Chapter 13: Threat Intelligence Metrics, Indicators of Compromise, and the Pyramid of Pain

When executing a threat intelligence program, it is essential to have a set of criteria to determine its contribution to the overall system security and business. It means that the Cyber Threat Intelligence (CTI) analysts or team must select security intelligence metrics that will justify the program's existence, be it on the strategic, operational, or tactical level.

As CTI analysts, we always look for pieces of threat or breach evidence in the system to analyze security exposure and adversaries' activities. And those pieces of evidence are what make threat intelligence actionable. They are known as Indicators of Compromise (IOCs). Adversaries use many ...

Get Mastering Cyber Intelligence now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Mastering Cyber Intelligence by Jean Nestor M. Dahj

Chapter 13: Threat Intelligence Metrics, Indicators of Compromise, and the Pyramid of Pain

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly