Did you know Cybrary has FREE video training? Join more than 2,500,000 IT and cyber security professionals, students, career changers, and more, growing their careers on Cybrary.
In this video we cover the IOC lifecycle and emphasize its importance in the analysis phase of threat identification and prioritization. During the discover phase some level of event checking is required in order to prioritize. The analyze phase is where the analyst executes a repeatable methodology that is essential to maintaining credibility. Finally, the leverage phase is where the analyst proves that an event occurred and potentially correlates an event with other events. Dean introduces and reviews several free IOC tools such as FireEye, Redline, and Memoryze among others. These tools provide a wealth of functions to the CTI analyst and form an essential part of his/her toolbox.