Practical Threat Intelligence and Data-Driven Threat Hunting: A hands-on guide to threat hunting with the ATT&CK(TM) Framework and open source tools
Palacín, Valentina
- 出版商: Packt Publishing
- 出版日期: 2021-02-12
- 售價: $1,700
- 貴賓價: 9.5 折 $1,615
- 語言: 英文
- 頁數: 398
- 裝訂: Quality Paper - also called trade paper
- ISBN: 1838556370
- ISBN-13: 9781838556372
-
相關分類:
駭客 Hack
-
相關翻譯:
ATT & CK 與威脅獵殺實戰 (簡中版)
立即出貨 (庫存=1)
買這商品的人也買了...
-
流暢的 Python|清晰、簡潔、有效的程式設計 (Fluent Python)$980$774 -
使用者故事對照 (User Story Mapping: Discover the Whole Story, Build the Right Product)$580$458 -
打動人心的產品設計|頂尖設計師打造成功產品的黃金法則 (Designing Products People Love: How Great Designers Create Successful Products)$580$458 -
OS X Incident Response: Scripting and Analysis$1,980$1,881 -
$1,628Concurrency in Go: Tools and Techniques for Developers (Paperback) -
$454黑客大曝光:工業控制系統安全 (Hacking Exposed Industrial Control Systems: ICS and SCADA Security Secrets & Solutions) -
領域驅動設計:軟體核心複雜度的解決方法 (Domain-Driven Design: Tackling Complexity in the Heart of Software)$680$578 -
最完整 5G 技術架構白皮書$780$616 -
The Modern Security Operations Center (Paperback)$2,200$2,090 -
圖解資訊安全與個資保護|網路時代人人要懂的自保術$380$300 -
Information Privacy Engineering and Privacy by Design: Understanding Privacy Threats, Technology, and Regulations Based on Standards and Best Practice$2,560$2,432 -
$2,124Database Internals: A Deep Dive Into How Distributed Data Systems Work (Paperback) -
Kali Linux 滲透測試工具|花小錢做資安,你也是防駭高手, 3/e$880$695 -
Microservices Security in Action$1,980$1,881 -
深入淺出 Go (Head First Go)$880$695 -
$1,010CISSP 權威指南, 8/e (CISSP All-in-One Exam Guide, 8/e) -
Operating System Concepts, 10/e (GE-Paperback)$1,750$1,663 -
$305社會工程 防範釣魚欺詐 捲3 -
Go 學習手冊 (Learning Go)$580$493 -
社會工程 安全體系中的人性漏洞 第2版$479$455 -
Learn Enough JavaScript to Be Dangerous: A Tutorial Introduction to Programming with JavaScript$1,580$1,501 -
Operationalizing Threat Intelligence: A guide to developing and operationalizing cyber threat intelligence programs$1,750$1,663 -
CYBERSEC 2022 臺灣資安年鑑 ─ 零信任資安時代來臨:信任邊界徹底瓦解,安全需源自反覆驗證$179$161 -
Learn Enough Python to Be Dangerous: Software Development, Flask Web Apps, and Beginning Data Science with Python (Paperback)$1,580$1,501 -
一本精通 - Python 範例應用大全:Python 詳細語法教學 & 100+ 個 Python 範例$880$695
相關主題
商品描述
Get to grips with cyber threat intelligence and data-driven threat hunting while exploring expert tips and techniques
Key Features
- Set up an environment to centralize all data in an Elasticsearch, Logstash, and Kibana (ELK) server that enables threat hunting
- Carry out atomic hunts to start the threat hunting process and understand the environment
- Perform advanced hunting using MITRE ATT&CK Evals emulations and Mordor datasets
Book Description
Threat hunting (TH) provides cybersecurity analysts and enterprises with the opportunity to proactively defend themselves by getting ahead of threats before they can cause major damage to their business.
This book is not only an introduction for those who don't know much about the cyber threat intelligence (CTI) and TH world, but also a guide for those with more advanced knowledge of other cybersecurity fields who are looking to implement a TH program from scratch.
You will start by exploring what threat intelligence is and how it can be used to detect and prevent cyber threats. As you progress, you'll learn how to collect data, along with understanding it by developing data models. The book will also show you how to set up an environment for TH using open source tools. Later, you will focus on how to plan a hunt with practical examples, before going on to explore the MITRE ATT&CK framework.
By the end of this book, you'll have the skills you need to be able to carry out effective hunts in your own environment.
What you will learn
- Understand what CTI is, its key concepts, and how it is useful for preventing threats and protecting your organization
- Explore the different stages of the TH process
- Model the data collected and understand how to document the findings
- Simulate threat actor activity in a lab environment
- Use the information collected to detect breaches and validate the results of your queries
- Use documentation and strategies to communicate processes to senior management and the wider business
Who this book is for
If you are looking to start out in the cyber intelligence and threat hunting domains and want to know more about how to implement a threat hunting division with open-source tools, then this cyber threat intelligence book is for you.
作者簡介
Valentina Palacín is a cyber threat intelligence analyst who specializes in tracking Advanced Persistent Threats (APTs) worldwide, using the MITRE ATT&CK Framework to analyze their tools, tactics, techniques, and procedures (TTPs). She is a self-taught developer and threat hunter with a degree in translation and interpretation from the Universidad de Málaga (UMA) and a cyber security diploma from Argentina's Universidad Tecnológica Nacional (UTN). Valentina also is one of the founders of the BlueSpace community (BlueSpaceSec) and one of the core members of Open Threat Research, founded by Roberto Rodriguez (OTR_Community).
目錄大綱
Table of Contents
- What is Cyber Threat Intelligence?
- What is Threat Hunting?
- Where Does the Data Come From?
- Mapping the Adversary
- Working with Data
- Emulating the Adversary
- Creating a Research Environment
- How to Query the Data
- Hunting for the Adversary
- Importance of Documenting and Automating the Process
- Assessing Data Quality
- Understanding the Output
- Defining Good Metrics to Track Success
- Engaging the Response Team and Communicating the Result to Executives
