As cyber threats facing enterprises become increasingly complex and diverse, ASUS has developed a robust approach to enhance visibility and real-time responsiveness through External Attack Surface Management (EASM) combined with threat intelligence resources. This article delves into how ASUS integrates various threat intelligence sources, collects relevant information from a multitude of data streams, and employs automation to bolster cybersecurity defenses.

We will explore how EASM can be leveraged to meet enterprise needs by integrating threat intelligence, including the use of both commercial and free methods to observe EASM, manage digital assets, and threat intelligence platforms. The process of gathering different threat intelligence sources and filtering intelligence content will also be discussed. Subsequently, we will examine how to utilize data from threat intelligence platforms to integrate enterprise Open Source security risks, focus on high-risk vulnerabilities, and enhance overall security.

Additionally, we will introduce the use of the AIL Project for intelligence gathering, particularly extracting, crawling, mining, and analyzing unstructured data from private channels and the dark web to obtain valuable threat intelligence. These insights will be automatically converted into critical notifications to establish an efficient alert mechanism, ensuring enterprises can respond to potential threats in real-time.

Finally, we will share ASUS future plans, including more comprehensive data collection and the future integration of CTI with LLM (Language Learning Models), to further enhance the enterprise’s security defense capabilities.

This comprehensive approach demonstrates ASUS commitment to providing robust cybersecurity measures through the intelligent integration of diverse data sources and automated threat intelligence processes.

In this presentation, I will share with the audience the process and significance of applying for membership in FIRST (Forum of Incident Response and Security Teams). As global information security threats become increasingly severe, ASUS is committed to providing secure and reliable products and services to our global users and partners.

Throughout this session, I will explain how to use the SIM3 v2 interim Self Assessment Tool to conduct a comprehensive self-evaluation, fully understanding the maturity of our CSIRT/PSIRT and devising improvement plans. I will also discuss how we identified suitable sponsors for recommendations and on-site visits, ensuring the completeness of membership application materials. Additionally, I will detail the process of filling out the FIRST Membership Interest Form and the New Full Member Team Application, from expressing interest to formally submitting the application, ensuring each step is carried out smoothly.

Finally, I will sharing after joining FIRST member, including leveraging the FIRST MISP threat intelligence platform, participating in Special Interest Groups (SIGs), and FIRST events. These resources and opportunities will greatly enhance our response capabilities and professional growth. Through this sharing, I hope to help everyone better understand the significance and process of joining FIRST.