home.social

#firstcti26 — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #firstcti26, aggregated by home.social.

  1. New on the FIRST blog: Jonathan Andersen, CEO and Co-Founder of Webscout and #FIRSTCTI26 speaker, on why residential proxy networks have become one of the internet's most consequential threat enablers, and why no single organization can see the full picture.

    When Kimwolf emerged in late 2025, it infected 2 million+ devices, mostly off-brand Android TV boxes sold openly on retail platforms with proxy SDKs already installed at the factory.

    The supply chain had done the work for the operators.

    The structural problem isn't the botnet. It's the residential proxy layer itself, embedded across critical networks before most defenders were looking for it.

    🏠 Residential proxies route traffic through real ISP-assigned IPs. Reputation and geolocation defenses largely fail.
    📦 SDK-based provisioning embeds proxy code in free apps. Users consent in EULA fine print. 🏭 Hardware supply chain compromise pre-loads devices before they ever reach a buyer.
    ⚡Active exploitation, like Kimwolf, turns proxy endpoints into footholds inside local networks.

    What the data shows:

    🔍 Infoblox: nearly 1 in 4 enterprise customers had at least one device querying Kimwolf-related domains.
    🏛️ Spur: proxy endpoints inside ~300 government networks, 318 utilities, 166 healthcare orgs, and 141 banks.
    🌐 Google GTIG: 550+ distinct threat groups using IPIDEA exit nodes in a single 7-day period in January 2026, including actors linked to China, North Korea, Iran, and Russia.

    Jonathan highlights that countering these networks requires telemetry, forensics, and intelligence no single organization has alone. Webscout is building a vetted trust group for researchers and seeking ISP partners willing to host research nodes.

    Inter-AS coordination challenges like these also sit squarely within the focus areas of FIRST's NETSEC SIG, which convenes network operators and researchers around exactly this kind of work.

    📖 Read more: go.first.org/mfx3c

    #CTI #cybersecurity #infosec

  2. New on the FIRST blog: Jonathan Andersen, CEO and Co-Founder of Webscout and #FIRSTCTI26 speaker, on why residential proxy networks have become one of the internet's most consequential threat enablers, and why no single organization can see the full picture.

    When Kimwolf emerged in late 2025, it infected 2 million+ devices, mostly off-brand Android TV boxes sold openly on retail platforms with proxy SDKs already installed at the factory.

    The supply chain had done the work for the operators.

    The structural problem isn't the botnet. It's the residential proxy layer itself, embedded across critical networks before most defenders were looking for it.

    🏠 Residential proxies route traffic through real ISP-assigned IPs. Reputation and geolocation defenses largely fail.
    📦 SDK-based provisioning embeds proxy code in free apps. Users consent in EULA fine print. 🏭 Hardware supply chain compromise pre-loads devices before they ever reach a buyer.
    ⚡Active exploitation, like Kimwolf, turns proxy endpoints into footholds inside local networks.

    What the data shows:

    🔍 Infoblox: nearly 1 in 4 enterprise customers had at least one device querying Kimwolf-related domains.
    🏛️ Spur: proxy endpoints inside ~300 government networks, 318 utilities, 166 healthcare orgs, and 141 banks.
    🌐 Google GTIG: 550+ distinct threat groups using IPIDEA exit nodes in a single 7-day period in January 2026, including actors linked to China, North Korea, Iran, and Russia.

    Jonathan highlights that countering these networks requires telemetry, forensics, and intelligence no single organization has alone. Webscout is building a vetted trust group for researchers and seeking ISP partners willing to host research nodes.

    Inter-AS coordination challenges like these also sit squarely within the focus areas of FIRST's NETSEC SIG, which convenes network operators and researchers around exactly this kind of work.

    📖 Read more: go.first.org/mfx3c

    #CTI #cybersecurity #infosec

  3. New on the FIRST blog: Jonathan Andersen, CEO and Co-Founder of Webscout and #FIRSTCTI26 speaker, on why residential proxy networks have become one of the internet's most consequential threat enablers, and why no single organization can see the full picture.

