商品描述
Effective introduction to cyber threat intelligence, supplemented with detailed case studies and after action reports of intelligence on real attacks
Cyber Threat Intelligence introduces the history, terminology, and techniques to be applied within cyber security, offering an overview of the current state of cyberattacks and stimulating readers to consider their own issues from a threat intelligence point of view. The highly qualified author takes a systematic, system-agnostic, and holistic view to generating, collecting, and applying threat intelligence.
The text covers the threat environment, malicious attacks, collecting, generating, and applying intelligence and attribution, as well as legal and ethical considerations. It ensures readers know what to look out for when looking for a potential cyber attack and imparts how to prevent attacks early on, explaining how threat actors can exploit a system's vulnerabilities. It also includes analysis of large scale attacks such as WannaCry, NotPetya, Solar Winds, VPNFilter, and the Target breach, looking at the real intelligence that was available before and after the attack.
Sample topics covered in Cyber Threat Intelligence include:
- The constant change of the threat environment as capabilities, intent, opportunities, and defenses change and evolve.
- Different business models of threat actors, and how these dictate the choice of victims and the nature of their attacks.
- Planning and executing a threat intelligence programme to improve an organisation's cyber security posture.
- Techniques for attributing attacks and holding perpetrators to account for their actions.
Cyber Threat Intelligence describes the intelligence techniques and models used in cyber threat intelligence. It provides a survey of ideas, views and concepts, rather than offering a hands-on practical guide. It is intended for anyone who wishes to learn more about the domain, particularly if they wish to develop a career in intelligence, and as a reference for those already working in the area.
商品描述(中文翻譯)
「網路威脅情報的有效介紹,並附有詳細的實際攻擊情報案例和事後報告」
「網路威脅情報」介紹了網路安全領域內的歷史、術語和應用技巧,概述了當前網路攻擊的現狀,並激發讀者從威脅情報的角度思考自身問題。這位高資歷的作者以系統性、系統無關和整體性的觀點來生成、收集和應用威脅情報。
本書涵蓋了威脅環境、惡意攻擊、情報收集、生成和應用,以及法律和道德考慮。它確保讀者在尋找潛在網路攻擊時知道該注意什麼,並傳授如何及早防止攻擊,解釋威脅行為者如何利用系統的漏洞。它還包括對大規模攻擊(如WannaCry、NotPetya、Solar Winds、VPNFilter和Target遭駭事件)的分析,探討攻擊發生前後的真實情報。
「網路威脅情報」中涵蓋的示例主題包括:
- 威脅環境的不斷變化,隨著能力、意圖、機會和防禦的變化和演進。
- 威脅行為者的不同商業模式,以及這些模式如何決定受害者的選擇和攻擊的性質。
- 計劃和執行威脅情報計劃,以提升組織的網路安全姿態。
- 追蹤攻擊並追究肇事者負責的技術。
「網路威脅情報」描述了網路威脅情報中使用的情報技術和模型。它提供了一個觀點、觀念和概念的調查,而不是提供實用指南。本書適合任何希望更深入了解這個領域的人,特別是那些希望在情報領域發展職業生涯的人,也可作為該領域從業人員的參考資料。
作者簡介
Martin Lee is Technical Lead of Security Research within Talos, Cisco's threat intelligence and research organization. Martin started his career researching the genetics of human viruses, but soon switched paths to follow a career in IT. With over 20 years of experience within the cyber security industry, he is CISSP certified, a Chartered Engineer, and holds degrees from the Universities of Bristol, Cambridge, Paris-Sud and Oxford.
作者簡介(中文翻譯)
Martin Lee是思科威脅情報和研究組織Talos的安全研究技術主管。Martin在職業生涯初期研究人類病毒的基因組,但很快轉向IT行業。在網絡安全行業擁有超過20年的經驗,他擁有CISSP認證,是一名特許工程師,並擁有布里斯托大學、劍橋大學、巴黎南大學和牛津大學的學位。
