Mastering Cyber Intelligence: Gain comprehensive knowledge and skills to conduct threat intelligence for effective system defense

Dahj, Jean Nestor M.

  • 出版商: Packt Publishing
  • 出版日期: 2022-04-29
  • 定價: $1,800
  • 售價: 9.0$1,620
  • 語言: 英文
  • 頁數: 528
  • 裝訂: Quality Paper - also called trade paper
  • ISBN: 1800209401
  • ISBN-13: 9781800209404
  • 相關分類: Wireless-networks資訊安全
  • 立即出貨 (庫存=1)

商品描述

Develop the analytical skills to effectively safeguard your organization by enhancing defense mechanisms, and become a proficient threat intelligence analyst to help strategic teams in making informed decisions

Key Features

- Build the analytics skills and practices you need for analyzing, detecting, and preventing cyber threats
- Learn how to perform intrusion analysis using the cyber threat intelligence (CTI) process
- Integrate threat intelligence into your current security infrastructure for enhanced protection

Book Description

The sophistication of cyber threats, such as ransomware, advanced phishing campaigns, zero-day vulnerability attacks, and advanced persistent threats (APTs), is pushing organizations and individuals to change strategies for reliable system protection. Cyber Threat Intelligence converts threat information into evidence-based intelligence that uncovers adversaries' intents, motives, and capabilities for effective defense against all kinds of threats.

This book thoroughly covers the concepts and practices required to develop and drive threat intelligence programs, detailing the tasks involved in each step of the CTI lifecycle. You'll be able to plan a threat intelligence program by understanding and collecting the requirements, setting up the team, and exploring the intelligence frameworks. You'll also learn how and from where to collect intelligence data for your program, considering your organization level. With the help of practical examples, this book will help you get to grips with threat data processing and analysis. And finally, you'll be well-versed with writing tactical, technical, and strategic intelligence reports and sharing them with the community.

By the end of this book, you'll have acquired the knowledge and skills required to drive threat intelligence operations from planning to dissemination phases, protect your organization, and help in critical defense decisions.

What you will learn

- Understand the CTI lifecycle which makes the foundation of the study
- Form a CTI team and position it in the security stack
- Explore CTI frameworks, platforms, and their use in the program
- Integrate CTI in small, medium, and large enterprises
- Discover intelligence data sources and feeds
- Perform threat modelling and adversary and threat analysis
- Find out what Indicators of Compromise (IoCs) are and apply the pyramid of pain in threat detection
- Get to grips with writing intelligence reports and sharing intelligence

Who this book is for

This book is for security professionals, researchers, and individuals who want to gain profound knowledge of cyber threat intelligence and discover techniques to prevent varying types of cyber threats. Basic knowledge of cybersecurity and network fundamentals is required to get the most out of this book.

商品描述(中文翻譯)

發展分析技能,有效保護組織,增強防禦機制,成為熟練的威脅情報分析師,協助戰略團隊做出明智的決策。

主要特點:
- 建立分析技能和實踐,用於分析、檢測和預防網絡威脅。
- 學習如何使用網絡威脅情報(CTI)流程進行入侵分析。
- 將威脅情報整合到現有的安全基礎設施中,以提高保護能力。

書籍描述:
網絡威脅的複雜性,如勒索軟體、高級釣魚攻擊、零日漏洞攻擊和高級持續性威脅(APTs),迫使組織和個人改變可靠系統保護的策略。網絡威脅情報將威脅信息轉化為基於證據的情報,揭示對手的意圖、動機和能力,以有效防禦各種威脅。

本書全面介紹了開發和推動威脅情報計劃所需的概念和實踐,詳細說明了CTI生命周期的每個步驟中涉及的任務。通過理解和收集需求、建立團隊和探索情報框架,您將能夠規劃威脅情報計劃。您還將學習如何以及從何處收集情報數據,考慮到您的組織層級。通過實際示例,本書將幫助您掌握威脅數據處理和分析。最後,您將熟悉撰寫戰術、技術和戰略情報報告並與社區分享。

