You're reading from Mastering Cyber Intelligence Gain comprehensive knowledge and skills to conduct threat intelligence for effective system defense

Product type Paperback

Published in Apr 2022

Publisher Packt

ISBN-13 9781800209404

Length 528 pages

Edition 1st Edition

Concepts

Cybersecurity

Author (1):

Jean Nestor M. Dahj

View More author details

Table of Contents (20) Chapters

Preface

1. Section 1: Cyber Threat Intelligence Life Cycle, Requirements, and Tradecraft

2. Chapter 1: Cyber Threat Intelligence Life Cycle FREE CHAPTER

3. Chapter 2: Requirements and Intelligence Team Implementation

4. Chapter 3: Cyber Threat Intelligence Frameworks

5. Chapter 4: Cyber Threat Intelligence Tradecraft and Standards

6. Chapter 5: Goal Setting, Procedures for CTI Strategy, and Practical Use Cases

7. Section 2: Cyber Threat Analytical Modeling and Defensive Mechanisms

8. Chapter 6: Cyber Threat Modeling and Adversary Analysis

9. Chapter 7: Threat Intelligence Data Sources

10. Chapter 8: Effective Defense Tactics and Data Protection

11. Chapter 9: AI Applications in Cyber Threat Analytics

12. Chapter 10: Threat Modeling and Analysis – Practical Use Cases

13. Section 3: Integrating Cyber Threat Intelligence Strategy to Business processes

14. Chapter 11: Usable Security: Threat Intelligence as Part of the Process

15. Chapter 12: SIEM Solutions and Intelligence-Driven SOCs

16. Chapter 13: Threat Intelligence Metrics, Indicators of Compromise, and the Pyramid of Pain

17. Chapter 14: Threat Intelligence Reporting and Dissemination

18. Chapter 15: Threat Intelligence Sharing and Cyber Activity Attribution – Practical Use Cases

19. Other Books You May Enjoy

Case study 1 – CTI for Level 1 organizations

A Level 1 organization has a limited cybersecurity infrastructure and does not have a TIP but wants to include one in its security operations.

Objective

The intelligence objectives for Level 1 organizations are to establish adversary activity monitoring and improved decision-making. The focus is on external and internal adversaries. The output of such analytics is used to make business decisions.

Strategy

Level 1 organizations can implement a CTI team or invest in a CTI program by following these strategic steps:

Create a centralized CTI team: We assume that the organization has limited resources and no need to create a distributed intelligence team. Instead, the organization should use either internally trained security analysts or outsource tasks to some experienced intelligence analysts to start the project.
Select a TIP: Depending on the budget, Level 1 organizations can use a paid TIP with a limited subscription...