Threat Intelligence Essentials (T|IE)
Beschrijving
Threat Intelligence Essentials (T|IE)
De cursus Threat Intelligence Essentials biedt cursisten een sterke technische basiskennis van concepten en tools voor bedreigingsinformatie. De cursus biedt essentiële kennis over onderwerpen als het landschap van cyberbedreigingen, soorten bedreigingen en meer, waarmee u wordt voorbereid op een carrière als threat intelligence-analist. Test uw kennis met CTF-gebaseerde Capstone-projecten en valideer u nieuw verworven vaardigheden in gesurveilleerde examens. Verder biedt de cursus meer dan 18 uur aan eersteklas zelfstudievideotraining in 10 modules met 5 labs om studenten voor te bereiden op problemen in de echte wereld.
Cursusinhoud
Module 01: Intro…
Veelgestelde vragen
Er zijn nog geen veelgestelde vragen over dit product. Als je een vraag hebt, neem dan contact op met onze klantenservice.
Threat Intelligence Essentials (T|IE)
De cursus Threat Intelligence Essentials biedt cursisten een sterke technische basiskennis van concepten en tools voor bedreigingsinformatie. De cursus biedt essentiële kennis over onderwerpen als het landschap van cyberbedreigingen, soorten bedreigingen en meer, waarmee u wordt voorbereid op een carrière als threat intelligence-analist. Test uw kennis met CTF-gebaseerde Capstone-projecten en valideer u nieuw verworven vaardigheden in gesurveilleerde examens. Verder biedt de cursus meer dan 18 uur aan eersteklas zelfstudievideotraining in 10 modules met 5 labs om studenten voor te bereiden op problemen in de echte wereld.
Cursusinhoud
Module 01: Introduction to Threat Intelligence
Threat Intelligence and Essential
Terminology
o What is Threat
Intelligence?
o Core Threat Intelligence
Terminology
Key Differences Between Intelligence, Information, and
Data
o Threat Intelligence vs. Threat
Data
The Importance of Threat Intelligence
Integrating Threat Intelligence in Cyber
Operations
o Modern Threat Intelligence vs.
Traditional Cybersecurity
Threat Intelligence Lifecycles and Maturity
Models
o Threat Intelligence Lifecycle
and Processes
o Threat Intelligence Maturity
Model
Threat Intelligence Roles, Responsibilities, and Use
Cases
o Threat Intelligence Team Roles
& Responsibilities
o Threat Intelligence Use
Cases
o Ethical and Legal
Considerations
Using Threat Intelligence Standards or Frameworks to
Measure Effectiveness
o Frameworks and Standards
o KPI’s for Measuring
Effectiveness
Establishing SPLUNK Attack Range for Hands-on
Experience
o Module 1 Lab: SPLUNK Attack
Range 3.0 Overview
o Attack Range Setup
Module 02: Types of Threat Intelligence
Understanding the Different Types of Threat
Intelligence
o General Sources of Threat
Intelligence
o The Threat Intelligence
Array
Preview Use Cases for Different Types of Threat
Intelligence
o Navigating Different Uses of
Intelligence
o Specific Uses of Threat
Intelligence by Type
Overview of the Threat Intelligence Generation
Process
o The Threat Intelligence
Generation Process
o Sources of Generated Threat
Intelligence
Learn How Threat Intelligence Informs Regulatory
Compliance
o How Regulation Influences
Threat Intelligence Processes
o Other Regulatory Factors to
Consider
Augmenting Vulnerability Management with Threat
Intelligence
o Threat Intelligence and
Vulnerability Management
o Additional Best Practices to
Consider
Explore Geopolitical or Industry Related Threat
Intelligence
o Geopolitical and Industry
Focused Threat Intelligence
o How Cybersecurity Can Leverage
These Sources
Integrating Threat Intelligence with Risk
Management
o Threat Intelligence in Risk
Management
Module 03: Cyber Threat Landscape
Overview of Cyber Threats Including Trends and
Challenges
o Defining the Cyber Threat
Challenge
Emerging Threats, Threat Actors, and Attack
Vectors
o Threat Actor Types and Their
Motivations
o Trends and Challenges Impacting
Threat Intelligence
Deep Dive on Advanced Persistent Threats
o Getting to Know Your Advanced
Persistent Threat
o High Profile Threat Actors in
Modern Times
The Cyber Kill Chain Methodology
o What’s the Cyber Kill Chain
Methodology?
