Video Description

Module 8 consists of a single video but it's a comprehensive overview of the requirements for putting a properly run CTI program in place. Dean goes over the procedures for handling incident response. Events may come from devices such as an IDS or SEIM device. Sysadmins raise the alert flag but it's important that CTI analysts follow proper incident response procedures. The last thing any organization wants or needs is to waste time and money responding to false positives. Senior leadership must be involved. This includes not only being in the notification chain but also being an advocate for the CTI program within the organization. Open lines of communication are critical and regular and ad hoc meetings must be part of the CTI program. The video concludes with a discussion of tools and security products. These resources are essential in support of any CTI program. Dean reviews the various types and offerings.

Course Modules

Intro to Cyber Threat Intelligence

Module 8 - Tactical Threat Intelligence Requirements

Module 12 - Summary