Coursera Spring Sale
40% Off Coursera Plus Annual!
Grab it
Explore how Large Language Models can revolutionize threat intelligence workflows by automating the extraction and enrichment of Indicators of Compromise (IOCs) in this 28-minute conference talk from The Diana Initiative 2025. Learn how AI can transform the overwhelming task of manually processing threat intelligence data from PDF reports, email threads, forum discussions, and various threat feeds into an automated, efficient system. Discover practical applications where LLMs parse unstructured reports and conversations to extract IOCs, Tactics, Techniques, and Procedures (TTPs), and threat actor details from diverse sources including PDFs, chats, and threat advisories. Understand how these systems can enrich IOCs in real-time by cross-referencing with Open Source Intelligence (OSINT), threat databases, and internal telemetry to provide deeper context for security teams. Examine methods for correlating and prioritizing threats to reduce false positives while delivering high-fidelity intelligence, and see how automated intelligence generation can feed enriched IOCs directly into Security Information and Event Management (SIEM) systems, Security Orchestration, Automation and Response (SOAR) platforms, and investigative workflows. Gain insights into leveraging Model Context Protocol (MCP) for seamless integration, enabling LLMs to dynamically fetch, process, and correlate data from multiple threat intelligence sources. Access practical implementation strategies, understand key challenges in adoption, and learn proven best practices for integrating AI-driven threat intelligence solutions to enhance detection capabilities and accelerate threat analysis processes.
