Threat Intelligence

The LACL Threat Intelligence Sharing Platform provides a wealth of threat data and the ability to quickly and smoothly integrate with mature security teams across medium and large enterprises. The key elements of the platform are:

  1. Automated threat intelligence
  2. Los Angeles centric threat risks
  3. Data represented from wide variety of business sectors

Where does the threat intelligence come from?

The information LA Cyber Lab provides is received from our partner organizations and open sources feeds. These partners are providing vetted indications of compromise (IOCs) which are known to be a threat or associated with threats they have seen in their environments.

How does my company receive LA Cyber Lab threat intelligence?

The threat intelligence information is provided to your organization in one of several ways. First, you can begin receiving the IOCs in a csv. attachment via email through our Tools for LA Business link above by completing the form. Second, you may receive the IOCs directly to your business security tools via API or STIX/TAXII protocols. This requires a bit more effort and we are happy to work with your team to provide the technical details. Third, for mature security teams we offer the ability to interact with the IOCs via our portal which is intended for analysts and requires a sophisticated user (cyber analyst or threat researcher) to manage because of its technicality and complexity. If you believe this is the right fit for your organization, please contact us directly and we will help determine the best fit (email us at [email protected]).

What can I do with this information?

Threat intelligence can be used many ways to help protect your organization. While we can tell you the best way to manage your security posture, we can tell you how others have used the information: review logs for IOCs to see if there were potential risks within your network; blacklist indicators within your security tools to keep bad actors out; import the IOCs into your existing threat intelligence tools and add enrichment to your own analytical processes.