ورود به حساب

نام کاربری گذرواژه

گذرواژه را فراموش کردید؟ کلیک کنید

حساب کاربری ندارید؟ ساخت حساب

ساخت حساب کاربری

نام نام کاربری ایمیل شماره موبایل گذرواژه

برای ارتباط با ما می توانید از طریق شماره موبایل زیر از طریق تماس و پیامک با ما در ارتباط باشید


09117307688
09117179751

در صورت عدم پاسخ گویی از طریق پیامک با پشتیبان در ارتباط باشید

دسترسی نامحدود

برای کاربرانی که ثبت نام کرده اند

ضمانت بازگشت وجه

درصورت عدم همخوانی توضیحات با کتاب

پشتیبانی

از ساعت 7 صبح تا 10 شب

دانلود کتاب Mastering Cyber Intelligence

دانلود کتاب تسلط بر هوش سایبری

Mastering Cyber Intelligence

مشخصات کتاب

Mastering Cyber Intelligence

ویرایش:  
نویسندگان: ,   
سری:  
ISBN (شابک) : 9781800209404 
ناشر: Packt 
سال نشر: 2022 
تعداد صفحات:  
زبان: English 
فرمت فایل : EPUB (درصورت درخواست کاربر به PDF، EPUB یا AZW3 تبدیل می شود) 
حجم فایل: 18 Mb

قیمت کتاب (تومان) : 45,000



ثبت امتیاز به این کتاب

میانگین امتیاز به این کتاب :
       تعداد امتیاز دهندگان : 4


در صورت تبدیل فایل کتاب Mastering Cyber Intelligence به فرمت های PDF، EPUB، AZW3، MOBI و یا DJVU می توانید به پشتیبان اطلاع دهید تا فایل مورد نظر را تبدیل نمایند.

توجه داشته باشید کتاب تسلط بر هوش سایبری نسخه زبان اصلی می باشد و کتاب ترجمه شده به فارسی نمی باشد. وبسایت اینترنشنال لایبرری ارائه دهنده کتاب های زبان اصلی می باشد و هیچ گونه کتاب ترجمه شده یا نوشته شده به فارسی را ارائه نمی دهد.


توضیحاتی در مورد کتاب تسلط بر هوش سایبری

مهارت‌های تحلیلی را برای محافظت مؤثر از سازمان خود با تقویت مکانیسم‌های دفاعی توسعه دهید و به یک تحلیلگر اطلاعاتی تهدید ماهر تبدیل شوید تا به تیم‌های استراتژیک در تصمیم‌گیری آگاهانه کمک کند. نحوه انجام تجزیه و تحلیل نفوذ با استفاده از فرآیند اطلاعات تهدید سایبری (CTI) ادغام اطلاعات تهدید در زیرساخت امنیتی فعلی خود برای حفاظت پیشرفته شرح کتاب: پیچیدگی تهدیدات سایبری، مانند باج افزار، کمپین های فیشینگ پیشرفته، حملات آسیب پذیری روز صفر و پیشرفته تهدیدهای پایدار (APTs)، سازمان ها و افراد را تحت فشار قرار می دهد تا استراتژی های محافظت از سیستم قابل اعتماد را تغییر دهند. اطلاعات تهدیدات سایبری اطلاعات تهدید را به اطلاعات مبتنی بر شواهد تبدیل می کند که اهداف، انگیزه ها و قابلیت های دشمنان را برای دفاع موثر در برابر انواع تهدیدها آشکار می کند. این کتاب به طور کامل مفاهیم و شیوه‌های مورد نیاز برای توسعه و هدایت برنامه‌های اطلاعاتی تهدید را پوشش می‌دهد و وظایف مربوط به هر مرحله از چرخه حیات CTI را به تفصیل شرح می‌دهد. شما می توانید با درک و جمع آوری نیازمندی ها، راه اندازی تیم و کاوش در چارچوب های اطلاعاتی، یک برنامه اطلاعاتی تهدید برنامه ریزی کنید. شما همچنین خواهید آموخت که چگونه و از کجا داده های اطلاعاتی برنامه خود را با توجه به سطح سازمان خود جمع آوری کنید. با کمک مثال‌های عملی، این کتاب به شما کمک می‌کند تا با پردازش و تحلیل داده‌های تهدید آشنا شوید. و در نهایت، شما با نوشتن گزارش های اطلاعاتی تاکتیکی، فنی و استراتژیک و به اشتراک گذاری آنها با جامعه به خوبی آشنا خواهید شد. در پایان این کتاب، دانش و مهارت های لازم برای هدایت عملیات اطلاعاتی تهدید از برنامه ریزی به مراحل انتشار، محافظت از سازمان خود و کمک در تصمیم گیری های دفاعی حیاتی را به دست خواهید آورد. آنچه خواهید آموخت: درک چرخه حیات CTI که پایه و اساس مطالعه را تشکیل می دهد تیم CTI را تشکیل دهید و آن را در پشته امنیتی قرار دهید. چارچوب ها، پلت فرم ها و استفاده از آنها را در برنامه ادغام CTI در شرکت های کوچک، متوسط ​​و بزرگ کشف کنید. منابع داده‌های اطلاعاتی و فیدها مدل‌سازی تهدید و تجزیه و تحلیل دشمن و تهدید را انجام دهید شاخص‌های سازش (IoC) چیست و از هرم درد در تشخیص تهدید استفاده کنید با نوشتن گزارش‌های اطلاعاتی و اشتراک‌گذاری اطلاعات این کتاب برای چه کسی است: این کتاب برای متخصصان امنیتی، محققان و افرادی است که می خواهند دانش عمیقی در مورد اطلاعات تهدیدات سایبری به دست آورند و تکنیک هایی را برای جلوگیری از انواع مختلف تهدیدات سایبری کشف کنند. برای استفاده حداکثری از این کتاب، دانش اولیه امنیت سایبری و اصول شبکه مورد نیاز است.


