BUILD OR BUY?
A THREAT INTELLIGENCE PLATFORM
There are many factors to take into account when deciding whether to build or buy a cyber threat intelligence platform. Here are 5 key considerations.
Finding someone, let alone a small development team, with the skillset to build core software components of a cyber threat intelligence platform (TIP) is rare. Building an internal team to support even a small homegrown application will require a minimum of four full-time employees: two developers, a dedicated database/big data engineer and a quality assurance resource. Foregoing a dedicated resource and only delivering a subset of this functionality will quickly reach a ceiling of effectiveness significantly short of your end goal.
As a cyber threat intelligence platform gets more use, analysts’ feature requests will naturally increase — especially if the goal of the TIP is to aggregate intelligence across several teams or departments. Resources are needed to drive real innovation, or you’ll be playing catch-up with other solutions offered by companies in the TIP business.
Consider the time it will take you to properly design, architect, develop and test a fully functional cyber threat intelligence platform. Evaluating and implementing third-party solutions with a vendor can get you up and running in a matter of weeks versus months. Additional time means your threat operations program won’t be able to perform as you need it to, and this affords adversaries a greater window of opportunity to launch attacks.