9 Cyber Threat Intelligence

In the previous chapter, we understood how a blue team should ideally go about selecting, deploying, and monitoring security controls in their organization. We also understood how a Security Operations Center (SOC) team can get overloaded with too many logs to sift through to identify a potential threat. In this chapter, we will look into how CTI can alleviate some of these concerns and help the blue team identify any potential threats in their organization.

The following topics will be discussed in detail in this chapter:

What is CTI?
Types of threat intelligence
Threat intelligence implementation
Threat hunting
The MITRE ATT&CK framework

What is CTI?

Cyber Threat Intelligence (CTI) can be defined as data that ...

Get Cybersecurity Blue Team Strategies now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Cybersecurity Blue Team Strategies by Kunal Sehgal, Nikolaos Thymianis

9

Cyber Threat Intelligence

What is CTI?

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly