4 hours 12 minutes
Hello and welcome to this new module about analysis and production. This lesson is an introduction to analyzes.
Finally, we have collected the data
made. It's usable, and now it is time to use it to answer the questions that were the fired in the first stage off intelligence cycle.
In this stage, we combine different data sources that have been gathered and processes in the previous stages and use those toe private on data points, recognize patterns and correlate information in order to create more context. In this lesson,
we will start with a quick explanation, off analyzes and production face.
We would discover some approaches that can be used for analyzes, such as structured analytics techniques and modeling techniques.
Off course you and see examples from each case is, and why are they useful? Forthright indulgence
In the analyzes step threat, intelligence teams must effectively combine data from several sources and recognize meaningful patterns. Toe make informant judgment. Contradictory data must be evaluated against each other,
and the patterns and implications off inconclusive or insufficient data must be considered
once their analysis is complete. Threat Intelligence teams produce Finnish intelligence reports to communicate their key findings to the decision makers. And for this task in particular, good analysts will not be replaced by automated systems any time soon.
A good security analyst uses a portable you off no structure, techniques, methods and skills. Let's support them in their analysis.
This allows them to work with and make sense off large amounts of data
before moving to see some examples off approaches and techniques that are commonly used for analysis. Let's discover why are they even used?
The main reason behind using these approaches East to promote rigorous analysis,
lessen the risk off indulgence failure and make analysts reasoning more transparent to consumers. In other words, he's used the impact over analysts. Bisys
the gold off This lesson is not to compare these techniques, but to understand the mechanism to model cybersecurity threats in order to provide more security in a system.
these approaches fall into two categories. The 1st 1 is structured and all takes techniques or sets that will assist on the list in dealing with perennial problems off intelligence. And the second category is modeling techniques which are
not necessary structured and l ticks techniques, but can help to reduce biases as well.
These approaches provide analysts with clear
and often step by step guidance for conducted analysis off intelligence issues.
The first type is structured analytics techniques or sets.
There are methods off organizing and stimulating thinking about intelligence problems.
These methods aim to make the analytic process conscious and transparent, thus reducing the probability off errors caused by numerous cognitive vices.
We can mention some examples offsets such as analysis off competing hypotheses, Devil's Advocacy Team, A Team B and the Red Team analysis.
We will see some of these methods in details if they're dedicated lessons.
The second category is modeling techniques.
There are a number off attack modeling techniques that are used. Toa analyze cyber attacks such as Attack, a graph or tree diamond model, Attack model and Cyber Kill chain. We would discover together some off these models in details in there dedicated lessons as well.
This lesson is only an introduction to the analysis and production module. We started with a definition tow the modules main focus.
Then we introduced the approaches that confused in analyzes face, such as structured analytics techniques and modeling techniques.
In the future videos, we will dip, drive into the analysis, approaches and techniques, and we will start with the analyst is off competing hypotheses
Advanced Cyber Threat Intelligence
Advanced Cyber Threat Intelligence will benefit security practitioners interested in preventing cyber threats. Learn how to leverage your existing data sources to extract useful information and find complementary information from external sources.