Book Image

Practical Cyber Intelligence

By : Wilson Bautista Jr.
Book Image

Practical Cyber Intelligence

By: Wilson Bautista Jr.

Overview of this book

<p>Cyber intelligence is the missing link between your cyber defense operation teams, threat intelligence, and IT operations to provide your organization with a full spectrum of defensive capabilities. This book kicks off with the need for cyber intelligence and why it is required in terms of a defensive framework.</p> <p>Moving forward, the book provides a practical explanation of the F3EAD protocol with the help of examples. Furthermore, we learn how to go about threat models and intelligence products/frameworks and apply them to real-life scenarios. Based on the discussion with the prospective author I would also love to explore the induction of a tool to enhance the marketing feature and functionality of the book.</p> <p>By the end of this book, you will be able to boot up an intelligence program in your organization based on the operation and tactical/strategic spheres of Cyber defense intelligence.</p>

Related Content you might be interested in

Current Title:

Small book image
Practical Cyber Intelligence
Wilson Bautista Jr.
Mar, 2018 | 316 pages
Small book image
Business Intelligence Career Master Plan
Danny Moncada | Eduardo Chavez
Aug, 2023 | 284 pages
Small book image
Mastering NLP from Foundations to LLMs
Meysam Ghaffari | Lior Gazit
Apr, 2024 | 340 pages
Small book image
Principles of Data Science
Sinan Ozdemir
Jan, 2024 | 326 pages
Table of Contents (17 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Get in touch
Free Chapter
1
The Need for Cyber Intelligence
The Need for Cyber Intelligence
Need for cyber intelligence
The application of intelligence in the military
Some types of intelligence
Intelligence drives operations
Understanding the maneuver warfare mentality
Summary
2
Intelligence Development
Intelligence Development
The information hierarchy
Introduction to the intelligence cycle
Summary
3
Integrating Cyber Intel, Security, and Operations
Integrating Cyber Intel, Security, and Operations
A different look at operations and security
Developing a strategic cyber intelligence capability
Introduction to operational security
OPSEC applicability in a business environment
Cyber intel program roles
Summary
4
Using Cyber Intelligence to Enable Active Defense
Using Cyber Intelligence to Enable Active Defense
An introduction to Active Defense
Understanding the Cyber Kill Chain
General principles of Active Defense
Enticement and entrapment in Active Defense
Types of Active Defense
An application of tactical level Active Defense
Summary
5
F3EAD for You and for Me
F3EAD for You and for Me
Understanding targeting
The F3EAD process
F3EAD in practice
F3EAD and the Cyber Kill Chain
Application of F3EAD in the commercial space
Summary
6
Integrating Threat Intelligence and Operations
Integrating Threat Intelligence and Operations
Understanding threat intelligence
Capability Maturity Model – threat intelligence overview
Summary
7
Creating the Collaboration Capability
Creating the Collaboration Capability
Purpose of collaboration capability
Collaboration at the Strategic Level
Collaboration at the Tactical Level
Collaboration at the Operational Level
Summary
8
The Security Stack
The Security Stack
Purpose of integration – it's just my POV
Core security service basics
Security Operations Center
Capability deep dive – Security Configuration Management
Prelude – integrating like services
Integrating cyber intel from different services
Capability Maturity Model – InfoSec and cyber intel
Collaboration + Capability = Active Defense
Summary
9
Driving Cyber Intel
Driving Cyber Intel
The gap
Another set of eyes
Capability Maturity Model – security awareness
Summary
10
Baselines and Anomalies
Baselines and Anomalies
Setting up camp
Continuous monitoring – the challenge
Capability Maturity Model – continuous monitoring overview
Capability Maturity Model – continuous monitoring level 2
Summary
11
Putting Out the Fires
Putting Out the Fires
Quick review
Overview – incident response
Capability Maturity Model – incident response
Summary
12
Vulnerability Management
Vulnerability Management
A quick recap
The Common Vulnerability Scoring System calculator
Vulnerability management overview
Capability Maturity Model: vulnerability management – scanning
Capability Maturity Model: vulnerability management – reporting
Capability Maturity Model: vulnerability management – fix
Summary
13
Risky Business
Risky Business
Risk overview
Labeling things platinum, gold, silver, and copper
Taking a different look at risk
Summary
14
Assigning Metrics
Assigning Metrics
Security configuration management
Summary
15
Wrapping Up
Wrapping Up
Just another day part 3
Lessons learned
16
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

A quick recap

Vulnerability management is an arm of our security spider that has its own set of processes and procedures:

Vulnerability management provides the capability to find the issues that already exist on our network by scanning against systems and reconciling findings from a vulnerability database. A basic process of understanding this is depicted in the following simple vulnerability management process:

Vulnerability databases are repositories of information about vulnerabilities that have been identified in systems and in software. They are classified by a Common Vulnerabilities and Exposure (CVE) identification that has a number, a brief description, and a public source, which is where it came from. The ratings for each vulnerability are dependent on what tool or database is doing the adjudication. However, the majority of tools start with a Common Vulnerability Scoring...

Previous Section
End of Section 2
Next Section