Working with a vast amount of sources and feeds in a threat monitoring program can become very overwhelming and taxing at times. Anomali provides a great way to collect, store, and enrich information; but having an approach to score and/or identify what information you want to operationalize on can help prioritize specific feeds or identify gaps.
To address this, FirstEnergy SOC has developed a method where they can effectively compare and score through a quantitative and qualitative approach. They evaluate sources based on their timeliness, accuracy, relevancy, and predictiveness (TARP principles) to help frame the quality they are getting from different sources. This has helped them in their strategy to make decisions based on cost and sweat equity to maximize their return on investment.
Watch the on-demand presentation led by Thomas Gorman, Big Data Security Analytics Developer, and Scott Poley, TSOC Manager from FirstEnergy.
NOTE: A valid email address is required to receive your requested asset.