Mastering cyber intelligence gain comprehensive knowledge and skills to conduct threat intelligence for effective system defense
Develop the analytical skills to effectively safeguard your organization by enhancing defense mechanisms, and become a proficient threat intelligence analyst to help strategic teams in making informed decisions Key Features Build the analytics skills and practices you need for analyzing, detecting,...
| Main Author: | |
|---|---|
| Format: | eBook |
| Language: | English |
| Published: |
Birmingham
Packt Publishing, Limited,
2022.
|
| Subjects: | |
| Online Access: | EBSCOhost Перейти в каталог НБ ТГУ |
Table of Contents:
- Cover
- Title Page
- Copyright
- Dedication
- Contributors
- Table of Contents
- Preface
- Section 1: Cyber Threat Intelligence Life Cycle, Requirements, and Tradecraft
- Chapter 1: Cyber Threat Intelligence Life Cycle
- Technical requirements
- Cyber threat intelligence
- a global overview
- Characteristics of a threat
- Threat intelligence and data security challenges
- Importance and benefits of threat intelligence
- Planning, objectives, and direction
- Intelligence data collection
- Intelligence data processing
- Analysis and production
- Threat intelligence dissemination
- Threat intelligence feedback
- Summary
- Chapter 2: Requirements and Intelligence Team Implementation
- Technical requirements
- Threat intelligence requirements and prioritization
- Prioritizing intelligence requirements
- Requirements development
- Operational environment definition
- Network defense impact description
- Current cyber threats
- evaluation
- Developing a course of action
- Intelligence preparation for intelligence requirements
- Intelligence team layout and prerequisites
- Intelligence team implementation
- Intelligence team structuring
- Intelligence team application areas
- Summary
- Chapter 3: Cyber Threat Intelligence Frameworks
- Technical requirements
- Intelligence frameworks
- overview
- Why cyber threat frameworks?
- Cyber threat framework architecture and operating model
- Lockheed Martin's Cyber Kill Chain framework
- Use case
- Lockheed Martin's Cyber Kill Chain model mapping
- Integrating the Cyber Kill Chain model into an intelligence project
- Benefits of the Cyber Kill Chain framework
- MITRE's ATT&CK knowledge-based framework
- How it works
- Use case
- ATT&CK model mapping
- Integrating the MITRE ATT&CK framework
- Benefits of the ATT&CK framework
- Diamond model of intrusion analysis framework
- How it works
- Use case
- Diamond model of intrusion analysis
- Integrating the Diamond model into intelligence projects
- Benefits of the Diamond model
- Summary
- Chapter 4: Cyber Threat Intelligence Tradecraft and Standards
- Technical requirements
- The baseline of intelligence analytic tradecraft
- Note 1
- Addressing CTI consumers' interests
- Note 2
- Access and credibility
- Note 3
- Articulation of assumptions
- Note 4
- Outlook
- Note 5
- Facts and sourcing
- Note 6
- Analytic expertise
- Note 7
- Effective summary
- Note 8
- Implementation analysis
- Note 9
- Conclusions
- Note 10
- Tradecraft and counterintelligence
- Understanding and adapting ICD 203 to CTI
- Understanding the STIX standard
- Using STIX for cyber threat analysis
- Specifying threat indicator patterns using STIX
- Using the STIX standard for threat response management
- Threat intelligence information sharing
- Understanding the STIX v2 standard
- Understanding the TAXII standard
- How TAXII standard works