    When Kimwolf emerged in late 2025, it infected 2 million+ devices, mostly off-brand Android TV boxes sold openly on retail platforms with proxy SDKs already installed at the factory.

    The supply chain had done the work for the operators.

    The structural problem isn't the botnet. It's the residential proxy layer itself, embedded across critical networks before most defenders were looking for it.

    🏠 Residential proxies route traffic through real ISP-assigned IPs. Reputation and geolocation defenses largely fail.
    📦 SDK-based provisioning embeds proxy code in free apps. Users consent in EULA fine print. 🏭 Hardware supply chain compromise pre-loads devices before they ever reach a buyer.
    ⚡Active exploitation, like Kimwolf, turns proxy endpoints into footholds inside local networks.

    What the data shows:

    🔍 Infoblox: nearly 1 in 4 enterprise customers had at least one device querying Kimwolf-related domains.
    🏛️ Spur: proxy endpoints inside ~300 government networks, 318 utilities, 166 healthcare orgs, and 141 banks.
    🌐 Google GTIG: 550+ distinct threat groups using IPIDEA exit nodes in a single 7-day period in January 2026, including actors linked to China, North Korea, Iran, and Russia.

    Jonathan highlights that countering these networks requires telemetry, forensics, and intelligence no single organization has alone. Webscout is building a vetted trust group for researchers and seeking ISP partners willing to host research nodes.

    Inter-AS coordination challenges like these also sit squarely within the focus areas of FIRST's NETSEC SIG, which convenes network operators and researchers around exactly this kind of work.

    📖 Read more: go.first.org/mfx3c

    #CTI #cybersecurity #infosec

  4. New on the FIRST blog: Jonathan Andersen, CEO and Co-Founder of Webscout and #FIRSTCTI26 speaker, on why residential proxy networks have become one of the internet's most consequential threat enablers, and why no single organization can see the full picture.

    When Kimwolf emerged in late 2025, it infected 2 million+ devices, mostly off-brand Android TV boxes sold openly on retail platforms with proxy SDKs already installed at the factory.

    The supply chain had done the work for the operators.

    The structural problem isn't the botnet. It's the residential proxy layer itself, embedded across critical networks before most defenders were looking for it.

    🏠 Residential proxies route traffic through real ISP-assigned IPs. Reputation and geolocation defenses largely fail.
    📦 SDK-based provisioning embeds proxy code in free apps. Users consent in EULA fine print. 🏭 Hardware supply chain compromise pre-loads devices before they ever reach a buyer.
    ⚡Active exploitation, like Kimwolf, turns proxy endpoints into footholds inside local networks.

    What the data shows:

    🔍 Infoblox: nearly 1 in 4 enterprise customers had at least one device querying Kimwolf-related domains.
    🏛️ Spur: proxy endpoints inside ~300 government networks, 318 utilities, 166 healthcare orgs, and 141 banks.
    🌐 Google GTIG: 550+ distinct threat groups using IPIDEA exit nodes in a single 7-day period in January 2026, including actors linked to China, North Korea, Iran, and Russia.

    Jonathan highlights that countering these networks requires telemetry, forensics, and intelligence no single organization has alone. Webscout is building a vetted trust group for researchers and seeking ISP partners willing to host research nodes.

    Inter-AS coordination challenges like these also sit squarely within the focus areas of FIRST's NETSEC SIG, which convenes network operators and researchers around exactly this kind of work.

    📖 Read more: go.first.org/mfx3c

    #CTI #cybersecurity #infosec

  5. New on the FIRST blog: Jonathan Andersen, CEO and Co-Founder of Webscout and #FIRSTCTI26 speaker, on why residential proxy networks have become one of the internet's most consequential threat enablers, and why no single organization can see the full picture.

    When Kimwolf emerged in late 2025, it infected 2 million+ devices, mostly off-brand Android TV boxes sold openly on retail platforms with proxy SDKs already installed at the factory.

    The supply chain had done the work for the operators.

    The structural problem isn't the botnet. It's the residential proxy layer itself, embedded across critical networks before most defenders were looking for it.

    🏠 Residential proxies route traffic through real ISP-assigned IPs. Reputation and geolocation defenses largely fail.
    📦 SDK-based provisioning embeds proxy code in free apps. Users consent in EULA fine print. 🏭 Hardware supply chain compromise pre-loads devices before they ever reach a buyer.
    ⚡Active exploitation, like Kimwolf, turns proxy endpoints into footholds inside local networks.

    What the data shows:

    🔍 Infoblox: nearly 1 in 4 enterprise customers had at least one device querying Kimwolf-related domains.
    🏛️ Spur: proxy endpoints inside ~300 government networks, 318 utilities, 166 healthcare orgs, and 141 banks.
    🌐 Google GTIG: 550+ distinct threat groups using IPIDEA exit nodes in a single 7-day period in January 2026, including actors linked to China, North Korea, Iran, and Russia.

    Jonathan highlights that countering these networks requires telemetry, forensics, and intelligence no single organization has alone. Webscout is building a vetted trust group for researchers and seeking ISP partners willing to host research nodes.

    Inter-AS coordination challenges like these also sit squarely within the focus areas of FIRST's NETSEC SIG, which convenes network operators and researchers around exactly this kind of work.

    📖 Read more: go.first.org/mfx3c

    #CTI #cybersecurity #infosec

  6. Cool to meet some Mastodon peeps on #FirstCTI26

    For everyone who couldn't attend, those were my main learnings:

    • automate everything, clicking and context switches costs time: e.g. cool idea was Mispbrowserextension for Firefox

    • feedback loop everything: for example, you can feed that "benign/false positive/true positive" button from your SOC back intro your CTI. Simple & effective

    • show the value of your tech to management: e.g. how many attacks have you prevented? How big were the costs for that incident in other companies?

    • random characters (and a legitimate looking link) in a CTI pdf might be an attack on your AI => check out CTI poisoning attacks

    #CTI #threatintel #threatintelligence #lessonslearned

  7. Cool to meet some Mastodon peeps on #FirstCTI26

    For everyone who couldn't attend, those were my main learnings:

    • automate everything, clicking and context switches costs time: e.g. cool idea was Mispbrowserextension for Firefox

    • feedback loop everything: for example, you can feed that "benign/false positive/true positive" button from your SOC back intro your CTI. Simple & effective

    • show the value of your tech to management: e.g. how many attacks have you prevented? How big were the costs for that incident in other companies?

    • random characters (and a legitimate looking link) in a CTI pdf might be an attack on your AI => check out CTI poisoning attacks

    #CTI #threatintel #threatintelligence #lessonslearned

  8. Cool to meet some Mastodon peeps on #FirstCTI26

    For everyone who couldn't attend, those were my main learnings:

    • automate everything, clicking and context switches costs time: e.g. cool idea was Mispbrowserextension for Firefox

    • feedback loop everything: for example, you can feed that "benign/false positive/true positive" button from your SOC back intro your CTI. Simple & effective

    • show the value of your tech to management: e.g. how many attacks have you prevented? How big were the costs for that incident in other companies?

    • random characters (and a legitimate looking link) in a CTI pdf might be an attack on your AI => check out CTI poisoning attacks

    #CTI #threatintel #threatintelligence #lessonslearned

  9. Cool to meet some Mastodon peeps on #FirstCTI26

    For everyone who couldn't attend, those were my main learnings:

    • automate everything, clicking and context switches costs time: e.g. cool idea was Mispbrowserextension for Firefox

    • feedback loop everything: for example, you can feed that "benign/false positive/true positive" button from your SOC back intro your CTI. Simple & effective

    • show the value of your tech to management: e.g. how many attacks have you prevented? How big were the costs for that incident in other companies?

    • random characters (and a legitimate looking link) in a CTI pdf might be an attack on your AI => check out CTI poisoning attacks

    #CTI #threatintel #threatintelligence #lessonslearned

  10. Cool to meet some Mastodon peeps on #FirstCTI26

    For everyone who couldn't attend, those were my main learnings:

    • automate everything, clicking and context switches costs time: e.g. cool idea was Mispbrowserextension for Firefox

    • feedback loop everything: for example, you can feed that "benign/false positive/true positive" button from your SOC back intro your CTI. Simple & effective

    • show the value of your tech to management: e.g. how many attacks have you prevented? How big were the costs for that incident in other companies?

