IOB: Tracking adversary behaviors closes gaps in cyber threat intelligence sharing
IOBs are dynamic digital impressions and identifiers that monitor the interaction of foreign bodies with host systems or networks. From a threat detection and awareness perspective, IOBs help add context. They also help you understand the behavior of potential cyber attackers.
The Open Cybersecurity Alliance is working to create a standard way to represent cyber adversary behaviors to make it easier to:
~~share repeatable sets of observed adversary behaviors spanning multiple campaigns,
~~share the analytics to detect those behaviors, and
~~create and share playbooks to correlate those detections.
Join our panel of guest speakers as they review how past experiences with CTI sharing impacted this work, what’s behind the motivation to represent adversary behavior, and provide access to several reference implementations and analysis capabilities, and finally, how and why you should be involved in the next evolution of OCA-IOB.