o Exploring Other Cyber Kill
Chains
Vulnerabilities, Threat Actors, and Indicators of
Compromise (IoC)
o Indicators of Compromise (IoCs)
Explained
o Key Vulnerability Management
Control Considerations
Geopolitical and Economic Impacts Related to Cyber
Threats
o Impact of Geopolitics and
Economics on Cyber Threats
How Emerging Technology is Impacting the Threat
Landscape
MITRE ATT&CK & SPLUNK Attack Range IOC
Labs
o Module 3 Lab Part 1: MITRE
ATT&CK Navigator
o Module 3 Lab Part 2: Reviewing
Indicators of Compromise (IoC) in Attack Range
Module 04: Data Collection and Sources of Threat Intelligence
Making Use of Threat Intelligence Feeds, Sources, &
Evaluation Criteria
o Maximizing Use of Threat Data
Feeds
o Popular Sources of Threat
Data
o Evaluating Threat Data
Credibility & Effectiveness
Overview of Threat Intelligence Data Collection Methods
& Techniques
o Overview of Threat Data
Collection Methods
o Dissemination Channels for
Threat Data
Compare & Contrast Popular Data Collection
Methods
o Active vs Passive Threat Data
Collection
o Effective Uses for Active &
Passive Data Collection
o Other Intelligence Gathering
Techniques
Bulk Data Collection Methods &
Considerations
o Bulk Data Collection Types
o Bulk Data Collection
Considerations
Normalizing, Enriching, & Extracting Useful
Intelligence from Threat Data
o Normalizing Threat Data Before
Enrichment
o The Data Enrichment Process
o Additional Tips for Extracting
Actionable Intelligence from Threat Data
Legal & Ethical Considerations for Threat Data
Collection Processes
o Ethical and Legal Risks Data
Collection Must Account For
Threat Data Feed Subscription and OSINT Labs
o Module 4 Lab Part 1:
Subscribing to and Ingesting FREE Threat Data from APIs
Module 05: Threat Intelligence Platforms
Introduction Threat Intelligence Platforms (TIPs),
Roles, & Features
o Primary Features of a Threat
Intelligence Platform
o Notable TIP Providers &
Solutions
Aggregation, Analysis, & Dissemination within
TIPs
o From Threat Data Aggregation to
TIP Dissemination
o Risks of TIP Mismanagement
o Driving TIP Effectiveness &
Accuracy
Automation & Orchestration of Threat Intelligence in
TIPs
o The Importance of Automation
& Orchestration within TIPs
o Desired Automation Outcomes
o Orchestration Benefits Within a
TIP
Evaluating & Integrating TIPs into Existing
Cybersecurity Infrastructure
o TIP Evaluation Criteria: The
Tangible vs Intangible
o Elements to Consider During
Trials
o Integration Consideration for
TIPs
Collaboration, Sharing, and Threat Hunting Features of
TIPs
o Macro Vs Micro Collaboration
Goals of TIPs
o Ways That Threat Intelligence
Platforms Share Data
o Threat Hunting on TIPs
Customizing TIPs for Organizational Needs
o The Customization Solution
o Ideal TIP Customization
Features and Criteria
Using TIPs for Visualization, Reporting, & Decision
Making
o How TIP Reporting and
Visualizations Drive Key Business Decisions
o Driving Effective Practices in
TIP Reporting and Visualization
AlienVault OTX and MISP TIP Platform Labs
o Module 5 Lab 1 Overview:
AlienVault OTX and Pulses
o Module 5 Lab 2: Exploring
MISP
Module 06: Threat Intelligence Analysis
Introduction to Data Analysis and
Techniques
o Data Analysis Defined
o Using Data Analysis for Threat
Intelligence
o Other Uses & Analysis
Considerations
Applying Statistical Data Analysis, Including Analysis of
Competing Hypothesis
o A Deeper Look into Statistical
Analysis for Threat Intelligence: Malware Inspection
o Analysis of Competing
Hypothesis
Identifying and Analyzing Threat Actor
Artifacts
o Applying Analysis Techniques to
IoC Data
o Applying Analytical Techniques
to TTP Data
o Driving Excellence in Data
Analysis Practices
Threat Prioritization, Threat Actor Profiling &
Attribution Concepts
o How Data Analysis Assists
Threat Prioritization
o Intro to Threat Actor
Profiling
o Understanding and Improving
Threat Attribution
Leveraging Predictive and Proactive Threat
Intelligence
o Predictive vs Proactive Threat
Intelligence
o Maximizing the Use of
Predictive Threat Intelligence
o Rewinding on Proactive Threat
Intelligence
Reporting, Communicating, and Visualizing Intelligence
Findings
o Tips for Highly Effective
Threat Reporting
o Using MISP for Threat
Intelligence Reporting & Visualization
o Using Jupyter Notebooks to
Visualize Data
Threat Actor Profile Labs & MISP Report Generation
Labs
o Module 6 Lab 1 – Cyber Threat
Actor Profile Exercise
o Module 6 – Lab 2: Generating
MISP Threat Reports and Connecting MISP To
Jupyter
Notebooks
Module 07: Threat Hunting and Detection
Operational Overview of Threat Hunting & Its
Importance
o What Is Threat Hunting?
o General Threat Hunting
Approach
o Characteristics of Successful
Threat Hunters
Dissecting the Threat Hunting Process
o Considerations Before
Conducting Threat Hunts
o Deep Diving the Threat Hunting
Process
o Key Metrics to Guide Effective
Threat Hunting
Threat Hunting Methodologies & Frameworks
o What are Threat Hunting
Frameworks and Why Use Them?
o Hunting Framework Concepts: The
Pyramid of Pain
o Using the PEAK Methodology for
Threat Hunting
Explore Proactive Threat Hunting
o The Need for Proactive Threat
Hunting
o Key Differences Between
Proactive & Unstructured Threat Hunting
o When Proactive Threat Hunts
Shine
Using Threat Hunting for Detection &
Response
o The Role of Threat Hunting in
Incident Detect & Response
o Common Ground Between Incident
Response & Threat Hunting
Threat Hunting Tool Selection & Useful
Techniques
o Types of Threat Hunting
Tools
o Popular Threat Hunting Tools
& Techniques
o Best Practices for Tool
Selection
Forming Threat Hunting Hypotheses & Conducting
Hunts
o The Value of Threat Hunting
Hypotheses
o Hunting Tactics, Techniques
& Procedures (TTP)
o Overview of MITRE’s TTP Hunting
Methodology
Threat Hunting Lab in SPLUNK ATT&CK Range
o Overview of Threat Hunting
Lab
Module 08: Threat Intelligence Sharing and Collaboration
Importance of Information Sharing Initiatives in Threat
Intelligence
o The Importance of Information
Sharing Initiatives
o Types of Information Sharing
Arrangements
o Threat Information Sharing
Frameworks
Overview of Additional Threat Intelligence Sharing
Platforms
o Threat Information Sharing
Platforms
o Desirable Features of Sharing
Platforms
o Potential Platform Pitfalls
Building Trust Within Intelligence Communities
o Primary Trust Builders
o How Trust in Small Private
Circles or Larger Public Communities is Achieved
Sharing Information Across Industries and
Sectors
o Benefitting from Cross-Industry
Threat Sharing
o Sector Specific Threat
Sharing
o Cross-Sector Collaboration
Communities
Building Private and Public Threat Intelligence Sharing
Channels
o Approaches for Establishing
Private Threat Intel Channels
o Approaches for Establishing
Public Threat Intel Channels
Challenges and Best Practices for Threat Intelligence
Sharing
o Best Practices for Sharing
Threat Intel
o Threat Intelligence Sharing
Challenges
o Modern Examples of Overcoming
Sharing Challenges
Legal and Privacy Implications of Sharing Threat
Intelligence
o Legal and Compliance
Impacts
o Privacy Implications of
Careless Intel Sharing
Sharing Threat Intelligence Using MISP and Installing
Anomali STAXX
o Module 8 Lab: MISP to MISP
Intel Sharing and Setting Up & Navigating Anomali STAXX
Module 09: Threat Intelligence in Incident Response
Integrating Threat Intelligence into Incident Response
