Chapter 2: Threat Actors, Campaigns, and Tooling

When people think of threat actors, they often associate the iconography of the hooded miscreant; hiding out in a basement, their features illuminated by the glow of the monitor, tirelessly pecking on the keys of a worn-out keyboard. While this may be a semi-accurate portrayal for a percentage, the reality is that threat actors are far more professional and organized. Studying their behaviors and approaches to committing cybercrimes is much more detailed and involves studying the threat actors, their motivations, and the associated tactics, techniques, and procedures (TTPs) that they utilize in their attack chain.

As we learned in the previous chapter, there are many diverse methods we can use ...

Get Operationalizing Threat Intelligence now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.