Cyber Threat Intelligence

Training

woman in black shirt looking at neon lights

Introducing the Cyber Threat Intelligence

Accelerated Training

The process of gathering, processing, and evaluating the information on adversaries in cyberspace is referred to as cyber threat intelligence.

Cyber Threat intelligence provides answers to important questions like who our adversaries are? How are they going after us? What techniques, tactics, and information do they possess? How could they infiltrate our network?

The process generates actionable intelligence about our opponents’ objectives, capabilities, and tactics, which aids in the development of improved cyber security mitigation strategies.

Participants will obtain a good knowledge of what Threat Intelligence is, and how it can be utilized as an extra tool to strengthen organization’s security posture and reduce the security risk to an acceptable level.

Introduction to Threat Intelligence (CTI)

  • Introduction to Threat Intelligence
  • Understand of Threat Intelligence Frameworks
  • Explain the Lockheed Martin Kill Chain, Diamond Model, and Mitre Framework for Threat intelligence

Understand why we need Threat Intelligence through Use Cases

  • Security Operations Center (SOC)
  • Incident Response management
  • Vulnerability management

Understand The Cyber Threat Intelligence Cycle

  • Requirements, Planning, Direction
  • Threat Intelligence Data Collection
  • Data Processing
  • Data Analysis
  • Intelligence Reporting
  • Dissemination

Understand how to perform Cyber Threat Intelligence (CTI) at the various level:

  • Strategic level
  • Tactical level
  • Operational level
  • Technical Intelligence level

Understanding the tools for Threat Intelligence

  • Yara for malware identification and classification
  • Structured language for cyber threat intelligence (STIX)
  • A transport mechanism for sharing cyber threat intelligence (TAXII)
    • Improve the efficiency of your security team
    • Avoid data breaches
    • Lower risk through better threat analyses
    • Improve security operations and Triage
    • Strengthen the business security posture

    At the end of this workshop, the participants will be able to do the following:

    • Define Cyber Threat Intelligence, what it is and what it is not.
    • Explain how threats relate to cyber security risks
    • Be able to differentiate between Threat Intelligence and Threat Hunting
    • Explain why threat intelligence is an important part of cyber security risk management
    • Explain the Lockheed Martin Kill Chain, Diamond Model, and Mitre Framework for Threat intelligence
    • Know the tools that are used for Threat Intelligence and be able to use them
    • Learn to gather Threat Intelligence feed and process them
    • Network security professionals
    • Incident responders.
    • Penetration testers
    • Red team members and other white hats
    • Security analysts
    • Security consultants and auditors
    • Managers wanting to create threat-Intelligence teams
    • Basic information security concepts should be understood.
    • A working understanding of networking devices and protocols is required.
    • Exposure to network monitoring and pentesting tools and methodology