Trey Darley cuts through the hype surrounding threat intelligence and reframes the concept within a broader historical context, showing how information sharing can be a effective tool for both organizations with sophisticated security programs and organizations falling below the security poverty line. A rising tide of structured threat data—in terms of prevention, detection, and remediation—will lift boats large and small.
CTI can’t solve all of the world’s problems, but armed with a more strategic vision of how to leverage this tool, we can succeed in altering the economics for attackers and moving towards better herd immunity for the blue team.
Trey Darley is currently serving as one of the cochairs in the OASIS CTI TC. As director of Kingfisher Operations, Trey provides consulting services to organizations seeking to operationalize cyberthreat intelligence or needing assistance in navigating the STIX/TAXII standards process. Based in Brussels, Trey has been heavily involved in the CTI space since 2013. His career has taken him down many strange paths, from embedded hardware development to running IT on a major Hollywood production and from print advertising to infosec work at NATO HQ. More recently, he ventured into the dark world of software vendors,doing stints at Splunk and Soltra. Trey is a jack of all trades: part sysadmin, part software developer, part infosec guy, part network architect. In his copious spare time, he enjoys long walks, playing chess with his daughter, and tweaking his emacs config.
©2016, O’Reilly UK Ltd • (800) 889-8969 or (707) 827-7019 • Monday-Friday 7:30am-5pm PT • All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners. • email@example.com