Chapter 6

External intelligence sources

Abstract

The goal of this chapter is to help security teams fuse external information to their internal intelligence cycle. In addition to fusing intelligence into day-to-day security services, the chapter also covers using intelligence to inform incident response and zero-day threats. Finally, the chapter also touches on YARA and CRITs.

Keywords

Collaborative research into threats (CRITs)

YARA

incident response

open source intelligence (OSINT)

zero-day

advanced persistent threat

finished intelligence (FINTEL)

Common Vulnerabilities and Exposures (CVE)

Common Platform Enumeration (CPE)

Security Content Automation Protocol (SCAP)

cyber threat intelligence

Information in this chapter

• Brand monitoring ...

Get Building an Intelligence-Led Security Program now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Building an Intelligence-Led Security Program by Allan Liska

External intelligence sources

Abstract

Keywords

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly