Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Operationalizing Threat Intelligence

You're reading from   Operationalizing Threat Intelligence A guide to developing and operationalizing cyber threat intelligence programs

Arrow left icon
Product type Paperback
Published in Jun 2022
Publisher Packt
ISBN-13 9781801814683
Length 460 pages
Edition 1st Edition
Arrow right icon
Authors (2):
Arrow left icon
Joseph Opacki Joseph Opacki
Author Profile Icon Joseph Opacki
Joseph Opacki
Kyle Wilhoit Kyle Wilhoit
Author Profile Icon Kyle Wilhoit
Kyle Wilhoit
Arrow right icon
View More author details
Toc

Table of Contents (18) Chapters Close

Preface 1. Section 1: What Is Threat Intelligence?
2. Chapter 1: Why You Need a Threat Intelligence Program FREE CHAPTER 3. Chapter 2: Threat Actors, Campaigns, and Tooling 4. Chapter 3: Guidelines and Policies 5. Chapter 4: Threat Intelligence Frameworks, Standards, Models, and Platforms 6. Section 2: How to Collect Threat Intelligence
7. Chapter 5: Operational Security (OPSEC) 8. Chapter 6: Technical Threat Intelligence – Collection 9. Chapter 7: Technical Threat Analysis – Enrichment 10. Chapter 8: Technical Threat Analysis – Threat Hunting and Pivoting 11. Chapter 9: Technical Threat Analysis – Similarity Analysis 12. Section 3: What to Do with Threat Intelligence
13. Chapter 10: Preparation and Dissemination 14. Chapter 11: Fusion into Other Enterprise Operations 15. Chapter 12: Overview of Datasets and Their Practical Application 16. Chapter 13: Conclusion 17. Other Books You May Enjoy

Chapter 1: Why You Need a Threat Intelligence Program

Today, almost every organization has a digital footprint, and this alone makes any organization a target of opportunity for threat actors who have malicious intent.

So, something happened, right? Ransomware? Supply chain attack? Ransomware because of a supply chain attack? Something worse? Often, individuals and organizations experience a revelation during times of concern or crisis that causes them to explore other options. Through the process of discovery, if you have come across the term threat intelligence and want to know more about how it can assist in maturing your security posture or protecting your organization, great! We're glad you made it here because we're here to help.

Threat intelligence, a mystery to many, is a science to some. The how, where, when, and why of technical threat intelligence collection and enrichment is a complex topic, with many facets to explore. The objective of this chapter is to introduce core concepts related to technical threat intelligence, including the motivation, models, and methods by which threat intelligence can be collected and enriched.

Specifically, in this chapter, we are going to cover the following topics:

  • What is Cyber Threat Intelligence (CTI), and why is it important?
  • Tactical, strategic, operational, and technical CTI
  • The uses and benefits of CTI
  • How to get CTI
  • What is good CTI?
  • Intelligence life cycles
  • Threat intelligence maturity, detection, and hunting models
  • What to do with threat intelligence
You have been reading a chapter from
Operationalizing Threat Intelligence
Published in: Jun 2022
Publisher: Packt
ISBN-13: 9781801814683
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image