Chapter 7: Technical Threat Analysis – Enrichment

Collecting data and intelligence is vastly different than analyzing it. While many organizations don't leverage collection in a formalized way, many organizations do perform analysis on cyber threat intelligence and data in some capacity. Data without context is just that – data. However, with proper context and analysis applied, that data can then become intelligence.

In Chapter 1, Why You Need a Threat Program, we explained that the third stage of the intelligence life cycle is analysis. One of the most important phases, the analysis phase, involves exploiting data that is received as part of the collection phase to perform analysis or enrichment on that data, ultimately refining it and establishing ...

Get Operationalizing Threat Intelligence now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Operationalizing Threat Intelligence by Kyle Wilhoit, Joseph Opacki

Chapter 7: Technical Threat Analysis – Enrichment

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly