Chapter 3: Carrying out Adversary Emulation with CTI

In this chapter, we will introduce cyber threat intelligence (CTI). We will learn the different types of intelligence applicable to various cybersecurity threats and identify a range of use cases for CTI. We will also learn how CTI can help us describe a cyberattack, how indicators of compromise (IoCs) should be leveraged, and how everything fits together in the CTI process.

Once we have introduced CTI, we will see how it can be leveraged to provide input for purple teaming assessments to help organizations focus on relevant threats only, thereby prioritizing and maximizing cyber defense efforts.

In this chapter, we will cover the following main topics:

Introducing CTI
The CTI process

Get Purple Team Strategies now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Purple Team Strategies by David Routin, Simon Thoores, Samuel Rossier

Chapter 3: Carrying out Adversary Emulation with CTI

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly