Overview
This course aims to teach learners how to effectively utilize threat intelligence to enhance cybersecurity measures. The course covers topics such as understanding different threat feeds, attribution, analyzing threat indicators, and the attack phases of APT 28 (Fancy Bear). Students will learn how to identify relevant threats, process and analyze threat data, and improve their threat intelligence program maturity. The teaching method involves a combination of theoretical concepts and practical examples. This course is designed for cybersecurity professionals and individuals interested in enhancing their knowledge of threat intelligence.
Syllabus
Intro
INTELLIGENCE IS A FEED
ATTRIBUTION IS A MUST
NOT ALL THREAT FEEDS CREATED EQUAL
NOT ALL INDICATORS CREATED EQUAL
APT 28 (Fancy Bear)
THE KILL CHAIN IS NOT DEAD
APT 28 Attack Phases
STEP 1 - KNOW YOURSELF
KNOW YOUR ENEMY
FIND RELEVANT THREATS
DISSEMINATE
REQUIREMENTS (EXAMPLES)
PROCESSING (EXAMPLES)
ANALYSIS (EXAMPLES)
DISSEMINATION (EXAMPLE)
THREAT INTEL PROGRAM MATURITY
KEY THREAT INTELLIGENCE FUNCTIONS
ASK YOURSELF