Operationalizing Threat Intelligence: A guide to developing and operationalizing cyber threat intelligence programs

Wilhoit, Kyle, Opacki, Joseph

  • 出版商: Packt Publishing
  • 出版日期: 2022-06-17
  • 售價: $1,750
  • 貴賓價: 9.5$1,663
  • 語言: 英文
  • 頁數: 460
  • 裝訂: Quality Paper - also called trade paper
  • ISBN: 1801814686
  • ISBN-13: 9781801814683
  • 相關分類: 資訊安全駭客 Hack
  • 立即出貨 (庫存=1)

買這商品的人也買了...

相關主題

商品描述

Learn cyber threat intelligence fundamentals to implement and operationalize an organizational intelligence program

Key Features

- Develop and implement a threat intelligence program from scratch
- Discover techniques to perform cyber threat intelligence, collection, and analysis using open-source tools
- Leverage a combination of theory and practice that will help you prepare a solid foundation for operationalizing threat intelligence programs

Book Description

We're living in an era where cyber threat intelligence is becoming more important. Cyber threat intelligence routinely informs tactical and strategic decision-making throughout organizational operations. However, finding the right resources on the fundamentals of operationalizing a threat intelligence function can be challenging, and that's where this book helps.

In Operationalizing Threat Intelligence, you'll explore cyber threat intelligence in five fundamental areas: defining threat intelligence, developing threat intelligence, collecting threat intelligence, enrichment and analysis, and finally production of threat intelligence. You'll start by finding out what threat intelligence is and where it can be applied. Next, you'll discover techniques for performing cyber threat intelligence collection and analysis using open source tools. The book also examines commonly used frameworks and policies as well as fundamental operational security concepts. Later, you'll focus on enriching and analyzing threat intelligence through pivoting and threat hunting. Finally, you'll examine detailed mechanisms for the production of intelligence.

By the end of this book, you'll be equipped with the right tools and understand what it takes to operationalize your own threat intelligence function, from collection to production.

What you will learn

- Discover types of threat actors and their common tactics and techniques
- Understand the core tenets of cyber threat intelligence
- Discover cyber threat intelligence policies, procedures, and frameworks
- Explore the fundamentals relating to collecting cyber threat intelligence
- Understand fundamentals about threat intelligence enrichment and analysis
- Understand what threat hunting and pivoting are, along with examples
- Focus on putting threat intelligence into production
- Explore techniques for performing threat analysis, pivoting, and hunting

Who this book is for

This book is for cybersecurity professionals, security analysts, security enthusiasts, and anyone who is just getting started and looking to explore threat intelligence in more detail. Those working in different security roles will also be able to explore threat intelligence with the help of this security book.

商品描述(中文翻譯)

學習網絡威脅情報基礎,實施和運作組織情報計劃

主要特點

- 從零開始開發和實施威脅情報計劃
- 使用開源工具進行網絡威脅情報收集和分析的技巧
- 結合理論和實踐,為運作威脅情報計劃打下堅實基礎

書籍描述

我們正處於網絡威脅情報變得更加重要的時代。網絡威脅情報在組織運營中經常用於戰術和戰略決策。然而,找到有關運作威脅情報功能基礎的正確資源可能具有挑戰性,這就是本書的幫助所在。

在《運作威脅情報》中,您將探索五個基本領域的網絡威脅情報:定義威脅情報、開發威脅情報、收集威脅情報、豐富和分析威脅情報,最後是威脅情報的產出。您將首先了解威脅情報是什麼以及它可以應用在哪裡。接下來,您將探索使用開源工具進行網絡威脅情報收集和分析的技巧。本書還探討了常用的框架和政策,以及基本的運營安全概念。之後,您將專注於通過轉向和威脅搜索豐富和分析威脅情報。最後,您將研究威脅情報的詳細機制。

通過閱讀本書,您將掌握運作自己的威脅情報功能所需的工具和知識,從收集到產出。

您將學到什麼

- 了解威脅行為者的類型以及他們常用的戰術和技術
- 理解網絡威脅情報的核心原則
- 探索網絡威脅情報的政策、程序和框架
- 探索有關收集網絡威脅情報的基礎知識
- 了解威脅情報豐富和分析的基礎知識
- 了解威脅搜索和轉向的概念,並通過示例進行實踐
- 專注於將威脅情報投入實踐
- 探索執行威脅分析、轉向和搜索的技巧

本書適合對網絡安全感興趣的專業人士、安全分析師、安全愛好者以及剛開始並希望深入探索威脅情報的人。不同安全角色的從業人員也可以通過本書來探索威脅情報。

目錄大綱

1. Why You Need a Threat Intelligence Program
2. Threat Actors, Campaigns, and Tooling
3. Guidelines and Policies
4. Threat Intelligence Frameworks, Standards, Models, and Platforms
5. Operational Security (OPSEC)
6. Technical Threat Intelligence – Collection
7. Technical Threat Analysis – Enrichment
8. Technical Threat Analysis – Threat Hunting and Pivoting
9. Technical Threat Analysis – Similarity Analysis
10. Preparation and Dissemination
11. Fusion into Other Enterprise Operations
12. Overview of Datasets and Their Practical Application
13. Conclusion

目錄大綱(中文翻譯)

1. 為什麼您需要威脅情報計劃
2. 威脅行為者、活動和工具
3. 指南和政策
4. 威脅情報框架、標準、模型和平台
5. 運營安全(OPSEC)
6. 技術威脅情報 - 收集
7. 技術威脅分析 - 豐富
8. 技術威脅分析 - 威脅狩獵和轉向
9. 技術威脅分析 - 相似性分析
10. 準備和傳播
11. 融入其他企業運營
12. 數據集概述及其實際應用
13. 結論