Much like the mythical six degrees of separation of another famous Bacon, it seems that you can’t get farther than three clicks on a security provider’s website without running into some mention of threat intelligence. While my hazy, hairspray-induced fondness for “Footloose” is dampened somewhat by the existence of “Wild Things” in the ’90s, I can safely say that X-Force Threat Intelligence is one my favorite security seasonings.

Cur(at)ing Threat Intelligence

While you may not want to see how sausage is made, there is a lot of interest in how threat intelligence is created. Although I’ve had a rather unfortunate exposure to pig farming thanks to a classmate’s technical process presentation in a college Public Speaking class, I’ll spare you the details. Suffice to say it was quite unsuitable for an 8 a.m. lecture.

It’s not idle curiosity to question the sources of threat intelligence. Essential to threat intelligence being useful is that it is accurate and trusted.

X-Force sources threat intelligence using a variety of data capture methods. The infrastructure that X-Force uses for collecting data includes a Web crawler, similar in technology to what an Internet search engine would use. It is focused on identifying threats, malicious Web domains, honeypots and darknets that capture network communication indicative of malware, and spam traps for obtaining as much spam as possible.

These data collection methods are complemented by further data from 15 billion monitored events from our Security Services clients and 270 million monitored endpoints to collect malware samples. Capturing this data is important; equally important is turning the information collected into insights that can integrate with products and help protect an enterprise.

And when in doubt, just add bacon.

More from Cloud Security

The Importance of Modern-Day Data Security Platforms

Data is the backbone of businesses and companies everywhere. Data can range from intellectual property to critical business plans to personal health information or even money itself. At the end of the day, businesses are looking to grow revenue, innovate, and operationalize but to do that, they must ensure that they leverage their data first because of how important and valuable it is to their organization. No matter the industry, the need to protect sensitive and personal data should be…

Cybersecurity in the Next-Generation Space Age, Pt. 4: New Space Future Development and Challenges

View Part 1, Introduction to New Space, Part 2, Cybersecurity Threats in New Space, and Part 3, Securing the New Space, in this series. After the previous three parts of this series, we ascertain that the technological evolution of New Space ventures expanded the threats that targeted the space system components. These threats could be countered by various cybersecurity measures. However, the New Space has brought about a significant shift in the industry. This wave of innovation is reshaping the future…

Backdoor Deployment and Ransomware: Top Threats Identified in X-Force Threat Intelligence Index 2023

Deployment of backdoors was the number one action on objective taken by threat actors last year, according to the 2023 IBM Security X-Force Threat Intelligence Index — a comprehensive analysis of our research data collected throughout the year. Backdoor access is now among the hottest commodities on the dark web and can sell for thousands of dollars, compared to credit card data — which can go for as low as $10. On the dark web — a veritable eBay for…

How Posture Management Prevents Catastrophic Cloud Breaches

We've all heard about catastrophic cloud breaches. But for every cyberattack reported in the news, many more may never reach the public eye. Perhaps worst of all, a large number of the offending vulnerabilities might have been avoided entirely through proper cloud configuration. Many big cloud security catastrophes often result from what appear to be tiny lapses. For example, the famous 2019 Capital One breach was traced to a misconfigured application firewall. Could a proper configuration have prevented that breach?…