📕
Threat Intelligence Manual
  • Introduction
  • Contents
  • Module 1: Introduction to Cyber Threat Intelligence
    • Definition and Importance of CTI
    • Threat Intelligence Lifecycle
    • Key Concepts: Indicators, TTPs, IOCs and More
    • Role of CTI in Cybersecurity
  • Module 2: Data Sources and Collection
    • Open Source Intelligence (OSINT) Sources
    • Technical Intelligence (TECHINT) Sources
    • Human Intelligence (HUMINT) Sources
    • Data Collection Techniques and Tools
    • Legal and Ethical Considerations
  • Module 3: Data Processing and Analysis
    • Structuring and Enriching Threat Intelligence Data
    • Indicator Analysis Techniques
    • Malware Analysis Fundamentals
    • Network and Host Artifact Analysis
    • Data Mining and Machine Learning for Threat Analysis
  • Module 4: Threat Modeling and Actor Profiling
    • Adversary Models and Frameworks
    • Tactics, Techniques and Procedures
    • Threat Actor Groups and Motivations
    • Attack Vector Analysis
  • Module 5: Cyber Threat Intelligence Analytics
    • Structured and Unstructured Data Analysis
    • Statistical and Visualization Techniques
    • Reporting and Presentation of Findings
  • Module 6: Threat Intelligence Sharing
    • Standards and Frameworks
    • Threat Intelligence Platforms and Tools
    • Information Sharing Communities
    • Trust Groups and Sharing Protocols
  • Module 7: Building a CTI Program
    • Developing a CTI Strategy and Roadmap
    • Roles and Responsibilities in a CTI Team
    • Integration with Security Operations
    • Measuring CTI Effectiveness and Metrics
  • Module 8: Operationalizing CTI
    • CTI Program Maturity Assessment
    • CTI Workflow Automation and Orchestration
    • CTI Playbooks and Runbooks
    • CTI-driven Threat Hunting Exercises
    • CTI Integration with Security Tools and Systems
Powered by GitBook
On this page

Contents

Module 1: Introduction to Cyber Threat Intelligence

  • Definition and importance of CTI

  • The intelligence lifecycle

  • Key concepts: Indicators, TTPs, IOCs, etc.

  • Role of CTI in cybersecurity

Module 2: Data Sources and Collection

  • Open Source Intelligence (OSINT) sources

  • Technical Intelligence (TECHINT) sources

  • Human Intelligence (HUMINT) sources

  • Data collection techniques and tools

  • Legal and ethical considerations

Module 3: Data Processing and Analysis

  • Structuring and enriching data

  • Indicator analysis techniques

  • Malware analysis fundamentals

  • Network and host artifact analysis

  • Data mining and machine learning for analysis

Module 4: Threat Modeling and Actor Profiling

  • Adversary models and frameworks (e.g., Diamond Model, Kill Chain)

  • Tactics, techniques, and procedures (TTPs)

  • Threat actor groups and motivations

  • Attack vector analysis

Module 5: Cyber Threat Intelligence Analytics

  • Structured and unstructured data analysis

  • Statistical and visualization techniques

  • Reporting and presentation of findings

Module 6: Threat Intelligence Sharing

  • Standards and frameworks (STIX, TAXII, CybOX)

  • Threat intelligence platforms and tools

  • Information sharing communities

  • Trust groups and sharing protocols

Module 7: Building a CTI Program

  • Developing a CTI strategy and roadmap

  • Roles and responsibilities in a CTI team

  • Integration with security operations

  • Measuring CTI effectiveness and metrics

Module 8: Operationalizing CTI

  • CTI Program Maturity Assessment

  • CTI Workflow Automation and Orchestration

  • CTI Playbooks and Runbooks

  • CTI-driven Threat Hunting Exercises

  • CTI Integration with Security Tools and Systems

Additional Modules:

Module A: CTI and Product/Application Security (Coming Soon!)

  • Integrating CTI into the Software Development Life Cycle (SDLC)

  • Vulnerability Management and Patch Prioritization

  • Secure Configuration and Hardening

  • Supply Chain Risk Management

  • Continuous Security Testing and Monitoring

Module B: Cheat Sheets and Checklists (Coming Soon!)

  • CTI Source Evaluation Checklist

  • IOC and TTP Cheat Sheet

  • Threat Intelligence Sharing Protocols Cheat Sheet

  • CTI Report Template and Checklist

  • CTI Metrics and KPIs Cheat Sheet

PreviousIntroductionNextDefinition and Importance of CTI

Last updated 1 year ago