#threat intelligence

#threat intelligence

Since we're talking cybersecurity, let's start with iDEFENSE. I bought the company in 2002 as an investor rather than an operator, then subsequently became CEO. As the first commercial cyber threat intelligence vendor, we established the first global zero day acquisition program and created the 'Responsible Disclosure' process driving software companies to accelerate their patch creation and rollout schedule. This was ground breaking and the initiation of the bug bounty world we live in today.

Cisco is set to launch another such "SLM", following up its Foundation-Sec-8B with 8 billion parameters with a 17 billion parameter count model. It will contain 30 years of threat intelligence emanating from Cisco Talos. However, the company emphasizes the new model is not a direct successor to Foundation-Sec-8B. Cisco currently uses Foundation-Sec-8B in its products. The model analyzes security alerts, checks code for vulnerabilities, and suggests workflows that prioritize security.

Google's Threat Intelligence Group (GTIG) and Mandiant are tracking the "high-volume" activity, which began last month, and are investigating whether there is any truth to the attackers' boasts. In a statement to The Register, Genevieve Stark, head of cybercrime and information operations intelligence analysis at GTIG, said: "This activity began on or before September 29, 2025, but Mandiant's experts are still in the early stages of multiple investigations, and have not yet substantiated the claims made by this group."

Minimum qualifications: Bachelor's degree or equivalent practical experience 5 years of experience in data analysis, including identifying trends, generating summary statistics, and drawing insights from quantitative and qualitative data. 5 years of experience managing projects and defining project scope, goals, and deliverables. Experience with statistical analysis, data science and data analysis. Preferred qualifications: Master's degree in a quantitative field (e.g., Statistics, Computer Science, Mathematics, Engineering). 5 years of experience in a data-intensive role such as threat intelligence, data science, trust and safety, or fraud analysis.

CrowdStrike claims that Falcon for IT Risk-based Patching solves this problem by bringing vulnerability management and patch implementation together within the Falcon console. It uses proprietary intelligence and AI models to determine which vulnerabilities are most likely to be exploited in practice. With features such as Patch Safety Scores and sensor intelligence, teams should be able to patch faster, more securely, and on a larger scale without disruption.

Infoblox positions DNS as the earliest point of cyber threat prevention, claiming to block malicious infrastructure an average of 68.4 days before traditional detection tools. The company's Protective DNS approach leverages global DNS visibility to identify threats before they can weaponize their infrastructure. Infoblox Threat Intel monitors over 200,000 threat actor clusters using proprietary algorithms designed to identify infrastructure during construction phases. The company's detection pipeline combines real-time DNS telemetry with predictive threat intelligence.