Security Weekly
Full episode and show notes

Beyond IOCs: A Framework for High-Impact Cyber Threat Intelligence – Samuel Hassine – RSAC26 #3

In a time where the ability to turn intelligence into decisive action is a true competitive advantage, organizations must move beyond reactive alert triage to a proactive, threat-informed defense. This segment explores how unifying threat intelligence with adversarial attack simulation enables a Continuous Threat Exposure Management (CTEM) framework that replaces hype with measurable outcomes. We will discuss why these are no longer just technical security conversations, but critical business strategies that provide the board and C-suite with the clarity and confidence to reduce risk and focus resources where they matter most. Segment Resources: Blog: https://filigran.io/our-blog/ CTEM blog:...

This episode is sponsored by
Full Segment Notes

In a time where the ability to turn intelligence into decisive action is a true competitive advantage, organizations must move beyond reactive alert triage to a proactive, threat-informed defense. This segment explores how unifying threat intelligence with adversarial attack simulation enables a Continuous Threat Exposure Management (CTEM) framework that replaces hype with measurable outcomes. We will discuss why these are no longer just technical security conversations, but critical business strategies that provide the board and C-suite with the clarity and confidence to reduce risk and focus resources where they matter most.

Segment Resources:

Blog: https://filigran.io/our-blog/ CTEM blog: https://filigran.io/ctem-but-without-the-hype-turning-intel-and-validation-into-outcomes/ Github: https://github.com/FiligranHQ Filigran Community: https://filigran-community.slack.com/ Filigran Academy: https://academy.filigran.io/ Get a tailored demo: https://filigran.io/book-a-demo/

This segment is sponsored by Filigran. Visit https://securityweekly.com/filigranrsac to learn more about them!

Read the interview summary from SC Media here: Filigran’s Samuel Hassine on a framework for high-impact cyber threat intelligence

Key Moments
  • 0:00 - Introduction & RSAC 2026 Interview
  • 0:20 - Topic Overview: Beyond IOCs & Threat Intelligence
  • 01:02 - What Modern Threat Intelligence Really Means
  • 01:57 - OpenCTI Platform & Intelligence Aggregation
  • 02:18 - Pyramid of Pain & Intelligence Lifecycle
  • 03:14 - Measuring Security Value & ROI Challenges
  • 03:51 - From Intelligence to Threat-Informed Defense (CTEM)
  • 05:23 - Continuous Threat Exposure Management Explained
  • 06:50 - Validation Challenges in Real Environments
  • 08:42 - AI, Agentic Security & Validation Risks
  • 10:08 - Importance of High-Quality Threat Intelligence
  • 11:27 - Exploitation vs Real Risk Explained
  • 12:45 - Why Speed Matters in Cybersecurity Defense
  • 13:40 - How Defenders Can Get Faster
  • 14:54 - Proactive Security & Continuous Testing
  • 15:48 - Learning from Past Incidents
  • 15:53 - Closing Thoughts & Key Takeaways
Guest
CEO and co-founder at Filigran

Former Head of Cyber Threat Intelligence at the French Cybersecurity Agency (ANSSI) and Director of Cybersecurity Strategy at Tanium, Samuel Hassine is the CEO and the co-founder of Filigran, a fast-growing European CyberTech developing cutting-edge solutions for cyber threat management.

Show More

Stay in the Know, No Smoke and Mirrors – Join Our Newsletter

Get expert insights and technical breakdowns straight to your inbox.
Join Now

Related Segments

Related Content

You can skip this ad in 5 seconds