April 2024
Intermediate to advanced
288 pages
7h 33m
English
Content preview from Effective Vulnerability Management
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
8Vulnerability Threat Intelligence
Threat intelligence is a domain within cybersecurity where teams leverage open source information to determine and prioritize threats to an organization. While commonly a separate practice in larger cybersecurity teams, smaller teams may leverage the same tactics to determine if there are known bad domains, IP addresses, types of files and file hashes, or specific vulnerabilities that are being exploited in the wild. All this technical information can be used to create alerts, detect possible ongoing attacks, or block unwanted network scanning from bad actors. Threat intelligence is also known as cyber threat intelligence (CTI) and is used by multiple organizations, one example being the Cybersecurity and Infrastructure Security Agency (CISA) (www.cisa.gov/resources-tools/services/cyber-threat-intelligence).
Why Is Threat Intel Important to VMPs?
Using this intelligence, organizations can create alerts or focus remediation activities on the given information. For example, if a threat actor is found to be using a specific type of ransomware or a list of file types and specific hashes, techniques will be found and distributed among proper threat intelligence communication channels to combat them. A threat intel team will learn that this specific threat actor is using this attack type and may choose to increase detection and tailor alerting for specific IP addresses or domains. The SANS Whitepaper on Threat Intelligence is an excellent resource ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.