Practical Cyber Intelligence: How action-based intelligence can be an effective response to incidents (pdf)

Description

Your one stop solution to implement a Cyber Defense Intelligence program in to your organisation.
Key Features

• Intelligence processes and procedures for response mechanisms
• Master F3EAD to drive processes based on intelligence
• Threat modeling and intelligent frameworks
• Case studies and how to go about building intelligent teams

Book DescriptionCyber intelligence is the missing link between your cyber defense operation teams, threat intelligence, and IT operations to provide your organization with a full spectrum of defensive capabilities. This book kicks off with the need for cyber intelligence and why it is required in terms of a defensive framework.
Moving forward, the book provides a practical explanation of the F3EAD protocol with the help of examples. Furthermore, we learn how to go about threat models and intelligence products/frameworks and apply them to real-life scenarios.
By the end of this book, you will be able to boot up an intelligence program in your organization based on the operation and tactical/strategic spheres of Cyber defense intelligence.
What you will learn

• Learn about the Observe-Orient-Decide-Act (OODA) loop and it’s applicability to security
• Understand tactical view of Active defense concepts and their application in today’s threat landscape
• Get acquainted with an operational view of the F3EAD process to drive decision making within an organization
• Create a Framework and Capability Maturity Model that integrates inputs and outputs from key functions in an information security organization
• Understand the idea of communicating with the Potential for Exploitability based on cyber intelligence

Who This Book Is ForThis book targets incident managers, malware analysts, reverse engineers, digital forensics specialists, and intelligence analysts; experience in, or knowledge of, security operations, incident responses or investigations is desirable so you can make the most of the subjects presented.
Table of Contents

1. The Need for Cyber Intelligence
2. Intelligence Development
3. Integrating Cyber Intel, Security, and Operations
4. Using Cyber Intelligence to Enable Active Defense
5. F3EAD For You and For Me
6. Integrating Threat Intelligence and Operations
7. Creating the Collaboration Capability
8. The Security Stack
9. Driving Cyber Intel
10. Baselines and Anomalies
11. Putting Out the Fires
12. Vulnerability Management
13. Risky Business
14. Assigning Metrics
15. Putting It All Together