The first step toward being able to successfully analyze an incident is having good, current knowledge of the latest threats and indicators. Effective threat intelligence tools and processes are capabilities that responders should have in their arsenal. As enterprise IoT systems become increasingly attractive targets, these platforms will undoubtedly share indicators and defensive patterns with their membership.
Some examples of today's threat-sharing platforms include:
- DHS Automated Indicator Sharing (AIS) initiative: This currently focuses on the energy and technology sectors (https://www.us-cert.gov/ais)
- Alienvault Open Threat Exchange (OTX) (https://www.alienvault.com/open-threat-exchange)
- IBM X-Force ...