Assessing community threat feed quality without authorship

InsightIDR
1

Very keen to start subscribing to some of the community threat feeds but none of them say who has published them so not sure which are higher or lower quality based

Curious to hear how others decide what they are going to subscribe to. Do you make a guess at quality based on number of subscribers and reported false positives?

2

I try to read the description in order to get feedback of where are the IoC obtained from.

3

ah okay thanks! i wasn’t looking closely enough.

Some don’t have descriptions, some say the subject but not the specific source but yeah some do give the source.