Practical Threat Intelligence and Data-Driven Threat Hunting
Packt Publishing Limited (Verlag)
978-1-80323-375-8 (ISBN)
Key Features
Set up an environment to centralize all data in an Elasticsearch, Logstash, and Kibana (ELK) server that enables threat hunting
Dive into the world of data-driven threat hunting by mastering the process of collecting, modeling, and analyzing data
Explore advanced threat hunting techniques using the MITRE ATT&CK Framework
Book DescriptionPractical Threat Intelligence and Data-Driven Threat Hunting, 2nd edition" is more than just a book—it's your roadmap to becoming a proficient threat hunter and a valuable asset to your organization's cybersecurity efforts. Whether you're looking to start a career in cyber intelligence or seeking to enhance your existing skills, this book equips you with the knowledge and practical insights needed to proactively detect and thwart cyber threats. With a strong focus on hands-on learning and open-source tools, it's your ultimate guide to staying ahead in the ever-changing world of cybersecurity. You'll start by unraveling the core concepts of cyber threat intelligence, diving into the intricacies of threat intelligence cycles and understanding the nuances of advanced persistent threats. From there, you'll learn how to collect and analyze indicators of compromise, set up a centralized threat hunting environment using open-source tools, and develop hypotheses for hunting campaigns. The book will also guide you through the MITRE ATT&CK Framework, providing practical examples and hands-on experience.
Don't wait for threats to knock on your door. Be the hunter, not the hunted. Get your copy of "Practical Threat Intelligence and Data-Driven Threat Hunting, 2nd edition" and empower yourself to defend against cyber adversaries effectively.What you will learn
Gain a comprehensive understanding of cyber threat intelligence and its role in safeguarding your organization against threats
Explore the various stages of the threat hunting process
Master the art of collecting and analyzing threat data
Familiarize yourself with the MITRE ATT&CK Framework
Set up a research environment using open-source tools
Query and analyze data to carry out atomic tests and identify potential threats
Discover the power of threat actor emulation
Who this book is forIf you are looking to start out in the cyber intelligence and threat hunting domains and want to know more about how to implement a threat hunting division with open-source tools, then this cyber threat intelligence book is for you.
Valentina Costa-Gazcón is a cyber threat intelligence analyst who specializes in tracking Advanced Persistent Threats (APTs) worldwide, using the MITRE ATT&CK Framework to analyze their tools, tactics, techniques, and procedures (TTPs). She is a self-taught developer and threat hunter with a degree in translation and interpretation from the Universidad de Málaga (UMA) and a cyber security diploma from Argentina's Universidad Tecnológica Nacional (UTN). Valentina also is one of the founders of the BlueSpace community (BlueSpaceSec) and one of the core members of Open Threat Research, founded by Roberto Rodriguez (OTR_Community).
Table of Contents
What is Cyber Threat Intelligence?
What is Threat Hunting?
Where does data come from?
Mapping the Adversary
Working with the data
Emulating the Adversary
Creating a research environment
How to query the data
Hunting for the Adversary
Documenting and automating the process
Assessing data quality
Understanding the Output
Defining Good Metrics to Track Success
Communicating results to the executives
Appendix
Erscheinungsdatum | 19.01.2024 |
---|---|
Verlagsort | Birmingham |
Sprache | englisch |
Maße | 191 x 235 mm |
Themenwelt | Informatik ► Netzwerke ► Sicherheit / Firewall |
Mathematik / Informatik ► Informatik ► Theorie / Studium | |
ISBN-10 | 1-80323-375-3 / 1803233753 |
ISBN-13 | 978-1-80323-375-8 / 9781803233758 |
Zustand | Neuware |
Haben Sie eine Frage zum Produkt? |
aus dem Bereich