Chapter 3

Building a network security intelligence model

Abstract

This chapter discusses how to apply traditional intelligence methods to the realm of cyber security. It starts by identifying a definition of cyber threat intelligence and then walks through a typical targeted attack. The discussion then turns to using the intelligence pyramid and the intelligence lifecycle to detect targeted attacks earlier in the attack chain. The chapter ends with a discussion around the automation of the cyber threat intelligence lifecycle.

Keywords

cyber threat intelligence

advanced persistent threat (APT)

Tactics, Techniques, and Procedures (TTPs)

indicators of compromise (IOCs)

security automation

intelligence

Information in this chapter

• Defining ...

Get Building an Intelligence-Led Security Program now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Building an Intelligence-Led Security Program by Allan Liska

Building a network security intelligence model

Abstract

Keywords

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly