Cyber Threat Intelligence (Hardcover)

Preface

About the Author

Abbreviations

1. Introduction

Definitions

History of Threat Intelligence

Utility of Threat Intelligence

Summary

2. Threat Environment

Threat

Risk and Vulnerability

Threat Actors

TTPs - Tactics, Techniques and Procedures

Victimology

Threat Landscape

Attack Vectors, Vulnerabilities and Exploits

Untargeted vs Targeted Attacks

Persistence

Thinking Like a Threat Actor

Summary

3. Applying Intelligence

Planning Intelligence Gathering

The Intelligence Cycle

Situational Awarenesss

Goal Oriented Security and Threat Modelling

Strategic, Operational and Tactical Intelligence

Incident Preparedness and Response

Summary

4. Collecting Intelligence

Hierarchy of Evidence

Understanding Intelligence

Third Party Intelligence Reports

Internal Incident Reports

Active Intelligence Gathering

Summary

5. Generating Intelligence

The Intelligence Cycle in Practice

Applying the Intelligence Cycle

Sources of Data

Searching Data

Threat Hunting

Transforming Data into Intelligence

Sharing Intelligence

Measuring the Effectiveness of Generated Intelligence

Summary

6. Attribution

Holding Perpetrators to Account

Standards of Proof

Mechanisms of Attribution

Anti-Attribution Techniques

Third Party Attribution

Using Attribution

Summary

7. Professionalism

Notions of Professionalism

Developing a New Profession

Behaving Ethically

Legal and Ethical Environment

Managing the Unexpected

Continuous Improvement

Summary

8. Future Threats and Conclusions

Emerging Technologies

Emerging Attacks

Emerging Workforce

Conclusion 

9. Case Studies

Target Compromise 2013

WannaCry 2017

NotPetya 2017

VPNFilter 2018

SUNBURST and SUNSPOT 2020

Macron Leaks 2017

Index