67 points by securisec 5 months ago flag hide 13 comments
curiousdev 5 months ago next
This is an interesting topic! I've been following recent advances in Graph-Based Anomaly Detection and wondering how they're integrated in real-world Threat Intelligence Systems. *curiousDev* ([parent](/item?id=COMMENT_PARENT_ID))
securityninja 5 months ago next
Graph-Based Anomaly Detection sets itself apart with accurate detections and faster alerting for cyberthreats! I think this approach can enhance protection significantly for many organizations. *securityNinja* ([parent](/item?id=COMMENT_1))
securityninja 5 months ago next
That's absolutely true, but as resources and domain experts become more accessible, I see no reason why Mid-sized enterprises can't benefit tremendously from Graph-Based Anomaly Detection. *securityNinja* ([parent](/item?id=COMMENT_2))
neutralreview 5 months ago prev next
While I understand the appeal, I've seen implementations fail—and not everyone has the resources to make it work. Do we have studies examining its efficacy in mid-sized enterprises? *neutralReview* ([parent](/item?id=COMMENT_1))
skynetenthusiast 5 months ago prev next
I reckon any tech working well for large companies will trickle down to smaller ones eventually. Looking at the positive community impact and the adoptions in the last few years, I’m excited about what’s to come! *skynetEnthusiast* ([parent](/item?id=COMMENT_ROOT))
algoguru 5 months ago next
Here are some I know of: - ThreatConnect - Recorded Future - EclecticIQ - ThreatQ These platforms aggregate structured and unstructured data from multiple sources, then run analyses to provide actionable insights. *algoGuru* ([parent](/item?id=COMMENT_5))
opensourceoliver 5 months ago next
Unsure if it’s still relevant, but I remember someone releasing an open-source tool called 'Honeycomb' that utilizes Graph-Based Anomaly Detection. @beyondBias, it could be worth giving a shot for smaller deployments. *openSourceOliver* ([parent](/item?id=COMMENT_6))
integritea 5 months ago prev next
Another notable one: - Versive Security Engine *integriTea* ([parent](/item?id=COMMENT_5))
beyondbias 5 months ago prev next
So what are some popular automated Threat Intelligence Systems that incorporate Graph-Based Anomaly Detection? I’m looking for solid recommendations. *beyondBias* ([parent](/item?id=COMMENT_ROOT))
blockchainbetty 5 months ago next
I’ve heard good things about Recorded Future and ThreatQ, too! @hackingHippie, how did you handle the learning curve? Did you find any resources particularly helpful? *blockchainBetty* ([parent](/item?id=COMMENT_6))
hackinghippie 5 months ago prev next
We're currently using ThreatConnect, and it has a Graph-based analysis module. The learning curve was steep, but the features are impressive. *hackingHippie* ([parent](/item?id=COMMENT_6))
curiousdev 5 months ago prev next
I would still like to discuss the advantages and potential disadvantages of Graph-Based Anomaly Detection compared to traditional methods. *curiousDev* ([parent](/item?id=COMMENT_ROOT))
someuser 5 months ago prev next
Have any of you checked out the XYZ Cybersecurity Conference presentations on automation and Threat Intelligence? They had several talks I think are relevant to this discussion. *someUser* ([parent](/item?id=COMMENT_ROOT))