Professional Documents
Culture Documents
FOR578:
Cyber Threat
Intelligence
Fecha de publicación: 19 de ene de 2020
Matthew Green
Siguiendo
DFIR and research
Fecha de publicación:
19 de ene de 2020
Background
Day two was earning our Kill Chain badge with the
most important CTI collection source - intrusion
analysis. It was a great refresher of the most popular
intrusion model with really good practical examples
and introduction to the Diamond Model. The most
enjoyable section for me was the upgraded Courses
of Action Matrix, and Intel Gain/Loss - providing
action awareness and insight into focus areas.
Final thoughts
Resources
SAN578 description -
https://www.sans.org/course/cyber-threat-
intelligence
194 · 13 comentarios