    • random characters (and a legitimate looking link) in a CTI pdf might be an attack on your AI => check out CTI poisoning attacks

    #CTI #threatintel #threatintelligence #lessonslearned

  11. 🎉 #FIRSTCTI26 is officially a wrap, and it's the people who made it. Three days of workshops, plenary sessions, and hands-on training across the CTI landscape in Munich, Germany.

    Sessions were led by practitioners and researchers from Google, AWS, the European Commission CSOC, ENISA, CIRCL, CERT-In, Intel 471, BlackRock, Deloitte, NTT DATA, Expel, and dozens more.

    Highlights:
    ✅ From Signal to Action was the dominant theme — practitioners tackled the gap between data and defensive action, building CTI pipelines under resource constraints and automating enrichment to cut through noise
    ✅ AI took center stage as a double-edged force — sessions explored how LLMs and RAG architectures can multiply analyst capacity, while also confronting poisoned OSINT, compromised pipelines, and adversarial manipulation of AI-assisted analysis
    ✅ New capabilities and partnerships were announced: Silobreaker unveiled agentic AI to speed up analyst research; CTM360 launched its AI-powered external CTEM platform; and Venation announced a partnership with UK-based POKKIT to deliver plain-English and Dutch cyber resilience guidance to smaller EMEA organizations

    TLP:CLEAR sessions were live-streamed and are available now on FIRST's YouTube Channel.

    A huge thank you to everyone who attended, presented, sponsored, and supported this event.

    See you at the next one!

    📖 Read more: go.first.org/zqJyk

    #CyberDefense #cybersecurity #infosec

  12. 🎉 #FIRSTCTI26 is officially a wrap, and it's the people who made it. Three days of workshops, plenary sessions, and hands-on training across the CTI landscape in Munich, Germany.

    Sessions were led by practitioners and researchers from Google, AWS, the European Commission CSOC, ENISA, CIRCL, CERT-In, Intel 471, BlackRock, Deloitte, NTT DATA, Expel, and dozens more.

    Highlights:
    ✅ From Signal to Action was the dominant theme — practitioners tackled the gap between data and defensive action, building CTI pipelines under resource constraints and automating enrichment to cut through noise
    ✅ AI took center stage as a double-edged force — sessions explored how LLMs and RAG architectures can multiply analyst capacity, while also confronting poisoned OSINT, compromised pipelines, and adversarial manipulation of AI-assisted analysis
    ✅ New capabilities and partnerships were announced: Silobreaker unveiled agentic AI to speed up analyst research; CTM360 launched its AI-powered external CTEM platform; and Venation announced a partnership with UK-based POKKIT to deliver plain-English and Dutch cyber resilience guidance to smaller EMEA organizations

    TLP:CLEAR sessions were live-streamed and are available now on FIRST's YouTube Channel.

    A huge thank you to everyone who attended, presented, sponsored, and supported this event.

    See you at the next one!

    📖 Read more: go.first.org/zqJyk

    #CyberDefense #cybersecurity #infosec

  13. 🎉 #FIRSTCTI26 is officially a wrap, and it's the people who made it. Three days of workshops, plenary sessions, and hands-on training across the CTI landscape in Munich, Germany.

    Sessions were led by practitioners and researchers from Google, AWS, the European Commission CSOC, ENISA, CIRCL, CERT-In, Intel 471, BlackRock, Deloitte, NTT DATA, Expel, and dozens more.

    Highlights:
    ✅ From Signal to Action was the dominant theme — practitioners tackled the gap between data and defensive action, building CTI pipelines under resource constraints and automating enrichment to cut through noise
    ✅ AI took center stage as a double-edged force — sessions explored how LLMs and RAG architectures can multiply analyst capacity, while also confronting poisoned OSINT, compromised pipelines, and adversarial manipulation of AI-assisted analysis
    ✅ New capabilities and partnerships were announced: Silobreaker unveiled agentic AI to speed up analyst research; CTM360 launched its AI-powered external CTEM platform; and Venation announced a partnership with UK-based POKKIT to deliver plain-English and Dutch cyber resilience guidance to smaller EMEA organizations

    TLP:CLEAR sessions were live-streamed and are available now on FIRST's YouTube Channel.

