# Next steps and resources
<a name="next-steps"></a>

Consider your organization's assets, sector, and threat environment. These factors should inform the trust communities that you choose to join for cyber threat intelligence sharing. Many cyber authorities around the world offer threat intelligence feeds. Consider what is on offer and choose the best for your organization's use case. Use this guide as a modular approach, and tailor it accordingly for your organization.

We recommend that you review the following additional resources. These resources can help you build or deploy a threat intelligence platform in your AWS environment and help you set up cyber threat intelligence sharing.

## AWS resources
<a name="aws-resources"></a>
+ [AWS Architecture Center](https://aws.amazon.com/architecture/)
+ [AWS re:Inforce 2024 - Cyber threat intelligence sharing on AWS](https://www.youtube.com/watch?v=ufNNHBPPjQU) (video)
+ [AWS Summit ANZ 2023: Scaling cyber threat intelligence sharing with the AUS Cyber Security Center](https://www.youtube.com/watch?v=0P8snWhCN4I) (video)

## AWS service documentation
<a name="aws-documentation"></a>
+ [Amazon DynamoDB documentation](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Introduction.html)
+ [Amazon EventBridge documentation](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-what-is.html)
+ [Amazon GuardDuty documentation](https://docs.aws.amazon.com/guardduty/latest/ug/what-is-guardduty.html)
+ [AWS Lambda documentation](https://docs.aws.amazon.com/lambda/latest/dg/welcome.html)
+ [AWS Network Firewall documentation](https://docs.aws.amazon.com/network-firewall/latest/developerguide/what-is-aws-network-firewall.html)
+ [Amazon Route 53 Resolver DNS Firewall documentation](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/resolver-dns-firewall.html)
+ [AWS Security Hub CSPM documentation](https://docs.aws.amazon.com/securityhub/latest/userguide/what-is-securityhub.html)
+ [Amazon Security Lake documentation](https://docs.aws.amazon.com/security-lake/latest/userguide/what-is-security-lake.html)
+ [Amazon Simple Storage Service (Amazon S3) documentation](https://docs.aws.amazon.com/AmazonS3/latest/userguide/Welcome.html)
+ [AWS Step Functions documentation](https://docs.aws.amazon.com/step-functions/latest/dg/welcome.html)

## STIX resources
<a name="stix-resources"></a>
+ [STIX 2.1 Examples](https://oasis-open.github.io/cti-documentation/stix/examples.html)
+ [Indicator for Malicious URL](https://oasis-open.github.io/cti-documentation/examples/indicator-for-malicious-url)

## Threat intelligence platforms
<a name="threat-intelligence-platforms"></a>
+ [OpenCTI](https://github.com/OpenCTI-Platform/opencti)
+ [MISP](https://www.misp-project.org/)