Effective Tagging in Synapse

Essential tagging patterns and best practices for Synapse threat intelligence platform workflows.

January 20, 2023 · 13 min · Scott J Roberts

The Difficulty of Saying Nothing

Like everyone else I’ve been following the tragic war in Ukraine and mourning the loss of life and humanitarian crisis. Professionally as an analyst in the threat intelligence and computer network defense world I’ve been considering what this war and spillover means for defending networks, especially as organizations like CISA keep putting out bulletins regarding threats of Russian nexus adversaries.

March 21, 2022 · 5 min · Scott J Roberts

Getting Started with Synapse

Complete beginner guide to installing and using Synapse threat intelligence platform with practical examples.

November 2, 2021 · 13 min · Scott J Roberts

Burnt TIPs

Analysis of threat intelligence sharing challenges using culinary metaphors and community dynamics.

July 31, 2021 · 7 min · Scott J Roberts

Familiarity Breeds Contempt: APT Edition

The APT hype cycle: how threat groups go from feared to dismissed. Why both over and underestimating adversaries is dangerous.

August 4, 2017 · 7 min · Scott J Roberts

CTI Reading List

A few weeks ago while teaching SANS FOR578 one of my students asked a great question by a student: What books or papers should a new cyber threat i…

July 18, 2017 · 7 min · Scott J Roberts

United States Response to Grizzly Steppe

U.S. government response to Russian election interference: sanctions, IOCs, and diplomatic actions against Grizzly Steppe.

December 29, 2016 · 4 min · Scott J Roberts

ACH Analysis of a Trump Campaign Compromise

This post gets political. People may agree or disagree based on their own experience or personal belief.

December 12, 2016 · 10 min · Scott J Roberts

Intelligence Collection Priorities

Strategic framework for prioritizing threat intelligence collection from internal data to commercial feeds.

November 23, 2016 · 5 min · Scott J Roberts

CTI SquadGoals — Setting Requirements

Transform vague security concerns into specific, actionable intelligence requirements that drive results.

March 30, 2016 · 6 min · Scott J Roberts