You're reading from Operationalizing Threat Intelligence A guide to developing and operationalizing cyber threat intelligence programs

Product type Paperback

Published in Jun 2022

Publisher Packt

ISBN-13 9781801814683

Length 460 pages

Edition 1st Edition

Tools

Kali Linux

Concepts

Threat Hunting

Authors (2):

Joseph Opacki

Kyle Wilhoit

View More author details

Table of Contents (18) Chapters

Preface

1. Section 1: What Is Threat Intelligence?

2. Chapter 1: Why You Need a Threat Intelligence Program FREE CHAPTER

3. Chapter 2: Threat Actors, Campaigns, and Tooling

4. Chapter 3: Guidelines and Policies

5. Chapter 4: Threat Intelligence Frameworks, Standards, Models, and Platforms

6. Section 2: How to Collect Threat Intelligence

7. Chapter 5: Operational Security (OPSEC)

8. Chapter 6: Technical Threat Intelligence – Collection

9. Chapter 7: Technical Threat Analysis – Enrichment

10. Chapter 8: Technical Threat Analysis – Threat Hunting and Pivoting

11. Chapter 9: Technical Threat Analysis – Similarity Analysis

12. Section 3: What to Do with Threat Intelligence

13. Chapter 10: Preparation and Dissemination

14. Chapter 11: Fusion into Other Enterprise Operations

15. Chapter 12: Overview of Datasets and Their Practical Application

16. Chapter 13: Conclusion

17. Other Books You May Enjoy

Preface

The volume of cyber threat events that occur has reached a point at which the world is talking about numerous attacks against various organizations' attack surfaces daily. Additionally, the reasoning behind these attacks ranges from opportunistic to financially motivated to revenge, and even to support ongoing physical conflicts between nations. It's no longer a question of if you or your organization will be impacted by a cyber threat event; it's now a question of when.

This book is written for one purpose, and that is to introduce individuals and organizations to cyber threat intelligence operations. In this book, we take you through the process of evaluating the cyber threat intelligence life cycle and discuss the various motivations, operating processes, and points to consider when establishing or maturing a cyber threat intelligence program. During the process, you are introduced to the different phases of the intelligence life cycle that assist you with understanding your knowledge gaps, evaluating threats, building a program to collect data about threats, analyzing those threats, and using the information collected to make hypotheses that inform strategic decision making about the threats most organization are facing.

By the end of this book, you will be able to build a cyber threat intelligence program that focuses on threat actors, campaigns, and actor tools, in addition to establishing processes and procedures that focus on the analysis and enrichment of technical data collection about threats that will assist you or any organization with key decision making around security posture improvements.