Practical Cyber Threat Intelligence

Preface

Basics of Threat Analysis and Modeling

• Introduction
• Defining threat modelling
• Understanding the threat modelling process
• Threat modelling methodologies
• Conclusion
• Further Reading

Formulate a Threat Intelligence Model

• Introduction
• Understanding threat intelligence
• Defining bad intelligence
• Comparing good and bad intelligence
• Contrasting good from bad intelligence
• Good and bad intelligence shapes threat modeling
• Keepnet Threat Intelligence Sharing Community (TISC)
• Detailed description
• Conclusion
• Further reading

Adversary Data Collection Sources & Methods

• Introduction
• Adversary-based threat modelling
• Understanding our organizations
• Understanding our adversaries
• Adversary playbook
• Hands-On MITRE ATT&CK
• MITRE ATT&CK Use Cases
• Conclusion
• Further reading

Pivot Off and Extracting Adversarial Data

• Introduction
• Setting up a mitigation plan
• Budgeting for the incident response events
• Taking the necessary precautions
• Conclusion
• Incident Response
• Execution of Malware
• Configuration
• Conclusion
• Data Exfiltration Analysis
• Summary & Findings
• Further reading

Primary Indicators of Security Compromise

• Introduction
• Common indicators of compromise
• Challenges of IOCs
• Tactics, Techniques, and Procedures (TTP)
• Summary
• Further reading

Identify & Build Indicators of Compromise

• Introduction
• Data correlation
• Creating system log entry files data
• Creating anomalies in privileged user account activity
• LAB: Data Collection
• Key Windows Services
• Conclusion
• Further reading

Conduct Threat Assessments In Depth

• Introduction
• Malware analysis
• SQL injections analysis
• Conclusion
• Further reading

Produce Heat Maps, Infographics & Dashboards

• Introduction
• Understanding a heat map
• 2D density plots
• When to use heat maps
• Best practices for using heat maps
• Common heat map options
• Visualization tools
• Conclusion
• Further Reading

Build Reliable & Robust Threat Intelligence System

• Introduction
• Conclusion
• Further reading

Learn Statistical Approaches for Threat Intelligence

• Introduction
• Data preparation
• Data classification
• Data validation
• Data correlation
• Data scoring
• Summary
• Further reading

Develop Analytical Skills for Complex Threats

• Introduction
• Understanding analytical skills
• Identifying common threats and learning how they work
• Distributed Denial-of-Service (DDoS) attacks
• Identifying threat objectives
• Identifying threat mitigation methods and tools
• Researching on New Threats and Changing Threats Landscape
• Understanding Various Organizations and Assets That May Be Targeted
• Understanding Adversary Attack Vectors and Various Vulnerabilities
• Conclusion
• Further reading

Planning for Disaster

• Introduction
• Defining APTS
• Zero-day vulnerabilities
• Defining zero-day threats
• Planning against APT attacks
• Summary
• Further reading