4 hours 42 minutes
we arrive it to the end of the advance of Cyber Threat Intelligence scores.
This is the last video on the last model off this course.
In this video, we are going to talk about the most important parts off each module.
In the introduction to this course, we introduce it the intelligence life cycle, and you explained how the course is built based on each face off this cycle,
our first module was dedicated to the data collection sources,
and here we discuss it, the to be categories off data collections for says, which are the internal sources and the external sources for the internal sources. We define it three categories which our endpoint resources network sources and
finishes reports or reports from previous investigations.
And when it comes to external data sources, we discussed three types which are private data sources, including feeds, threat, intelligence platforms and finish and reports
community sources, which our eyes, axe and Ice House
and the public sources, which includes threat feeds, threat, intelligence platforms, finish and reports, and
the next module was dedicated to processing
and data management.
And as you've already seen, almost all row data collected needs to be process it in some manners, whether about humans or machines. We have also seen that using standard is an important part off data processing because
data standard defines how particle or information elements
are represented in files or in communications
and standards were created to represent actionable information, including their context to facilitate their storage and sharing.
And in particular, we've seen some of the common threatened collision site standards, such as taxi standards stick standards. We have also seen example off scoring standard, which is cdss. After this,
I dedicated three modules for the analyzes face
because I believe that analysts should spend most off 30 times on this face because a good and a license will help forge proper conclusions. This is why we started with the module. Intrusion analyzes,
and we discover it together. Some of the techniques that are commonly used, such as A. C H or analyzes off competing hypothesis,
cyber kill chain,
Saira, Cool Chain and Diamant model, map it together and cyber kill chain and courses off actions. Then we move it to more complex cases, including analyzes off campaigns using their proper tools and methodologies like the heat map, unlicensed
visual and the license and miter attack framework.
And for those who just started their cyber threat, intelligence teams and still lacking real cases they can rely on Miter Threat Group tracker. It was also worth noting that while analyzes
cyber Threat, intelligence teams and
any security analysts, especially those with experience, might find themselves in situations where they tend to use shortcuts to quickly get conclusion.
this behavior may lead toa errors in conclusion.
This is why it waas
unavoidable to explain cognitive biases and a logical fallacies. We've also seen howto identify them and, most importantly, how to manage or mitigate them. Our final module was dedicated to the last phase off intelligence life cycle, which was
dissemination and feedback.
We talked about the three forms or pillars off Threat Intelligence, which our tactical operational and strategic intelligence and off course. We talked about sharing because single entities are no longer able to handle
the vast amount off possible attack scenarios,
then cooperative approaches, in particular those based our exchange off cyber threat. Intelligence information can contribute significantly to improve defensive capabilities. Another part that we discuss. It wants feedback
as its main goal east to adjust the requirements made by the decision makers in the first phase off the intelligence life cycle.
And like this, we finish it our course off Advance it. Cyber Threat Intelligence. Lastly, here are some references that helped me to build the scores from scratch. I highly recommend reading
these articles, publications and books for better and deeper understanding off the concepts that I mentioned
and explained during the previous modules.
The list in this slide on the following one doesn't include all the resources. This is why I added a doc file as supplemental reading material that you can download directly from the description below the video.
Well, we arrive in tow our finish line.
I hope this course would be helpful for you as individual and helpful to enhance the security poster off your organization.
It was a pleasure for me to be your instructor. For this course.
You can contact me. All might wear and LinkedIn accounts shared on this light.
Please feel free to share your feedbacks. Or if you have any suggestions
or even if you just want to pass and say hi, See you in future course is bye bye
Course Assessment - Advanced Cyber Threat Intelligence