Practical Cyber Intelligence
Wilson Bautista
- 316 pages
- English
- ePUB (mobile friendly)
- Available on iOS & Android
Practical Cyber Intelligence
Wilson Bautista
About This Book
Your one stop solution to implement a Cyber Defense Intelligence program in to your organisation.
Key Features
- Intelligence processes and procedures for response mechanisms
- Master F3EAD to drive processes based on intelligence
- Threat modeling and intelligent frameworks
- Case studies and how to go about building intelligent teams
Book Description
Cyber intelligence is the missing link between your cyber defense operation teams, threat intelligence, and IT operations to provide your organization with a full spectrum of defensive capabilities. This book kicks off with the need for cyber intelligence and why it is required in terms of a defensive framework.
Moving forward, the book provides a practical explanation of the F3EAD protocol with the help of examples. Furthermore, we learn how to go about threat models and intelligence products/frameworks and apply them to real-life scenarios. Based on the discussion with the prospective author I would also love to explore the induction of a tool to enhance the marketing feature and functionality of the book.
By the end of this book, you will be able to boot up an intelligence program in your organization based on the operation and tactical/strategic spheres of Cyber defense intelligence.
What you will learn
- Learn about the Observe-Orient-Decide-Act (OODA) loop and it's applicability to security
- Understand tactical view of Active defense concepts and their application in today's threat landscape
- Get acquainted with an operational view of the F3EAD process to drive decision making within an organization
- Create a Framework and Capability Maturity Model that integrates inputs and outputs from key functions in an information security organization
- Understand the idea of communicating with the Potential for Exploitability based on cyber intelligence
Who this book is for
This book targets incident managers, malware analysts, reverse engineers, digital forensics specialists, and intelligence analysts; experience in, or knowledge of, security operations, incident responses or investigations is desirable so you can make the most of the subjects presented.
Frequently asked questions
Information
Baselines and Anomalies
- The challenge of continuous monitoring
- Continuous monitoring Capability Maturity Model
- Examples of integration of capabilities for continuous monitoring to improve defense
Setting up camp
- Never set up in an open field because then the adversary can see your strengths and weaknesses:
- Cyber intelligence application:
- Good training in security awareness will decrease one of the likelihoods of exploiting users
- Reducing visibility (through collaboration between IT ops and IT security) for an adversary reduces the attack vectors
- Cyber intelligence application:
- If you are going to get attacked, don't make it easy. Guide them to where your strengths are:
- Cyber intelligence application: Active defense techniques—guide the adversaries to the locations where they will most likely be found out
- Set up your camp in a location where you can observe the surrounding area to spot any movement:
- Cyber intelligence application: Enabling good IT operations and InfoSec processes allows for identification of anomalies to the baseline
Baselines and anomalies
- Regular users trying to access directories that they are not permitted access to more than five times in a week
- Network usage spikes in off hours
Continuous monitoring – the challenge
Part 1
- IT security takes care of reviewing the firewall logs
- IT ...