting the job done instead.
Forum Admin at www.techexams.net