The traditional response model for blue teams, designed with years of experience with virus and worm outbreaks, starts to become less effective when applied to adversaries who are actively attempting to bypass your defenses. The days of simply responding to alerts are over and a shift to employing more "active" defenses and developing intelligence about threat actors has started. This presentation will discuss developing a defense that “blitzes” how to gather threat intelligence via open source data, how to analyze and extract data from attacks against your environment, and how to establish a more "active defense" of your network.