** work in progress **
Whether on the threat hunting team, or the monitoring and detection team, the SPACE opsec analysis tool may help. Let's see how it can apply to Information Security.
SPACE is an acronym that every good analyst should use, especially where it concerns community security. Its roots are in our operational security (OPSEC) manual, and when the adversary doesn’t care enough to implement SPACE into his security considerations, it’s our job as collectors and analyzers of information to exploit their mistakes. (1)
On the CSIRT team we are collectors and analyzers of information regarding our information systems and we need to look for, exploit, the mistakes of our adversary.