Zach Allen over at Fastlyhas published a couple of posts on Lean Threat Intelligence.
Part 1describes a methodology for Threat Intelligence planning and design that can be reused virtuallyanywhere. ">I love how this posts boils Threat">Intelligence down to a business problem to be solved, not a technology to be deployed. Too often we deploy expensive and costly to manage technology products without understanding the specific problem that is to be solved, then the product winds up underutilized or is unsuitable. ">Part 2is more technical. Itgets into the implementationof a Threat Intelligence system using only open source products.
Definitely a good read if you are interested in deploying Threat Intelligence on the cheap.
-- Rick Wanner MSISE - rwanner at isc dot sans dot edu - http://namedeplume.blogspot.com/ - Twitter:namedeplume (Protected)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.