Incident investigations are no time to ride in solo, like a cowboy. Identifying, mitigating, and preventing cyberthreats must be done quickly and efficiently, using all tools available, especially threat intelligence.
By integrating relevant threat intelligence feeds, you have a sidekick providing insights into malicious actors' tactics, techniques, and procedures. This lets you close the incident quickly and get on to the next task.
In this episode of the EM360 Podcast ”Using Threat Intelligence Effectively in Incident Investigation,” Analyst Richard Stiennon speaks to Richa Priyanka, Solutions Architect at Palo Alto Networks, to discuss:
- Role of threat hunting in SOC
- Typical threat intelligence feeds for incident investigation
- The future of threat hunting
