Red Canary's Strategy for Naming the Threats We Track

Learn about Red Canary's systematic approach to naming and tracking cybersecurity threats in this 32-minute Office Hours episode featuring Alex Berninger, Senior Manager of Intelligence. Discover the complex challenges organizations face when multiple security companies create different names for the same threat actors due to seeing different pieces of activity. Explore Red Canary's methodology for threat clustering, starting with temporary 'egg' designations for new activity that evolve into color-bird naming conventions. Understand the strategic balance between creating new threat names versus adopting existing industry nomenclature, and how effective stakeholder communication influences these decisions. Examine how attribution priorities vary across organizations and why Red Canary emphasizes actionable intelligence focused on 'how' threats operate and 'what next' steps to take rather than deep attribution analysis. The session also includes cybersecurity news updates covering the new OWASP Top Ten draft and the resurgence of Qbot loader campaigns, providing current context for threat landscape developments.