Overview

At Blackwire Labs, the quality and trustworthiness of information sources utilized in the Cybersecurity domain are of utmost importance. To maintain the reliability of our applications, we have developed a robust source evaluation framework. This ensures that all data and intelligence meet the strictest criteria in terms of expertise, credibility, and alignment with industry standards.

Key Elements in Source Evaluation:

1. Author expertise and reputation: The credentials and recognized expertise of the source author.

2. Organizational credibility: Reputation and historical trustworthiness of the source organization.

3. Originality: Content creation vs. syndication of third-party information.

4. Alignment with industry standards: Conformance to best practices in the cybersecurity field.

5. Timeliness: Up-to-date information relevant to ongoing cybersecurity trends.

6. Verifiability: Ability to cross-check and authenticate the data.

Source Tiers

Category 1 - Industry-Recognized Agencies

These are trusted authorities and gold-standard sources in the field of cybersecurity. Examples include:

• CISA

• NSA

• NIST

• MITRE

These agencies provide frameworks, guidance, and analyses that form the foundation of cybersecurity best practices.

Category 2 - Blackwire Labs & CCOE Created Content

This category encompasses:

• Original research

• Expert interviews

• Proprietary data from Blackwire Labs and the Cybersecurity Community of Excellence (CCOE).

These sources provide unique insights and highly credible information that contribute to the advancement of cybersecurity practices.

Category 3 - Trusted Third-Party Vendors & Open Source Reporting

This includes:

• Crowdstrike

• Microsoft

• Zero-Day Initiative (ZDI)

• Dark Reading

• Dragos

  
  

These sources offer real-time threat intelligence and valuable insights into the rapidly evolving landscape of cybersecurity threats.

Reference Data Types

Blackwire employs three types of references to present our sources in the Blackwire application which ensure clarity and trustworthiness in the information presented:

1. [Green] TrustWire Certified Document

Minted on the blockchain using TrustWire (immutable, zero-knowledge-proof driven chain of record). Only the document section used in inference is available for view. Users can click through to validate the document cryptographically.

2. [Dark Blue] Vetted Websites

Dynamically loaded sources like news cycle items, alerts, and blogs from trusted organizations. We store the content at the point in time, and users may click through and explore directly. Examples include:

• Microsoft Security Response Center (MSRC)

• Zero-Day Initiative (ZDI)

• NIST

  
  

3. [Light Blue] Vetted Media

Individually vetted videos or audio content that users can explore in their entirety. These sources offer unique perspectives from industry experts and thought leaders. Examples include:

• Podcasts & Videos

• Industry Luminaries

• Conference Presentations

Evaluation Criteria

Each source is rigorously assessed based on multiple dimensions:

• Expertise: Is the author or creator a known expert in the field?

• Credibility: Is the organization reputable and trusted in the industry?

• Relevance: Is the content applicable to current cybersecurity challenges?

• Timeliness: Is the information up-to-date and relevant to ongoing trends?

• Verifiability: Can the data be cross-referenced or authenticated?

Continuous Updates

Blackwire Labs ensures that all information remains current by dynamically updating our source repository with the latest insights and threat intelligence. This allows practitioners to make well-informed, timely decisions for enhanced security posture.

By following this structured approach, Blackwire Labs delivers highly credible, up-to-date, and actionable intelligence to bolster your organization's cybersecurity efforts.