Book Image

Practical Cyber Intelligence

By : Wilson Bautista Jr.
Book Image

Practical Cyber Intelligence

By: Wilson Bautista Jr.

Overview of this book

<p>Cyber intelligence is the missing link between your cyber defense operation teams, threat intelligence, and IT operations to provide your organization with a full spectrum of defensive capabilities. This book kicks off with the need for cyber intelligence and why it is required in terms of a defensive framework.</p> <p>Moving forward, the book provides a practical explanation of the F3EAD protocol with the help of examples. Furthermore, we learn how to go about threat models and intelligence products/frameworks and apply them to real-life scenarios. Based on the discussion with the prospective author I would also love to explore the induction of a tool to enhance the marketing feature and functionality of the book.</p> <p>By the end of this book, you will be able to boot up an intelligence program in your organization based on the operation and tactical/strategic spheres of Cyber defense intelligence.</p>

Related Content you might be interested in

Current Title:

Small book image
Practical Cyber Intelligence
Wilson Bautista Jr.
Mar, 2018 | 316 pages
No titles found
Table of Contents (17 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Get in touch
Free Chapter
1
The Need for Cyber Intelligence
The Need for Cyber Intelligence
Need for cyber intelligence
The application of intelligence in the military
Some types of intelligence
Intelligence drives operations
Understanding the maneuver warfare mentality
Summary
2
Intelligence Development
Intelligence Development
The information hierarchy
Introduction to the intelligence cycle
Summary
3
Integrating Cyber Intel, Security, and Operations
Integrating Cyber Intel, Security, and Operations
A different look at operations and security
Developing a strategic cyber intelligence capability
Introduction to operational security
OPSEC applicability in a business environment
Cyber intel program roles
Summary
4
Using Cyber Intelligence to Enable Active Defense
Using Cyber Intelligence to Enable Active Defense
An introduction to Active Defense
Understanding the Cyber Kill Chain
General principles of Active Defense
Enticement and entrapment in Active Defense
Types of Active Defense
An application of tactical level Active Defense
Summary
5
F3EAD for You and for Me
F3EAD for You and for Me
Understanding targeting
The F3EAD process
F3EAD in practice
F3EAD and the Cyber Kill Chain
Application of F3EAD in the commercial space
Summary
6
Integrating Threat Intelligence and Operations
Integrating Threat Intelligence and Operations
Understanding threat intelligence
Capability Maturity Model – threat intelligence overview
Summary
7
Creating the Collaboration Capability
Creating the Collaboration Capability
Purpose of collaboration capability
Collaboration at the Strategic Level
Collaboration at the Tactical Level
Collaboration at the Operational Level
Summary
8
The Security Stack
The Security Stack
Purpose of integration – it's just my POV
Core security service basics
Security Operations Center
Capability deep dive – Security Configuration Management
Prelude – integrating like services
Integrating cyber intel from different services
Capability Maturity Model – InfoSec and cyber intel
Collaboration + Capability = Active Defense
Summary
9
Driving Cyber Intel
Driving Cyber Intel
The gap
Another set of eyes
Capability Maturity Model – security awareness
Summary
10
Baselines and Anomalies
Baselines and Anomalies
Setting up camp
Continuous monitoring – the challenge
Capability Maturity Model – continuous monitoring overview
Capability Maturity Model – continuous monitoring level 2
Summary
11
Putting Out the Fires
Putting Out the Fires
Quick review
Overview – incident response
Capability Maturity Model – incident response
Summary
12
Vulnerability Management
Vulnerability Management
A quick recap
The Common Vulnerability Scoring System calculator
Vulnerability management overview
Capability Maturity Model: vulnerability management – scanning
Capability Maturity Model: vulnerability management – reporting
Capability Maturity Model: vulnerability management – fix
Summary
13
Risky Business
Risky Business
Risk overview
Labeling things platinum, gold, silver, and copper
Taking a different look at risk
Summary
14
Assigning Metrics
Assigning Metrics
Security configuration management
Summary
15
Wrapping Up
Wrapping Up
Just another day part 3
Lessons learned
16
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

Understanding the Cyber Kill Chain

The Cyber Kill Chain framework was developed by Lockheed Martin to identify the actions required for adversaries to successfully exploit their targets:

There are three phases that are comprised of seven steps in this framework:

  • Phase 1: Preparation: The adversary is looking for the soft spots in your organization and figuring out a way to exploit a vulnerability:
    1. Reconnaissance
    2. Weaponization
  • Phase 2: Intrusion: The adversary has found a vulnerability to exploit, a means to deliver it, and needs their target to take the bait so that it can begin taking control of targeted systems:
    1. Delivery
    2. Exploitation
    3. Installation
  • Phase 3: Breach: The adversary has control and is now taking follow-on steps to maintain and improve their position on the network for other malicious actions:
    1. Command and Control
    2. Actions on Objective

The framework helps...

Previous Section
End of Section 3
Next Section