    A huge thank you to everyone who attended, presented, sponsored, and supported this event.

    See you at the next one!

    📖 Read more: go.first.org/zqJyk

    #CyberDefense #cybersecurity #infosec

  14. 🎉 #FIRSTCTI26 is officially a wrap, and it's the people who made it. Three days of workshops, plenary sessions, and hands-on training across the CTI landscape in Munich, Germany.

    Sessions were led by practitioners and researchers from Google, AWS, the European Commission CSOC, ENISA, CIRCL, CERT-In, Intel 471, BlackRock, Deloitte, NTT DATA, Expel, and dozens more.

    Highlights:
    ✅ From Signal to Action was the dominant theme — practitioners tackled the gap between data and defensive action, building CTI pipelines under resource constraints and automating enrichment to cut through noise
    ✅ AI took center stage as a double-edged force — sessions explored how LLMs and RAG architectures can multiply analyst capacity, while also confronting poisoned OSINT, compromised pipelines, and adversarial manipulation of AI-assisted analysis
    ✅ New capabilities and partnerships were announced: Silobreaker unveiled agentic AI to speed up analyst research; CTM360 launched its AI-powered external CTEM platform; and Venation announced a partnership with UK-based POKKIT to deliver plain-English and Dutch cyber resilience guidance to smaller EMEA organizations

    TLP:CLEAR sessions were live-streamed and are available now on FIRST's YouTube Channel.

    A huge thank you to everyone who attended, presented, sponsored, and supported this event.

    See you at the next one!

    📖 Read more: go.first.org/zqJyk

    #CyberDefense #cybersecurity #infosec

  15. 🎉 #FIRSTCTI26 is officially a wrap, and it's the people who made it. Three days of workshops, plenary sessions, and hands-on training across the CTI landscape in Munich, Germany.

    Sessions were led by practitioners and researchers from Google, AWS, the European Commission CSOC, ENISA, CIRCL, CERT-In, Intel 471, BlackRock, Deloitte, NTT DATA, Expel, and dozens more.

    Highlights:
    ✅ From Signal to Action was the dominant theme — practitioners tackled the gap between data and defensive action, building CTI pipelines under resource constraints and automating enrichment to cut through noise
    ✅ AI took center stage as a double-edged force — sessions explored how LLMs and RAG architectures can multiply analyst capacity, while also confronting poisoned OSINT, compromised pipelines, and adversarial manipulation of AI-assisted analysis
    ✅ New capabilities and partnerships were announced: Silobreaker unveiled agentic AI to speed up analyst research; CTM360 launched its AI-powered external CTEM platform; and Venation announced a partnership with UK-based POKKIT to deliver plain-English and Dutch cyber resilience guidance to smaller EMEA organizations

    TLP:CLEAR sessions were live-streamed and are available now on FIRST's YouTube Channel.

    A huge thank you to everyone who attended, presented, sponsored, and supported this event.

    See you at the next one!

    📖 Read more: go.first.org/zqJyk

    #CyberDefense #cybersecurity #infosec

  16. Servus from #FIRSTCTI26! 🥨
    Day 2 is live with top‑notch Cyber Threat Intelligence. Our #TLPCLEAR sessions are streamed on YouTube - no Lederhosen required 😉
    👉 youtube.com/watch?v=DMAqEP2Kqgs
    #CTI #InfoSec

  17. Servus from #FIRSTCTI26! 🥨
    Day 2 is live with top‑notch Cyber Threat Intelligence. Our #TLPCLEAR sessions are streamed on YouTube - no Lederhosen required 😉
    👉 youtube.com/watch?v=DMAqEP2Kqgs
    #CTI #InfoSec

  18. Servus from #FIRSTCTI26! 🥨
    Day 2 is live with top‑notch Cyber Threat Intelligence. Our #TLPCLEAR sessions are streamed on YouTube - no Lederhosen required 😉
    👉 youtube.com/watch?v=DMAqEP2Kqgs
    #CTI #InfoSec

