Skip to Content
Cyber Threat Intelligence
book

Cyber Threat Intelligence

by Martin Lee
April 2023
Beginner
304 pages
9h 49m
English
Wiley
Content preview from Cyber Threat Intelligence

4Collecting Intelligence

Intelligence can be collected from many sources. Indeed, many sources freely offer intelligence to anyone who desires to consume it. However, too much intelligence is counterproductive, and may simply cloud the picture, while applying incorrect intelligence, or maliciously false intelligence can only lead to making bad decisions.

No threat intelligence data can provide a crystal ball to see into the future and predict with perfect precision the attacks that will occur. Nevertheless, threat intelligence can be incredibly useful in providing forward looking statements based on observation and professional opinion.

Chapter 4 considers the issues that affect the suitability of sources of intelligence for inclusion in a threat intelligence programme.

4.1 Hierarchy of Evidence

Within any cyber incident nobody has a complete understanding of the full picture. The threat actor will hopefully be aware of their actions and the systems that they have compromised. Nevertheless, much information will remain unknown. The threat actor is unlikely to be aware of the entire IT estate of their victim, they will be unaware of the level of awareness of the attack by the victim, and cannot know the precise future actions of the victim.

Similarly, the victim may be aware of parts of an attack they have discovered, but will remain ignorant of the full extent of the threat actor's actions, their exact motivations, future actions, and exactly which systems (if any) that the ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

AirBnbBlueOriginElectronic ArtsHomeDepotNasdaqRakutenTata Consultancy Services

QuotationMarkO’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.
Julian F.
Head of Cybersecurity
QuotationMarkI wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.
Addison B.
Field Engineer
QuotationMarkI’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.
Amir M.
Data Platform Tech Lead
QuotationMarkI'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
Mark W.
Embedded Software Engineer

You might also like

Cyber Threat Hunting

Cyber Threat Hunting

Nadhem AlFardan
Mastering Cyber Intelligence

Mastering Cyber Intelligence

Jean Nestor M. Dahj

Publisher Resources

ISBN: 9781119861744Purchase Link