Seminaranmeldung

In dieser 2-tägigen Schulung "Threat Intelligence Essentials (TIE)" erhalten Sie umfassende Einblicke in die wesentlichen Aspekte der Threat Intelligence und deren Bedeutung für die Cybersicherheit. Sie lernen die grundlegenden Terminologien der Threat Intelligence kennen und verstehen dessen Rolle in der Cybersicherheit sowie die Reifegradmodelle der Threat Intelligence. Der Kurs umfasst die Bewertung verschiedener Arten der Threat Intelligence, wie strategische, operative und spezifische Formen, die das Schwachstellenmanagement oder regulatorische Anforderungen betreffen. Darüber hinaus erhalten Sie fundierte Einblicke in die Landschaft der Cyberbedrohungen, aktuelle Trends und laufende Herausforderungen. Der Kurs beleuchtet die Datenerfassung und die Quellen der Threat Intelligence sowie die Funktionsweise von Threat Intelligence -Plattformen (TIPs). Sie lernen, wie Threat Intelligence analysiert wird und vertiefen Ihr Wissen über die Erkennung von Bedrohungen und Threat Hunting. Weitere Schwerpunkte liegen auf dem Austausch und der Zusammenarbeit im Bereich der Threat Intelligence sowie auf der Anwendung von Threat Intelligence in der Reaktion auf Vorfälle. Abschließend werden zukünftige Trends und kontinuierliches Lernen im Bereich der Threat Intelligence thematisiert.

Introduction to Threat Intelligence

• Threat Intelligence and Essential Terminology
• Key Differences Between Intelligence, Information, and Data
• The Importance of Threat Intelligence
• Integrating Threat Intelligence in Cyber Operations
• Threat Intelligence Lifecycles and Maturity Models
• Threat Intelligence Roles, Responsibilities, and Use Cases
• Using Threat Intelligence Standards or Frameworks to Measure Effectiveness

Types of Threat Intelligence

• Understanding the Different Types of Threat Intelligence
• Preview Use Cases for Different Types of Threat Intelligence
• Overview of the Threat Intelligence Generation Process
• Learn How Threat Intelligence Informs Regulatory Compliance
• Augmenting Vulnerability Management with Threat Intelligence
• Explore Geopolitical or Industry-Related Threat Intelligence
• Integrating Threat Intelligence with Risk Management

Cyber Threat Landscape

• Overview of Cyber Threats Including Trends and Challenges
• Emerging Threats, Threat Actors, and Attack Vectors
• Deep Dive on Advanced Persistent Threats
• The Cyber Kill Chain Methodology
• Vulnerabilities, Threat Actors, and Indicators of Compromise (IoC)
• Geopolitical and Economic Impacts Related to Cyber Threats
• How Emerging Technology is Impacting the Threat Landscape
• MITRE ATT&CK & Splunk Attack Range IOC Labs

Data Collection and Sources of Threat Intelligence

• Making Use of Threat Intelligence Feeds, Sources, and Evaluation Criteria
• Overview of Threat Intelligence Data Collection Methods and Techniques
• Compare and Contrast Popular Data Collection Methods
• Bulk Data Collection Methods and Considerations
• Normalizing, Enriching, and Extracting Useful Intelligence from Threat Data
• Legal and Ethical Considerations for Threat Data Collection Processes
• Threat Data Feed Subscription and OSINT Labs

Threat Intelligence Platforms

• Introduction to Threat Intelligence Platforms (TIPs), Roles, and Features
• Aggregation, Analysis, and Dissemination within TIPs
• Automation and Orchestration of Threat Intelligence in TIPs
• Bulk Data Collection Methods and Considerations
• Evaluating and Integrating TIPs into Existing Cybersecurity Infrastructure
• Collaboration, Sharing, and Threat Hunting Features of TIPs
• Customizing TIPs for Organizational Needs
• Using TIPs for Visualization, Reporting, and Decision Making
• AlienVault OTX and MISP TIP Platform Labs

Threat Intelligence Analysis

• Introduction to Data Analysis and Techniques
• Applying Statistical Data Analysis, Including Analysis of Competing Hypothesis
• Identifying and Analyzing Threat Actor Artifacts
• Threat Prioritization, Threat Actor Profiling, and Attribution Concepts
• Leveraging Predictive and Proactive Threat Intelligence
• Reporting, Communicating, and Visualizing Intelligence Findings
• Threat Actor Profile Labs and MISP Report Generation Labs

Threat Hunting and Detection

• Operational Overview of Threat Hunting and Its Importance
• Dissecting the Threat Hunting Process
• Threat Hunting Methodologies and Frameworks
• Explore Proactive Threat Hunting
• Using Threat Hunting for Detection and Response
• Threat Hunting Tool Selection and Useful Techniques
• Forming Threat Hunting Hypotheses for Conducting Hunts
• Threat Hunting Lab in SPLUNK ATT&CK Range

Threat Intelligence Sharing and Collaboration

• Importance of Information Sharing Initiatives in Threat Intelligence
• Overview of Additional Threat Intelligence Sharing Platforms
• Building Trust Within Intelligence Communities
• Sharing Information Across Industries and Sectors
• Building Private and Public Threat Intelligence Sharing Channels
• Challenges and Best Practices for Threat Intelligence Sharing
• Legal and Privacy Implications of Sharing Threat Intelligence
• Sharing Threat Intelligence Using MISP and Installing Anomali STAXX

Threat Intelligence in Incident Response

Integrating Threat Intelligence into Incident Response Processes

• Role of Threat Intelligence in Incident Prevention Using Workflows and Playbooks
• Using Threat Intelligence for Incident Triage and Forensic Analysis
• Adapting Incident Response Plans Using New Intelligence
• Coordinating Response with External Partners
• Threat Intelligent Incident Handling and Recovery Approaches
• Post Incident Analysis and Lessons Learned Considerations
• Measurement and Continuous Improvement for Intelligence Driven Incident Response

Future Trends and Continuous Learning

• Emerging Threat Intelligence Approaches and Optimizing Their Use
• Convergence of Threat Intelligence and Risk Management
• Continuous Learning Approaches for Threat Intelligence
• Adapting Professional Skillsets for Future in Threat Intelligence
• Anticipating Future Challenges and Opportunities in Threat Intelligence
• Engaging in the Threat Intelligence Community and Keeping a Pulse on the Threat Landscape
• The Role of Threat Intelligence in National Security and Defense
• Potential Influence of Threat Intelligence on Future Cybersecurity Regulations