A new threat emerges. This could be new malware, new exploitation techniques, new types/classes of vulnerabilities, new cloud attack vectors, whatever it is - the new threats leave every SOC globally, and individually, struggling to understand the threat in order to mitigate and detect

This is horribly inefficient. We need something that scales better! I want point out this global inefficiency in order to explain why we need to issue a call for action.

What's being done today is that researchers are trying to document their work researching malware, or forensically following the traces of attackers in networks/clouds, or detection teams sharing detections they built to address MITRE ATT&CK techniques. But they're sharing without a standard methodology or framework or even approach, and it also does not scale very well and the shared knowledge is never incorporated into a global body of knowledge.