all right. So we finished the introduction to Cyber Threat Intelligence.
So like to offer a quick summary.
So the topics that we covered,
we went over the foundations of intelligence gathering.
Some germ analogy. The lifecycle move down to the perceptions within an organization
stars what cyber threat Intelligence is, how it should be used,
the different kinds of
roles that organization might use.
In order to do this work correctly,
we also touched on it indicators of compromise.
Then way went into tactical threat intelligence, which is
sort of the the medium term
We talked about the Syracuse chain C K. C. Seven.
Also, we went into the
timeframes Operational Threat Intelligence,
which is more day to day in its actions and capabilities,
twisted on the operational threat intelligence role as well.
And we spent some time discussing the value of the diamond model.
Then we moved into strategic threat intelligence.
This is the longer timeframe.
Maybe a year or two years.
This involves threat modeling
and using proper change management configuration management.
We also look at the various tool
now you want a little bit deeper into the separate kill chain
reviewed the different steps all seven steps
and talked about the way that it might be used in organization to study the tactics, techniques and procedures of your adversaries.
We also touched on the requirements for tactical threat intelligence stars when an organization should do
at a high level to accommodate this type of capability.
Then we took a deep guy into C. K C seven
and looked at a lot of different
aspect of what kind of information is being gathered
and how it might be you
that best utilized by the organization. Depending on your perspective,
uh, this involves incident response in some cases
and trying to figure out what to do with Mao where that's been captured.
Can it be a reverse engineer to better understand it, for instance,
touched on the management of cyber kill chains, especially in those cases where you've got more than one in progress
and they need to be dealt with separately
or in parallel and trying to find ways to manage correlating information.
And then, lastly, we wrapped up with open source
with a demo of multi go
for open source intelligence gathering
and a nice overview of ah, great website that has over 250 different free resource is.
So I hope you enjoy the course
and stay tuned for the second half of this course. I'll be coming out later this year.
Thank you. And take care.