Chapter 3: Cyber Threat Intelligence Frameworks
Organizations are filled with security tools from different vendors for different tasks. You will likely find one tool that performs vulnerability assessment, another that serves malware analysis, and an additional tool for fraud detection and data monitoring. Even an average organization has a good arsenal of security tools because most of the time, the strategic team acquires new tools as the needs manifest. However, if they're not integrated appropriately, those tools can create a complex ecosystem that makes security tracking difficult. Such resource chaos not only slows the response effectiveness to threats; it also makes it difficult to justify the Return On Investment (ROI) of the entire system.
This chapter focuses on common threat intelligence frameworks, selecting the appropriate one for the CTI project, and how they can be used to build intelligence. We will expand on how each component or step of the traditional intelligence...
