Welcome to Module three.
This module is split into five lessons, which all focused on the central theme of operational izing attack.
we will explore how we can apply the knowledge captured in the attack to various cyber security operations and practices.
How this enables us as defenders to perform what we call threatened form defense or the systematic application of a deep understanding of adversary, trade, craft and technology to prevent, detect and respond to cyberattacks.
Without further ado, let's dive in
welcome to model three less than one
cyber threat intelligence.
In this lesson, we will explore the importance of cyber threat intelligence with insecurity operations
and appreciate how attack can provide a starting point and structure for tracking this intelligence
in any battle. Intelligence and knowledge very often separates winners and losers,
and cyber is no different as Cyber Threat Intelligence or SETI. I allows us to track, understand and maybe even get ahead of what our adversaries are doing.
Attack provides a great starting point for identifying what behaviors have been reported for specific groups, or malware.
As you recall, the model allows us to map adversaries to their behaviors via techniques or some techniques
while also capturing references to the publicly available Cyber Threat Intelligence describing these behaviors.
But as we know, CT comes in various forms.
In this case, we can see impactful and powerful intelligence captured in the form of blogs,
reported command lines or even tweets.
But attack allows us to consistently capture, share and distribute this intelligence.
Specifically, we can decompose these reports and capture the associated behaviors and capture them within the model presented by attack.
And with that, we use the knowledge check for less than one.
Which of the following is not true?
Please positive video and take a second to think of the correct answer before proceeding
In this case, the correct answer was B.
The data attack can opus format and find cyber threat intelligence.
But since the data is already mapped to publicly available reporting and documentation, we're probably not going to produce anything new.
And with that, we reached the end of Lesson one.
In summary, intelligence is critical for decision making as well as providing priorities and shaping cyber security operations.
An attack provides a starting point and means for structuring this intelligence about adversary behaviors