The Hidden Power of Threat IntelligenceAlienVault's Russ Spitler on Detecting, Responding to Dynamic Incidents
Organizations today have access to countless sources of threat intelligence. And yet many still struggle to operationalize this intel effectively. Russ Spitler of AlienVault discusses how to improve detection and response with dynamic security incidents.
Spitler, SVP of products, says there is a common marketplace misconception of the value of threat intelligence.
"It's an incredible helpful tool to help inform the organization," Spitler says. "But most people assume that just access to the set of IP addresses or domains associated with malicious infrastructure is going to make them more secure. [But] it's really more about the processes, the threat modeling and the use of that threat intelligence that allows organizations to effectively take use - and that's largely missing from the conversation today."
In an interview about unlocking the power of threat intel, Spitler discusses:
- Why organizations still struggle to leverage it;
- Key questions often asked about threat intel;
- How to improve speed of detection and response.
Spitler brings over a decade of experience building products that secure organizations across the globe. He currently serves as the SVP of Products at AlienVault, where he is responsible for product strategy and the execution of AlienVault's product roadmap that has resulted in the acquisition of over 7,000 commercial customers and thousands of open source users. He was also one of the founders and a driving force behind AlienVault's Open Threat Exchange (OTX) - a crowd-sourced threat intelligence community with over 80,000 active users from more than 140 countries. His leadership and focus on bringing to market practical and effective threat detection and incident response solutions has helped establish AlienVault's commercial product (USM Anywhere) and open-source offerings (OTX & OSSIM) as undisputed industry leaders.