Open to Non-MembersRH-ISAC’s principal threat researcher, JJ Josing, will present at the Cyber Threat Intelligence Conference, hosted by First.
Presentation Description: In an intelligence-sharing community, the value of cyber threat intelligence depends on more than just what members contribute. It also relies on how that data is enriched, refined, and turned into actionable insights. This session will share practical methods for transforming raw indicators into high-quality intelligence using PyOTI as the enrichment and vetting engine.
Drawing from three years of experience managing the Retail & Hospitality ISAC’s community MISP instance, the talk will highlight ways to normalize multi-source enrichment, apply consistent tagging, and automate curation to reduce noise while keeping valuable context. Attendees will learn how to identify known bad and known good indicators, tune enrichment workflows, and build tagging practices that reduce alert fatigue and false positives. The session will close with simple, proven steps teams can take to improve the quality and reliability of shared intelligence.
