In this episode of the Security Repo Podcast, Jeffrey Bell, Principal Security Engineer and founder of CatchingPhish.com, discusses the confusion surrounding the naming conventions of threat actor groups across different security vendors. He explains how companies like CrowdStrike, Palo Alto, and Mandiant label the same adversaries with different names due to marketing and commercialization pressures, creating challenges for threat intelligence. Jeffrey also introduces MITRE ATT&CK Groups as a reliable, centralized resource to demystify these aliases and strengthen defenses based on shared TTPs.https://catchingphish.comhttps://attack.mitre.org/groups/https://github.com/mcdwayne/mitre-gang-lookupJeffrey Bell is a Principal Information Security Engineer and Threat Intelligence Lead at a Pharmaceutical Intelligence company. He graduated from UNC-Charlotte with a B.S. in Computer Science, specializing in Cybersecurity. Jeffrey has over 6 years of experience in Threat Intelligence, Incident Response, and Security Engineering. When not working, he writes for his blog, catchingphish.com, and loves to ski! He currently live near the beach in North Carolina.

Ver todos los episodios