4 hours 42 minutes
Hello and welcome to the third lesson from the module campaign analysis.
In this lesson, we're going to learn another method or technique. Use it for campaign on the license, which is a visual analysis
and this lesson are going to learn some of the common aspect off visual on the license. We're going to start with a quick introduction to the visual and license. We will see how it can be useful for campaign and a license. What is grab visual ization so important and how it can help businesses sift
through large amounts of complex data.
And we will finish this lesson by enumerating some tools that are offering visual analysts.
Over the last years, the number off I T security incidents has been constantly increasing among companies in order to keep pace with his development. Larry's a necessity for ever improving protective majors
as single entities are no longer able to hand the vest, amount off possible attack scenarios.
Acting collaboratively against such attacks, he's an emerging trend,
and to me, these shortcomings. We propose a graph and all takes concept as visual methods to analyze and visualize threat trance.
When you work with connected data, grab visual ization and analyzes is definitely more efficient method than traditional and a license off spreadsheets or data storage in relational databases.
First, let's see what is graft and the license. So basically, graph in the license is also called visual and license or link on the license grants. Visualization is a visual representation of the notes and edges off a graph.
Any type of data said that contains information about connections can be modeled on visualized as a graph, even data initially stored in a double or way.
Now let's see why visual analyzes is a good method for campaign on a license. First, you will spend less time assimilating information because the human brain processes visual information much faster than written want.
Visually displaying data insures a faster comprehension, which in the end it uses the timeto action.
you have a higher chance to discover insights by interacting with data.
Grab visualization tools offer the possibility to manipulate data.
Third, you can achieve better understanding off a problem by visualizing patterns and context.
Grab visualization tools are perfect to visualize relationships, but also to understand the context off data. First reason
Everybody can work with Graff. Visual ization. Not only technical users for user's Cannick, says the insights, since specimen programming skills are not required to interact with a graph visualizations
in more practical way. With Graff technology, you can combine multi dimensional. Later, it interrogates data from multiple sources and formats into a single comprehensive data model that can scale up to billions off nose and address.
This is essential in multi intelligence or all source and the license toe identify suspicious patterns, animal ease or irregular behaviour. Indeed, suspicious activities are more easily detected when you analyze the dynamics between entities and not just the characteristics off single entity
with this approach, and most easily gather and analyze data
about people event on locations, for example, into one single few.
Now we can move to the tools here. I took three examples of tools that you can use to create and visualize your friend data.
The stalls are multi go lee curious and key lines. Let's see each one of them separately.
Key lions can visualize it.
Even if you are using relational or other databases or C Z files. Julyan can handle it. Users can build their own AP I translating the relational or tabular data into a node link format, which then can gets past two key lines as a jeez on object.
The second example is lingers in Linklater's. Analysts can visually investigate vest amount off data collections.
They can search for known patterns and suspicious links from a browser based interface.
Data filters and visual signs help them focus on what's important and reduce the noise generated by large amounts of data. The third example is multi go. This, too, is widely used by the community off cyber security practitioners. Multi Go is essentially a data mining tool
that creates directed grafts to be further analyzed.
This tool helps connect the dots, which essentially means that it helps find common ground between different pieces off information that may be gotten from the Internet.
There are multiple versions available for download, for example, Larry's Multigoal Community Edition. This version is available for free. However, a simple sign up is required to use it.
It provides us with the same features set at the commercial version, however, with a few limitations such as no more than 10,000 entities on single graph.
This is all for this lesson about visual and the license we started. Always definition off visual and the license we So why is it important for campaign analyzes and how is it used in threat intelligence? And we finish it with common tools that are used for link or visual analysts.
I hope you like this video. In the next lesson, we will discover together miter Attack Threat Group tracker.
See you later.
MITRE ATT&CK Defender™ (MAD) ATT&CK® Cyber Threat Intelligence Certification Training
Analysts and researchers gain hands-on instruction directly from MITRE’s experts in this MITRE ATT&CK Defender™ ...
3 CEU/CPE Hours Available
Certificate of Completion Offered
SOC Analyst I Workrole Assessment
The SOC Analyst I Workrole Assessment covers fundamentals SOC I skills such as incident response, ...