Book Image

Practical Cyber Intelligence

By : Wilson Bautista Jr.
Book Image

Practical Cyber Intelligence

By: Wilson Bautista Jr.

Overview of this book

<p>Cyber intelligence is the missing link between your cyber defense operation teams, threat intelligence, and IT operations to provide your organization with a full spectrum of defensive capabilities. This book kicks off with the need for cyber intelligence and why it is required in terms of a defensive framework.</p> <p>Moving forward, the book provides a practical explanation of the F3EAD protocol with the help of examples. Furthermore, we learn how to go about threat models and intelligence products/frameworks and apply them to real-life scenarios. Based on the discussion with the prospective author I would also love to explore the induction of a tool to enhance the marketing feature and functionality of the book.</p> <p>By the end of this book, you will be able to boot up an intelligence program in your organization based on the operation and tactical/strategic spheres of Cyber defense intelligence.</p>

Related Content you might be interested in

Current Title:

Small book image
Practical Cyber Intelligence
Wilson Bautista Jr.
Mar, 2018 | 316 pages
Small book image
Mastering Cyber Intelligence
Jean Nestor M Dahj
Apr, 2022 | 528 pages
Small book image
Operationalizing Threat Intelligence
Joseph Opacki | Kyle Wilhoit
Jun, 2022 | 460 pages
Small book image
Cybersecurity Blue Team Strategies
Kunal Sehgal | Nikolaos Thymianis
Feb, 2023 | 208 pages
Table of Contents (17 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Get in touch
Free Chapter
1
The Need for Cyber Intelligence
The Need for Cyber Intelligence
Need for cyber intelligence
The application of intelligence in the military
Some types of intelligence
Intelligence drives operations
Understanding the maneuver warfare mentality
Summary
2
Intelligence Development
Intelligence Development
The information hierarchy
Introduction to the intelligence cycle
Summary
3
Integrating Cyber Intel, Security, and Operations
Integrating Cyber Intel, Security, and Operations
A different look at operations and security
Developing a strategic cyber intelligence capability
Introduction to operational security
OPSEC applicability in a business environment
Cyber intel program roles
Summary
4
Using Cyber Intelligence to Enable Active Defense
Using Cyber Intelligence to Enable Active Defense
An introduction to Active Defense
Understanding the Cyber Kill Chain
General principles of Active Defense
Enticement and entrapment in Active Defense
Types of Active Defense
An application of tactical level Active Defense
Summary
5
F3EAD for You and for Me
F3EAD for You and for Me
Understanding targeting
The F3EAD process
F3EAD in practice
F3EAD and the Cyber Kill Chain
Application of F3EAD in the commercial space
Summary
6
Integrating Threat Intelligence and Operations
Integrating Threat Intelligence and Operations
Understanding threat intelligence
Capability Maturity Model – threat intelligence overview
Summary
7
Creating the Collaboration Capability
Creating the Collaboration Capability
Purpose of collaboration capability
Collaboration at the Strategic Level
Collaboration at the Tactical Level
Collaboration at the Operational Level
Summary
8
The Security Stack
The Security Stack
Purpose of integration – it's just my POV
Core security service basics
Security Operations Center
Capability deep dive – Security Configuration Management
Prelude – integrating like services
Integrating cyber intel from different services
Capability Maturity Model – InfoSec and cyber intel
Collaboration + Capability = Active Defense
Summary
9
Driving Cyber Intel
Driving Cyber Intel
The gap
Another set of eyes
Capability Maturity Model – security awareness
Summary
10
Baselines and Anomalies
Baselines and Anomalies
Setting up camp
Continuous monitoring – the challenge
Capability Maturity Model – continuous monitoring overview
Capability Maturity Model – continuous monitoring level 2
Summary
11
Putting Out the Fires
Putting Out the Fires
Quick review
Overview – incident response
Capability Maturity Model – incident response
Summary
12
Vulnerability Management
Vulnerability Management
A quick recap
The Common Vulnerability Scoring System calculator
Vulnerability management overview
Capability Maturity Model: vulnerability management – scanning
Capability Maturity Model: vulnerability management – reporting
Capability Maturity Model: vulnerability management – fix
Summary
13
Risky Business
Risky Business
Risk overview
Labeling things platinum, gold, silver, and copper
Taking a different look at risk
Summary
14
Assigning Metrics
Assigning Metrics
Security configuration management
Summary
15
Wrapping Up
Wrapping Up
Just another day part 3
Lessons learned
16
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

Capability Maturity Model: vulnerability management – scanning

We need to start asking the question of what high, medium, and low value applications and systems are. For a small business, this may be quite simple, but as we start looking at multiple businesses and their needs, we can start to see that one business may say that all of their applications and systems are critical while another may not even try to participate in the discovery event.

The IT leadership needs to determine what constitutes a high, medium, or low impact system so that this definition is standard across the board. The hope is while an organization is reconciling their asset databases with vulnerability management, that there is some cross work in determining the value of the system. The following is an example of an overarching Capability Maturity Model for the scanning function of vulnerability...

Previous Section
End of Section 5
Next Section