|
Throughout the course of my career I’ve been blessed to work with some of the most talented folks in the security and cyber threat intelligence (CTI) mission space to create a variety of different capabilities in the public, private and commercial sectors. Before I came to lead the Verisign iDefense team about five years ago, I had to evaluate external cyber-intelligence vendors to complement and expand the enterprise capabilities of my former organization.
Keep in mind that this was before the explosion of CTI in the marketplace and the myriad of different CTI vendors that have emerged over the past few years. The broader availability of CTI providers has made the task of understanding their capabilities and how their services address (or, more importantly, don’t address) an organization’s requirements more difficult. Essentially, CTI should help these organizations make better decisions and improve the overall security posture of their business.
Enter Forrester Research’s Nov. 3, 2015 report: “Vendor Landscape: S&R Pros Turn To Cyber Threat Intelligence Providers for Help.” The report, as Forrester puts it, seeks to “give S&R pros the tools to evaluate cyber threat intelligence providers along with analysis of 20 of the top players in the space.”
The “Provider Evaluation Criteria” section of the report includes critical intersections between the intelligence cycle and how a given provider’s capabilities map to its intelligence collection, analysis and generation phases. Here, the authors provide some salient recommendations for organizations looking for a CTI provider. Please download the report to get what I believe is some of the best guidance out there on that subject.
Based on my experience, I’d also add a few more to the list:
If you have any additional suggestions to add to the list, I’d love to hear about them in the comments section.
Sponsored byVerisign
Sponsored byDNIB.com
Sponsored byWhoisXML API
Sponsored byIPv4.Global
Sponsored byVerisign
Sponsored byCSC
Sponsored byRadix