PDPrakhar Dubeyintheintelbrief.hashnode.dev·Jun 17 · 8 min readThe Unknown Unknown Problem in Threat IntelligenceThere's a quiet assumption baked into most threat intelligence programs: that if we just monitor enough feeds, subscribe to enough platforms, and map enough TTPs to MITRE ATT&CK, we'll eventually have00
PDPrakhar Dubeyintheintelbrief.hashnode.dev·Jun 13 · 16 min readThe ASN Pivot: How CTI Analysts Turn One Malicious IP Into a ClusterWhen a SIEM alert fires with a suspicious IP, most analysts do one of two things. They check if it's blocked. They move on. The analysts who consistently produce better intelligence do something diffe00