Josh Lefkowitz

The notorious Joker’s Stash is perhaps the best-known of many illicit shops in the deep & dark web (DDW) that specialize in, and serve...

Deep & Dark Web (DDW) forums and marketplaces have long served as hubs for illicit activity and, consequently, as invaluable data sources for defenders...

Context has always been a critical delineator in threat intelligence. It’s what distinguishes data from information, information from intelligence, and the meaningless from the...

Starting a business risk intelligence (BRI) program often requires overcoming challenges that involve resource allocation, operational bandwidth, or stakeholder support, to name a few....

The recent takedown of the xDedic marketplace—where threat actors had been buying and selling access to compromised remote desktop protocol (RDP) servers since at...

A business risk intelligence (BRI) program requires many components about which I’ve written previously: the right intelligence requirements, collection strategy, KPIs, vendors,

We often discuss the importance of external collaboration and information sharing in security. Frequently overlooked, however, is the importance of also collaborating and sharing...

If you’ve ever dabbled in data analytics, product design, or digital marketing, you’re likely familiar with vanity metrics. Just as their name implies, vanity...

The outcome of an intelligence operation depends largely on the data that fuels it. Even the most sophisticated operation will fail to produce intelligence...

It’s Crucial to Communicate the Benefits of an Intelligence Program in the Context of Risk

No Automated Tool is Capable of Providing the Full Context in Which a Threat Was Developed and Deployed

Patch management has always been an evergreen topic for security practitioners. Each time poor patching is identified as the root cause of a breach,...