In this video we cover the IOC lifecycle and emphasize its importance in the analysis phase of threat identification and prioritization. During the discover phase some level of event checking is required in order to prioritize. The analyze phase is where the analyst executes a repeatable methodology that is essential to maintaining credibility. Finally, the leverage phase is where the analyst proves that an event occurred and potentially correlates an event with other events. Dean introduces and reviews several free IOC tools such as FireEye, Redline, and Memoryze among others. These tools provide a wealth of functions to the CTI analyst and form an essential part of his/her toolbox.
Intro to Cyber Threat Intelligence
The CTI course consists of 12 information-packed modules. CTI is a critical function within any organization that involves roles like analysts, methodologies, tools, teams, and policies. From threat analysis to the Cyber Kill Chain, learn it here.