Processes
o Overview of the Security
Incident Response Lifecycle
o Threat Intelligence Integration
Examples
o Potential Threat Intelligence
Integration Drawbacks
Role of Threat Intelligence in Incident Prevention Using
Workflows & Playbooks
o Threat Intelligence’s Role in
Incident Prevention
o Malicious Process Real-Time
Response (RTR) Workflow Example
o Ransomware Playbook Example
Using Threat Intelligence for Incident Triage and Forensic
Analysis
o How Threat Intelligence Aids
Incident Triage
o The Role of Threat Intelligence
During Forensic Analysis
Adapting Incident Response Plans Using New
Intelligence
o Threat Intel as an Incident
Response Adaptation Pathway
o Best Practice
Considerations
o Adaptation Pitfalls to
Avoid
Coordinating Response With External Partners
o Applying Threat Intelligence to
Different Incidents
o How Threat Intelligence Assists
External Partner Collaboration
Threat Intelligent Incident Handling and Recovery
Approaches
o Applying Threat Intelligence to
Different Incident Types
o Using Threat Intelligence
During Incident Recovery
Post Incident Analysis and Lessons Learned
Considerations
o Post-Incident Analysis and
Areas of Emphasis
o Merging Threat Intelligence
Into Lessons Learned Activities
Measurement and Continuous Improvement for Intelligence
Driven Incident Response
o Approaches for Achieving
Continuous Improvement
o KPIs to Measure Threat
Intelligence’s Influence on Incident Response
Module 10: Future Trends and Continuous Learning
Emerging Threat Intelligence Approaches & Optimizing
Their Use
o Complimentary Approaches to
Threat Intelligence
o Applying Threat Intelligence to
Emerging Technologies
o Optimizing Use of Emergent
Technology for Threat Intelligence Operations
Convergence of Threat Intelligence & Risk
Management
o Getting Started with Converging
Threat Intelligent Risk Management
o A More Methodological
Approach
Continuous Learning Approaches for Threat
Intelligence
o Contemporary vs Evolving
Learning Models
o Striking an Effective
Balance
Adapting Professional Skillsets for Future in Threat
Intelligence
o Adapting Existing Career Paths
to Threat Intelligence
o Skills to Future Proof A Threat
Intelligence Career
Anticipating Future Challenges & Opportunities in
Threat Intelligence
o Potential Challenges Down the
Road
o The Upside Opportunities of
Threat Intelligence
Engaging in the Threat Intelligence Community & Keeping
a Pulse on the Threat Landscape
o Engaging in Threat Intelligence
Communities
o Keeping a Pulse on the Cyber
Threat Landscape
The Role of Threat Intelligence in National Security &
Defense
o Threat Intelligence For
National Defense Use Cases
o Providers of National Defense
Quality Threat Intelligence
Potential Influence of Threat Intelligence on Future
Cybersecurity Regulations
o Historical Examples &
Benefits of Threat Intelligence’s Influence on Regulation
o The Potential Downsides of
Shaping Policy With Threat Intelligence
Verrijk Uw Carrière met OEM's ICT Trainingen
Waarom kiezen voor
OEM?
Ervaring: Meer dan 20 jaar
expertise in ICT-trainingen.
Uitgebreide Selectie: Meer dan 1000 cursussen van
200 topmerken.
Hoge Tevredenheid: Beoordeeld met een 9.0 op
Springest.
Kwaliteitsgarantie: Gecertificeerde docenten en
award-winning E-learning.
Partnerschappen: Microsoft Partner, EC-Council
Partner, Certiport en Pearson VUE.
Blijf op de hoogte van nieuwe ervaringen
Deel je ervaring
Heb je ervaring met deze cursus? Deel je ervaring en help anderen kiezen. Als dank voor de moeite doneert Springest € 1,- aan Stichting Edukans.Er zijn nog geen veelgestelde vragen over dit product. Als je een vraag hebt, neem dan contact op met onze klantenservice.