When the Computer Incident Response Center in Luxembourg (CIRCL) analyzes incidents for threat information, the group deals mostly with proprietary, sensitive, and, in some cases, classified information from companies and the communities with whom the incident response team regularly works. Yet the group also relies heavily on open source intelligence as a way to eliminate the noise of known threats and reduce the workload for the group’s operators, says Andras Iklody, a CIRCL operator and a core developer for the MISP threat-intelligence sharing platform.
Read full article on Dark Reading