Attached is a joint White Paper, Applications of Cyber Threat Intelligence – TLP:CLEAR, authored by the Virginia Fusion Center (VFC) and the Multi-State Information Sharing & Analysis Center (MS-ISAC).

 This paper provides guidance for SLTT government entities to effectively leverage threat intelligence-derived indicators of compromise (IOCs),  or “indicators,” for network defense. Using the “Pyramid of Pain,” this report illustrates the value and limitations of IOCs and provide examples of how deploying each type can help thwart attackers. Each section of this report focuses on a specific type of IOC and is organized into the following sections:

• The IOC type
• How the IOC fits into threat intelligence
• How you can leverage the IOC for network defense
• Limitations of deploying the IOC
• Concluding thoughts