NOTAS: | "The study channels its efforts into identifying some of the key opportunities and limitations of existing platforms and solutions, since information exchange formats and tools remain central items on the agenda of the cybersecurity community in general, and particularly of incident responders. The project came as an acknowledgment of the increasing demand for relevant and ‘context aware’ security data, as information security management is becoming a key component of any modern organisation. For the purpose of this project, ENISA has engaged leading field experts and has performed a research of existing tools, practices and TIPs academic literature. The report concludes with a series of actionable findings and recommendations, so that current TIPs limitations are addressed and overcome. Furthermore, the report presents a detailed overview of the users of these platforms, the main functional areas of TIPs as well as the current landscape of the TIPs used globally by different teams (CTI teams, SOCs, CSIRTs/CERTs, ISACs, etc.). The report concludes with a series of recommendations addressed to users and organisations, TIPs developers and vendors as well as the research community and academia." |