通過閱讀本書,您將獲得從規劃到傳播階段的威脅情報操作所需的知識和技能,保護您的組織,並協助做出關鍵的防禦決策。

您將學到:
- 瞭解構成研究基礎的CTI生命周期。
- 組建CTI團隊並將其定位在安全堆疊中。
- 探索CTI框架、平台及其在計劃中的應用。
- 將CTI整合到中小型和大型企業中。
- 發現情報數據來源和提供。
- 進行威脅建模、對手和威脅分析。
- 了解威脅檢測中的威脅指標(IoCs)並應用痛苦金字塔。
- 掌握撰寫情報報告並分享情報的技巧。

本書適合安全專業人士、研究人員和希望深入瞭解網絡威脅情報並發現防禦各種網絡威脅技術的個人。需要基本的網絡安全和網絡基礎知識,以充分利用本書。

作者簡介

Jean Nestor Dahj M. is a data scientist, cybersecurity researcher & analyst, and telecom professional with wide technical and scientific abilities. His skills have led him to data science, network probing, penetration testing & hacking, threat intelligence, and network analytics. He has built a wide range of skillsets through training and consultancy, including skills in cryptography, computer forensics, malware coding, and data products. Jean Nestor holds a master’s degree (M-Tech) in Electrical Engineering from the University of South Africa. He is currently pursuing a PhD in the same field at the University of Johannesburg. His work history includes the likes of Huawei, Commprove technologies, Siftcon Forensic Services, Metro Teleworks, and Nanofritech Consulting. He is currently a full-stack data scientist at Rain Networks, part of a dynamic team developing data solutions. He currently lives in Pretoria and is originally from Kikwit, a small city in DR Congo

作者簡介(中文翻譯)

Jean Nestor Dahj M. 是一位資料科學家、網路安全研究員和分析師,以及一位具有廣泛技術和科學能力的電信專業人士。他的技能使他涉獵於資料科學、網路探測、滲透測試和駭客攻擊、威脅情報和網路分析等領域。他通過培訓和諮詢建立了廣泛的技能,包括密碼學、電腦取證、惡意軟體編碼和數據產品等。Jean Nestor 擁有南非大學的電氣工程碩士學位(M-Tech),目前正在約翰內斯堡大學攻讀同一領域的博士學位。他的工作經歷包括華為、Commprove Technologies、Siftcon Forensic Services、Metro Teleworks 和 Nanofritech Consulting 等公司。他目前是Rain Networks 的全棧資料科學家,是一個開發數據解決方案的充滿活力的團隊的一部分。他目前居住在比勒陀利亞,原籍於剛果民主共和國的基奎特小城。

目錄大綱

1. Cyber Threat Intelligence Life Cycle
2. Requirements and Intelligent Team Implementation
3. Cyber Threat Intelligence Frameworks
4. Cyber Threat Intelligence Tradecraft and Standards
5. Goals Setting, procedures for CTI Strategy, and Practical Use Cases
6. Cyber Threat Modeling and Adversary Analysis
7. Threat Intelligence Data Sources
8. Effective Defensive Tactics and Data Protection
9. AI Application in Cyber Threat Analytics
10. Threat Modeling and Analysis: - Practical Use Cases
11. Usable Security: Threat Intelligence as part of the process
12. SIEM Solutions and Intelligence-driven SOCs
13. Threat Intelligence Metrics, Indicators of Compromise, and the Pyramid of Pain
14. Threat Intelligence Reporting and Dissemination
(N.B. Please use the Look Inside option to see further chapters)

目錄大綱(中文翻譯)

1. 網路威脅情報生命週期
2. 需求和智能團隊實施
3. 網路威脅情報框架
4. 網路威脅情報技術和標準
5. 目標設定、CTI策略程序和實際使用案例
6. 網路威脅建模和對手分析
7. 威脅情報資料來源
8. 有效的防禦策略和資料保護
9. 人工智慧在網路威脅分析中的應用
10. 威脅建模和分析:實際使用案例
11. 可用的安全性:威脅情報作為流程的一部分
12. 安全資訊與事件管理解決方案和以情報為基礎的安全操作中心
13. 威脅情報指標、威脅指標和痛苦金字塔
14. 威脅情報報告和傳播
(註:請使用「查看內容」選項查看更多章節)