We're changing our name.
Verodin is now Mandiant Security Validation. Click here to learn more.

Validating Your Security Controls with Cyber Threat Intelligence

Leverage your cyber threat intelligence program to validate your security controls and identify misconfigurations and optimize your security stack.

August 2, 2019
Category
Blog Tags

There are a number of use cases that a mature cyber threat intelligence program is typically able to support with an organization — some examples being security validation and strategy, network defense, incident response, vulnerability management, and insider threat. I wanted to introduce you to a relatively new use case: using cyber threat intelligence to validate your security controls.

Why does security validation matter? 

The need to validate your security controls is similar to the need for the testing of any developed software—not 100% necessary, but you live dangerously if you don’t do it. Validating the security controls you’ve deployed will enable you to identify misconfigurations and optimize your security stack to reach a higher level of assurance.

Why use cyber threat intelligence to validate your security controls?

By nature, cyber threat intelligence is focused on threats to your organization, organizations in your sector, as well as critical 3rd parties that your organization relies on. By using intelligence to validate your controls you are ensuring that the tactics, techniques, and procedures (TTPs) of threat actors that could do damage to your organization are unable to do so.

How do you use cyber threat intelligence to validate your security controls?

In order to do this you first need consistent, up to date, and structured TTP information on threat actors relevant to your organization. This information should be able to be replayed or replicated in an ongoing and automated way without touching any malicious infrastructure directly. Ultimately, we should be running neutered malicious traffic in a controlled environment that doesn’t compromise your organization or touch the threat actor’s infrastructure. 

Ongoing validation of your security controls with up-to-date TTP information used by cyber threat actors of direct relevance to your organization will enable your team to identify gaps in your security controls before incidents occur, therefore improving your existing controls and reducing the cost of incidence response. 


Learn more about our Threat Actor Assurance Module >

Verodin and Intel 471

Verodin and Intel 471 have a joint offering that enables organizations to use Intel 471 intelligence to power the Verodin Security Instrumentation Platform, providing organizations with assurance that they are protected from the latest threats.


Return to Blog
Get in touch:

Verodin provides security validation to measure, manage, and improve your overall effectiveness.

Chances are you’re ignoring valuable security data that can be gathered via instrumentation. Future-proof your security posture today.

Request a Demo

Chances are you’re ignoring valuable security data that can be gathered via instrumentation. Future-proof your security posture today.

Connect with an advisor

Get new cybersecurity effectiveness podcasts delivered straight to your inbox.

We will never sell or distribute your information.