  19. Servus from #FIRSTCTI26! 🥨
    Day 2 is live with top‑notch Cyber Threat Intelligence. Our #TLPCLEAR sessions are streamed on YouTube - no Lederhosen required 😉
    👉 youtube.com/watch?v=DMAqEP2Kqgs
    #CTI #InfoSec

  20. Servus from #FIRSTCTI26! 🥨
    Day 2 is live with top‑notch Cyber Threat Intelligence. Our #TLPCLEAR sessions are streamed on YouTube - no Lederhosen required 😉
    👉 youtube.com/watch?v=DMAqEP2Kqgs
    #CTI #InfoSec

  21. Day 3 begins with gratitude for this community and the work happening here in Munich. One more day of insights, connection, and shared purpose. 🤝 #FIRSTCTI26 #cyberthreatintelligence #threatintel 🔗go.first.org/1OpsO

  22. Day 3 begins with gratitude for this community and the work happening here in Munich. One more day of insights, connection, and shared purpose. 🤝 #FIRSTCTI26 #cyberthreatintelligence #threatintel 🔗go.first.org/1OpsO

  23. Day 3 begins with gratitude for this community and the work happening here in Munich. One more day of insights, connection, and shared purpose. 🤝 #FIRSTCTI26 #cyberthreatintelligence #threatintel 🔗go.first.org/1OpsO

  24. Day 3 begins with gratitude for this community and the work happening here in Munich. One more day of insights, connection, and shared purpose. 🤝 #FIRSTCTI26 #cyberthreatintelligence #threatintel 🔗go.first.org/1OpsO

  25. Day 3 begins with gratitude for this community and the work happening here in Munich. One more day of insights, connection, and shared purpose. 🤝 #FIRSTCTI26 #cyberthreatintelligence #threatintel 🔗go.first.org/1OpsO

  26. Guten Morgen from Munich! ☕
    #FIRSTCTI26 is LIVE and #CyberThreatIntelligence is flowing!
    🔍💥 Jump into the TLP:CLEAR sessions streaming right now on YouTube:
    👉 youtube.com/watch?v=-9GbyvoktXc
    Prost to great CTI! 🍻
    #FIRSTCTI26 #CyberThreatIntelligence #CTI #Infosec #Munich

  27. Guten Morgen from Munich! ☕
    #FIRSTCTI26 is LIVE and #CyberThreatIntelligence is flowing!
    🔍💥 Jump into the TLP:CLEAR sessions streaming right now on YouTube:
    👉 youtube.com/watch?v=-9GbyvoktXc
    Prost to great CTI! 🍻
    #FIRSTCTI26 #CyberThreatIntelligence #CTI #Infosec #Munich

  28. Guten Morgen from Munich! ☕
    #FIRSTCTI26 is LIVE and #CyberThreatIntelligence is flowing!
    🔍💥 Jump into the TLP:CLEAR sessions streaming right now on YouTube:
    👉 youtube.com/watch?v=-9GbyvoktXc
    Prost to great CTI! 🍻
    #FIRSTCTI26 #CyberThreatIntelligence #CTI #Infosec #Munich

  29. Guten Morgen from Munich! ☕
    #FIRSTCTI26 is LIVE and #CyberThreatIntelligence is flowing!
    🔍💥 Jump into the TLP:CLEAR sessions streaming right now on YouTube:
    👉 youtube.com/watch?v=-9GbyvoktXc
    Prost to great CTI! 🍻
    #FIRSTCTI26 #CyberThreatIntelligence #CTI #Infosec #Munich

  30. Guten Morgen from Munich! ☕
    #FIRSTCTI26 is LIVE and #CyberThreatIntelligence is flowing!
    🔍💥 Jump into the TLP:CLEAR sessions streaming right now on YouTube:
    👉 youtube.com/watch?v=-9GbyvoktXc
    Prost to great CTI! 🍻
    #FIRSTCTI26 #CyberThreatIntelligence #CTI #Infosec #Munich

