Threat intelligence teams are drowning in data—PDF reports, email threads, forum discussions, and both open-source and premium threat feeds. Manually extracting meaningful insights, correlating indicators, and enriching IOCs is time-consuming, inefficient, and prone to error. But what if we could change that?

In this talk, we’ll explore how Large Language Models (LLMs) can be integrated with MCPs to automate and enhance the threat intelligence workflow. We’ll walk through real-world applications where LLMs:

Parse and understand unstructured reports & conversations, extracting IOCs, TTPs, and threat actor details from sources like PDFs, chats, and threat advisories.

Enrich IOCs in real time, cross-referencing with OSINT, threat databases, and internal telemetry for deeper context.

Correlate and prioritize threats, reducing false positives and delivering high-fidelity intelligence for security teams.

Automate intelligence generation, feeding enriched IOCs into SIEMs, SOAR platforms, and investigative workflows.

Leverage Model Context Protocol (MCP) for seamless integration, enabling LLMs to fetch, process, and correlate data from multiple threat intelligence sources dynamically.

Discover practical implementations, key challenges, and proven best practices for adopting AI-driven threat intelligence. If you’re looking to enhance detection capabilities and accelerate threat analysis using AI, this session is for you.