Video Description

The concluding video of Module 10 deals with the managing multiple CKCs. Dean takes us through examining similarities, methodology, threat actors, and overlapping indicators. Progress tracking and triage engagement are also covered. As discussed in the previous video, identifying a correlation between multiple events is challenging, but the ability to do so allows for managing related campaigns and the grouping of events. Understanding intruder intent and mission objectives form the basis of an incident response plan. Finding clues can be challenging due to adversaries changing up behavior in order to not be predictable. Sometimes requesting assistance from in-house developers can prove helpful when analysts are lacking tools and detection capability.

Course Modules

Intro to Cyber Threat Intelligence

Module 8 - Tactical Threat Intelligence Requirements

Module 12 - Summary