There aren’t many topics in cyber security that generate more arguments than threat intelligence. Security professionals have a wide range of views on the topic that range from severe eye rolls to a critical part of a well-run security program. What I present in this book are my thoughts about what threat intelligence is and how organizations can use threat intelligence to better protect themselves against all manner of threats.

These thoughts are gathered from my years spent as an intelligence analyst and from the thousands of organizations I have talked to about their threat intelligence programs. Not everyone will agree with everything I have written, and that is a good thing because hopefully these disagreements will start a conversation.

The goal of this book is to act as a primer for organizations who are considering building or rebuilding a threat intelligence program. This book is not designed to be a step-by-step guide, instead it is meant to be a spark. There should be enough information contained between these covers to get a team thinking about how to improve the security of an organization through the effective use of threat intelligence.

If you have any thoughts or questions about the tools I have laid out here, I would love to hear from you. Reach out to me any time. You can find me on Twitter as @uuallan or send me an email to [email protected].

Acknowledgments

No book is ever solely the work of the author, there are a lot of people involved in the process. In that spirit there are quite a few people I need to thank. From O’Reilly I would like to thank superstar editor Courtney Allen and our word ninja, Virginia Wilson. I also would like to thank the great O’Reilly editors Colleen Cole, Nan Barber, and Dwight Ramsey.

In addition to the team at O’Reilly I would like to thank the smart technical reviewers whose feedback proved invaluable: Tim Gallo, Melissa Kelley, Amanda Berlin, and Tony Godfrey. I have so much respect for all four of you and hope I was able to successfully incorporate your suggestions.

Finally, I cannot express my thanks enough to Robert Morton and Eric Kobrin at Akamai and Jay Nancarrow for taking the time to share your thoughts on threat intelligence not only with me, but with everyone reading this book.