48 HOURS ONLY: Get 2 free months of Insider Pro!

8.1 Summary

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
or

Already have an account? Sign In »

Time
4 hours 42 minutes
Difficulty
Advanced
CEU/CPE
5
Video Transcription
00:00
we arrive it to the end of the advance of Cyber Threat Intelligence scores.
00:05
This is the last video on the last model off this course.
00:10
In this video, we are going to talk about the most important parts off each module.
00:17
In the introduction to this course, we introduce it the intelligence life cycle, and you explained how the course is built based on each face off this cycle,
00:28
our first module was dedicated to the data collection sources,
00:33
and here we discuss it, the to be categories off data collections for says, which are the internal sources and the external sources for the internal sources. We define it three categories which our endpoint resources network sources and
00:50
finishes reports or reports from previous investigations.
00:55
And when it comes to external data sources, we discussed three types which are private data sources, including feeds, threat, intelligence platforms and finish and reports
01:07
community sources, which our eyes, axe and Ice House
01:11
and the public sources, which includes threat feeds, threat, intelligence platforms, finish and reports, and
01:19
the next module was dedicated to processing
01:23
and data management.
01:25
And as you've already seen, almost all row data collected needs to be process it in some manners, whether about humans or machines. We have also seen that using standard is an important part off data processing because
01:44
data standard defines how particle or information elements
01:49
are represented in files or in communications
01:53
and standards were created to represent actionable information, including their context to facilitate their storage and sharing.
02:04
And in particular, we've seen some of the common threatened collision site standards, such as taxi standards stick standards. We have also seen example off scoring standard, which is cdss. After this,
02:21
I dedicated three modules for the analyzes face
02:24
because I believe that analysts should spend most off 30 times on this face because a good and a license will help forge proper conclusions. This is why we started with the module. Intrusion analyzes,
02:43
and we discover it together. Some of the techniques that are commonly used, such as A. C H or analyzes off competing hypothesis,
02:53
cyber kill chain,
02:55
Diamond model,
02:57
Saira, Cool Chain and Diamant model, map it together and cyber kill chain and courses off actions. Then we move it to more complex cases, including analyzes off campaigns using their proper tools and methodologies like the heat map, unlicensed
03:16
visual and the license and miter attack framework.
03:21
And for those who just started their cyber threat, intelligence teams and still lacking real cases they can rely on Miter Threat Group tracker. It was also worth noting that while analyzes
03:37
cyber Threat, intelligence teams and
03:39
any security analysts, especially those with experience, might find themselves in situations where they tend to use shortcuts to quickly get conclusion.
03:52
And unfortunately,
03:53
this behavior may lead toa errors in conclusion.
03:58
This is why it waas
04:00
unavoidable to explain cognitive biases and a logical fallacies. We've also seen howto identify them and, most importantly, how to manage or mitigate them. Our final module was dedicated to the last phase off intelligence life cycle, which was
04:19
dissemination and feedback.
04:21
We talked about the three forms or pillars off Threat Intelligence, which our tactical operational and strategic intelligence and off course. We talked about sharing because single entities are no longer able to handle
04:40
the vast amount off possible attack scenarios,
04:43
then cooperative approaches, in particular those based our exchange off cyber threat. Intelligence information can contribute significantly to improve defensive capabilities. Another part that we discuss. It wants feedback
04:59
as its main goal east to adjust the requirements made by the decision makers in the first phase off the intelligence life cycle.
05:09
And like this, we finish it our course off Advance it. Cyber Threat Intelligence. Lastly, here are some references that helped me to build the scores from scratch. I highly recommend reading
05:21
these articles, publications and books for better and deeper understanding off the concepts that I mentioned
05:30
and explained during the previous modules.
05:34
The list in this slide on the following one doesn't include all the resources. This is why I added a doc file as supplemental reading material that you can download directly from the description below the video.
05:50
Well, we arrive in tow our finish line.
05:55
I hope this course would be helpful for you as individual and helpful to enhance the security poster off your organization.
06:04
It was a pleasure for me to be your instructor. For this course.
06:10
You can contact me. All might wear and LinkedIn accounts shared on this light.
06:15
Please feel free to share your feedbacks. Or if you have any suggestions
06:20
or even if you just want to pass and say hi, See you in future course is bye bye
Up Next
Course Assessment - Advanced Cyber Threat Intelligence
Assessment
30m