相關主題
商品描述
Effective introduction to cyber threat intelligence, supplemented with detailed case studies and after action reports of intelligence on real attacks
Cyber Threat Intelligence introduces the history, terminology, and techniques to be applied within cyber security, offering an overview of the current state of cyberattacks and stimulating readers to consider their own issues from a threat intelligence point of view. The highly qualified author takes a systematic, system-agnostic, and holistic view to generating, collecting, and applying threat intelligence.
The text covers the threat environment, malicious attacks, collecting, generating, and applying intelligence and attribution, as well as legal and ethical considerations. It ensures readers know what to look out for when looking for a potential cyber attack and imparts how to prevent attacks early on, explaining how threat actors can exploit a system's vulnerabilities. It also includes analysis of large scale attacks such as WannaCry, NotPetya, Solar Winds, VPNFilter, and the Target breach, looking at the real intelligence that was available before and after the attack.
Sample topics covered in Cyber Threat Intelligence include:
- The constant change of the threat environment as capabilities, intent, opportunities, and defenses change and evolve.
- Different business models of threat actors, and how these dictate the choice of victims and the nature of their attacks.
- Planning and executing a threat intelligence programme to improve an organisation's cyber security posture.
- Techniques for attributing attacks and holding perpetrators to account for their actions.
Cyber Threat Intelligence describes the intelligence techniques and models used in cyber threat intelligence. It provides a survey of ideas, views and concepts, rather than offering a hands-on practical guide. It is intended for anyone who wishes to learn more about the domain, particularly if they wish to develop a career in intelligence, and as a reference for those already working in the area.
商品描述(中文翻譯)
有效的網路威脅情報介紹,輔以詳細的案例研究和真實攻擊的行動後報告
《網路威脅情報》介紹了網路安全中的歷史、術語和技術,提供了當前網路攻擊狀態的概述,並激發讀者從威脅情報的角度考慮自身問題。這位高素質的作者採取系統性、與系統無關且全面的觀點來生成、收集和應用威脅情報。
本書涵蓋了威脅環境、惡意攻擊、情報的收集、生成和應用以及歸因,還包括法律和倫理考量。它確保讀者了解在尋找潛在網路攻擊時應注意的事項,並傳授如何及早預防攻擊,解釋威脅行為者如何利用系統的漏洞。書中還分析了大規模攻擊事件,如WannaCry、NotPetya、Solar Winds、VPNFilter和Target洩漏,探討了攻擊前後可用的真實情報。
《網路威脅情報》中涵蓋的主題包括:
- 隨著能力、意圖、機會和防禦的變化和演變,威脅環境的持續變化。
- 威脅行為者的不同商業模式,以及這些模式如何決定受害者的選擇和攻擊的性質。
- 計劃和執行威脅情報計劃,以改善組織的網路安全姿態。
- 歸因攻擊的技術,並追究肇事者的責任。
《網路威脅情報》描述了在網路威脅情報中使用的情報技術和模型。它提供了一個觀念、觀點和概念的調查,而不是提供實用的操作指南。這本書適合任何希望深入了解該領域的人,特別是那些希望在情報領域發展職業的人,並作為已在該領域工作者的參考。
作者簡介
Martin Lee is Technical Lead of Security Research within Talos, Cisco's threat intelligence and research organization. Martin started his career researching the genetics of human viruses, but soon switched paths to follow a career in IT. With over 20 years of experience within the cyber security industry, he is CISSP certified, a Chartered Engineer, and holds degrees from the Universities of Bristol, Cambridge, Paris-Sud and Oxford.
作者簡介(中文翻譯)
馬丁·李是思科 Talos 的安全研究技術負責人,Talos 是思科的威脅情報和研究組織。馬丁的職業生涯始於研究人類病毒的遺傳學,但不久後他轉向資訊科技領域。擁有超過 20 年的網路安全行業經驗,他是 CISSP 認證專業人士,並且是特許工程師,擁有布里斯托大學、劍橋大學、巴黎南大學和牛津大學的學位。
