In the presentation that threat intel vendors do not want you to see, open source and internal data meets home grown resources to produce actionable threat intelligence that your organization can leverage to stop the bad guys. This presentation discusses using what your already have to bootstrap this capability using existing data management platforms with open and flexible schemas to ease identification of advanced threats. Specific topics covered include the advantages of using open and flexible platforms that can be molded into a data repository, a case tracking system, and an Indicator Database. By analyzing this data using techniques such as the Cyber Kill Chain and Diamond Model for Intrusion Analysis, organizations can create Campaign and Adversary tracking artifacts that evolve into actionable threat intelligence and guide other investigative activities such as Data Fusion and Hunting. And yeah … threat intel vendors still hold a role in ultimate threat intelligence nirvana but there is a lot you should do on your own first in order to better understand your requirements in searching for that ideal partner.