  31. Day 2 begins with the same energy and curiosity that makes this CTI community so strong. Looking forward to another full day of shared insights and meaningful dialogue. 🤝✨ #FIRSTCTI26 #cyberthreatintelligence #threatintel 🔗go.first.org/1OpsO

  32. Day 2 begins with the same energy and curiosity that makes this CTI community so strong. Looking forward to another full day of shared insights and meaningful dialogue. 🤝✨ #FIRSTCTI26 #cyberthreatintelligence #threatintel 🔗go.first.org/1OpsO

  33. Day 2 begins with the same energy and curiosity that makes this CTI community so strong. Looking forward to another full day of shared insights and meaningful dialogue. 🤝✨ #FIRSTCTI26 #cyberthreatintelligence #threatintel 🔗go.first.org/1OpsO

  34. Day 2 begins with the same energy and curiosity that makes this CTI community so strong. Looking forward to another full day of shared insights and meaningful dialogue. 🤝✨ #FIRSTCTI26 #cyberthreatintelligence #threatintel 🔗go.first.org/1OpsO

  35. Day 2 begins with the same energy and curiosity that makes this CTI community so strong. Looking forward to another full day of shared insights and meaningful dialogue. 🤝✨ #FIRSTCTI26 #cyberthreatintelligence #threatintel 🔗go.first.org/1OpsO

  36. Day 1 of the FIRST Cyber Threat Intelligence Conference is officially underway here in #Munich. We’re kicking off three days of insights, collaboration, and forward‑thinking discussions shaping the future of CTI. 🛡️✨ #FIRSTCTI26 #cyberthreatintelligence #threatintel 🔗go.first.org/1OpsO

  37. Day 1 of the FIRST Cyber Threat Intelligence Conference is officially underway here in #Munich. We’re kicking off three days of insights, collaboration, and forward‑thinking discussions shaping the future of CTI. 🛡️✨ #FIRSTCTI26 #cyberthreatintelligence #threatintel 🔗go.first.org/1OpsO

  38. Day 1 of the FIRST Cyber Threat Intelligence Conference is officially underway here in #Munich. We’re kicking off three days of insights, collaboration, and forward‑thinking discussions shaping the future of CTI. 🛡️✨ #FIRSTCTI26 #cyberthreatintelligence #threatintel 🔗go.first.org/1OpsO

  39. Day 1 of the FIRST Cyber Threat Intelligence Conference is officially underway here in #Munich. We’re kicking off three days of insights, collaboration, and forward‑thinking discussions shaping the future of CTI. 🛡️✨ #FIRSTCTI26 #cyberthreatintelligence #threatintel 🔗go.first.org/1OpsO

  40. Day 1 of the FIRST Cyber Threat Intelligence Conference is officially underway here in #Munich. We’re kicking off three days of insights, collaboration, and forward‑thinking discussions shaping the future of CTI. 🛡️✨ #FIRSTCTI26 #cyberthreatintelligence #threatintel 🔗go.first.org/1OpsO

  41. We’re heading back to where it all began — Munich. FIRST’s Cyber Threat Intelligence Conference returns next week April 21-23, bringing together experts shaping the future of CTI. 🛡️✨ #FIRSTCTI26 #cyberthreatintelligence #threatintel 🔗go.first.org/1OpsO

  42. We’re heading back to where it all began — Munich. FIRST’s Cyber Threat Intelligence Conference returns next week April 21-23, bringing together experts shaping the future of CTI. 🛡️✨ #FIRSTCTI26 #cyberthreatintelligence #threatintel 🔗go.first.org/1OpsO

  43. We’re heading back to where it all began — Munich. FIRST’s Cyber Threat Intelligence Conference returns next week April 21-23, bringing together experts shaping the future of CTI. 🛡️✨ #FIRSTCTI26 #cyberthreatintelligence #threatintel 🔗go.first.org/1OpsO

  44. We’re heading back to where it all began — Munich. FIRST’s Cyber Threat Intelligence Conference returns next week April 21-23, bringing together experts shaping the future of CTI. 🛡️✨ #FIRSTCTI26 #cyberthreatintelligence #threatintel 🔗go.first.org/1OpsO