Time
4 hours
Difficulty
Beginner
CEU/CPE
4

Video Transcription

00:00
Hello, everybody. Welcome to introduction to several credit intelligence. This will be the last time that you bill hearing these intro.
00:10
Unless you will be replaying some of the other videos of these cars. In that case, good for you.
00:17
Well, the last episode will be dedicated to the second part of the summers and the reference used to build these curves. So let's start where we left off.
00:30
Another episode. Another model that we review was this disciple Tread intelligence role in fraud prevention. The fifth model was kind of a lonely one with just one episode in it, but I felt that this episode was crucial to browse since it since it was related to fraud prevention.
00:50
And this is kind of fun. Expect an unexpected topic most of the time, since intelligence is believed to helping Detective Active Trance announced.
01:00
But among their capabilities is not detecting data Regis, or at least that is the common thought
01:06
Well. In that episode, we have revealed how most of the time, with a data thick ex filtration occur, the Cyber Craft Intelligence team can be aware of the information in dark Web forums
01:18
and markets and what information related to organizations is detective actions can be taken to investigate what actually happened. And how did that occur?
01:32
Next we started talking about the cyber threat Intelligence framework are six model when all when All into the frame words that can be used in order to implement a cyber threat. Intelligence unit
01:45
How should it? Opera, mate, What information is require? What approach doesn't need to have
01:51
s starting with the cyber kill chain. This was the first frame were reviewed and one of its highlights was that this framework will focus on one attack per se,
02:00
defining every attributes off A possible compromise in each detection. This framework is closely related to an actual attacker. Mental Ali. Let's remember there seven faces that this model did This
02:15
framework considers and their recon weaponization delivery, exploitation, installation common and control and ex filtration. Each one of these faces will help you detect an organized the attacker The attack in a better way because it will be really close to what an attacker
02:36
has done in order to compromise the system.
02:40
Then we had the diamond model.
02:43
This one is more broad and flexible since since made interest was the attack as a whole and not just focused on one victim this model wouldn't able will enable the team to collect a lot off attributes as needed and create relationships between all the information collector.
03:01
This is very helpful,
03:04
since not all the time all the information is obtained, so these will fit regardless. The attack type or strategy
03:14
and last but not least, was the meter attack frame pork in which we had a wider set of categories, a specified,
03:21
which the freest differentiated from the diamond model that we have four big categories and we could add more information as US upset of discoveries. The attack Frank work will give us 11 category lll categories not easily related, but with precise information about a possible compromise
03:40
helping a threat hunting team do a more precise hunt
03:45
From this model. We could browse different frameworks and more important than that, understand that these frameworks can be used altogether if our organization have enough resources on personal to do so.
04:00
After getting all the information about how the different frameworks of cyber trades intelligence worked and how they can all be used together, we started talking about developing the core of the cyber threat Intelligence in the seven model, we went and explained how everything we learn could we put up toe work
04:19
and established a formal on working cyber tread Civilians unit.
04:25
We reviewed what you what you should have in place before starting operating a stating resources like the definition of the goals that the cyber threat intelligence team needs to accomplish
04:36
the definition of the team's inside the organization that will be needing intelligence Taylor to meet their needs. And with that, the appropriate dissemination method that these teams will find most useful.
04:50
We also reviewed
04:53
what key factors should have in mind in order to assure the cyber threat intelligence team success and what a prat approach should be taken in order to get disciple trading Killian's unit that is needed for the organization.
05:06
This included how to generate quick wins by tackling the low hanging fruit of the objectives there to the Tech, which processes could be automated in order to free some time for analysts to using more exhaustive tusks
05:21
have a strategy where a vendor or third party intelligence provider is not is not just another bender, but I think
05:29
Berg, from where the internal team can learn on put to use in the organization's own cyber tread intelligence team.
05:38
After that was define, we dove into the specific of a cyber credit intelligence unit. We started reviewing how to build the cyber Threat Intelligence team. How should it work inside the organization? What people will be involved in the process? Internal, personal or new? High res?
05:56
And how overall, will the unit destructor?
06:00
Later on? We went and review the different types of cyber threat intelligence that we can take for business according to its objectives. It should be defined. Which one will be the focus off the team in order to line up our requirements toward this?
06:16
Lastly, we discussed it technical researchers of a level that would aid into complete into cyber threat Intelligence unit on the START operations, as required.
06:28
Everything from the human research to detecting all aspects was he find Indy Sepi sewed.
06:33
We talked about how the cyber threats intelligence flow should go by connecting all the contact we have reviewed in this cursed
06:41
and to finish with that, the last subjects related to artificial intelligence on engaging with the other cyber tracked intelligence community in order to get the most out of them
06:55
and that was it. That was our journey to the introduction to cyber trade intelligence. I really hope these cars was able to get you the information required in order to get up and take this cyber security strata of the organization to another level.
07:10
Lastly, here are some references that can be read in orderto have a deeper understanding off all the information. Given all the links and research is giving in these next two slides,
07:21
Artoo wants that helped tow build these curves from scratch.
07:31
Well, diese, sit for town.
07:34
Remember that you can contact me at my email address. You can fight it in the first medium
07:40
Freddie doubt suggestion or anything you would like to talk about. It was a pleasure for me to be your instructor for discursive.
07:47
See you in another curse, guys.

Intro to Cyber Threat Intelligence

This Cyber Threat Intelligence training introduction series will cover the main definitions and concepts related to the CTI world. Will also explain the units and organization’s areas that will interact with the CTI processes.

Instructed By

Instructor Profile Image
Melinton Navas
Threat Intelligence Manager
Instructor