Active Defense can be thought of as martial art. Each martial art has its school of moves that focus on attacking, defending, or a mix of both. Each discipline has its own style and moves that makes it unique and addresses the basic need for self-defense. Krav Maga is a combination of attacking the opponent's critical vulnerabilities, while defending is something that we can relate military cyber operations to.

We are going to talk about how to use a Jiu Jitsu approach, which is to redirect an opponent's energy and momentum to where they want them to go.

Information gathering can come from two sources, either internally or externally, to be inputs in our cyber intelligence capability. Some information can be automatically gathered through log aggregation and other information can be acquired through word of mouth. How we handle the actions once the information is received will rely on the level of integration of the different components of an IT and security team to address the issues. To better understand how we can achieve this integration, we will discuss the manual and automated aspects of Active Defense.