O'Reilly logo

Building an Intelligence-Led Security Program by Allan Liska

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 6

External intelligence sources

Abstract

The goal of this chapter is to help security teams fuse external information to their internal intelligence cycle. In addition to fusing intelligence into day-to-day security services, the chapter also covers using intelligence to inform incident response and zero-day threats. Finally, the chapter also touches on YARA and CRITs.

Keywords

Collaborative research into threats (CRITs)
YARA
incident response
open source intelligence (OSINT)
zero-day
advanced persistent threat
finished intelligence (FINTEL)
Common Vulnerabilities and Exposures (CVE)
Common Platform Enumeration (CPE)
Security Content Automation Protocol (SCAP)
cyber threat intelligence
Information in this chapter
Brand monitoring ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required