In the aftermath of the fall of Evernote as an inexpensive threat intel platform, free and low cost solutions have awoken from its dismantled remains to give hope to defenders everywhere. This presentation continues on with grecs’ threat intel series of talks covering lessons learned from his Evernote experiment and pivots towards improved data structures and newly discovered enterprise-friendly intelligence platforms to support them. And fresh off restrictions from previous employment grecs will discuss the process for bootstrapping and maturing your own threat intel program and describe a step-by-step framework for generating your own actionable intelligence to ease identification of advanced threats. As part of this fun Star Wars themed talk, grecs will release a VM with several tools integrated to get you started.