توضیحاتی درمورد کتاب به خارجی

Develop the analytical skills to effectively safeguard your organization by enhancing defense mechanisms, and become a proficient threat intelligence analyst to help strategic teams in making informed decisions Key Features: Build the analytics skills and practices you need for analyzing, detecting, and preventing cyber threats Learn how to perform intrusion analysis using the cyber threat intelligence (CTI) process Integrate threat intelligence into your current security infrastructure for enhanced protection Book Description: The sophistication of cyber threats, such as ransomware, advanced phishing campaigns, zero-day vulnerability attacks, and advanced persistent threats (APTs), is pushing organizations and individuals to change strategies for reliable system protection. Cyber Threat Intelligence converts threat information into evidence-based intelligence that uncovers adversaries' intents, motives, and capabilities for effective defense against all kinds of threats. This book thoroughly covers the concepts and practices required to develop and drive threat intelligence programs, detailing the tasks involved in each step of the CTI lifecycle. You'll be able to plan a threat intelligence program by understanding and collecting the requirements, setting up the team, and exploring the intelligence frameworks. You'll also learn how and from where to collect intelligence data for your program, considering your organization level. With the help of practical examples, this book will help you get to grips with threat data processing and analysis. And finally, you'll be well-versed with writing tactical, technical, and strategic intelligence reports and sharing them with the community. By the end of this book, you'll have acquired the knowledge and skills required to drive threat intelligence operations from planning to dissemination phases, protect your organization, and help in critical defense decisions. What You Will Learn: Understand the CTI lifecycle which makes the foundation of the study Form a CTI team and position it in the security stack Explore CTI frameworks, platforms, and their use in the program Integrate CTI in small, medium, and large enterprises Discover intelligence data sources and feeds Perform threat modelling and adversary and threat analysis Find out what Indicators of Compromise (IoCs) are and apply the pyramid of pain in threat detection Get to grips with writing intelligence reports and sharing intelligence Who this book is for: This book is for security professionals, researchers, and individuals who want to gain profound knowledge of cyber threat intelligence and discover techniques to prevent varying types of cyber threats. Basic knowledge of cybersecurity and network fundamentals is required to get the most out of this book.



فهرست مطالب

Cover
Title Page
Copyright
Dedication
Contributors
Table of Contents
Preface
Section 1: Cyber Threat Intelligence Life Cycle, Requirements, and Tradecraft
Chapter 1: Cyber Threat Intelligence Life Cycle
	Technical requirements
	Cyber threat intelligence – a global overview
		Characteristics of a threat
		Threat intelligence and data security challenges
		Importance and benefits of threat intelligence
		Planning, objectives, and direction
	Intelligence data collection
	Intelligence data processing
	Analysis and production
	Threat intelligence dissemination
	Threat intelligence feedback
	Summary
Chapter 2: Requirements and Intelligence Team Implementation
	Technical requirements
	Threat intelligence requirements and prioritization
		Prioritizing intelligence requirements
	Requirements development
		Operational environment definition
		Network defense impact description
		Current cyber threats – evaluation
		Developing a course of action
		Intelligence preparation for intelligence requirements
	Intelligence team layout and prerequisites
	Intelligence team implementation
		Intelligence team structuring
		Intelligence team application areas
	Summary
Chapter 3: Cyber Threat Intelligence Frameworks
	Technical requirements
	Intelligence frameworks – overview
		Why cyber threat frameworks?
		Cyber threat framework architecture and operating model
	Lockheed Martin's Cyber Kill Chain framework
		Use case – Lockheed Martin's Cyber Kill Chain model mapping
		Integrating the Cyber Kill Chain model into an intelligence project
		Benefits of the Cyber Kill Chain framework
	MITRE's ATT&CK knowledge-based framework
		How it works
		Use case – ATT&CK model mapping
		Integrating the MITRE ATT&CK framework
		Benefits of the ATT&CK framework
	Diamond model of intrusion analysis framework
		How it works
		Use case – Diamond model of intrusion analysis
		Integrating the Diamond model into intelligence projects
		Benefits of the Diamond model
	Summary
Chapter 4: Cyber Threat Intelligence Tradecraft and Standards
	Technical requirements
	The baseline of intelligence analytic tradecraft
		Note 1 – Addressing CTI consumers' interests
		Note 2 – Access and credibility
		Note 3 – Articulation of assumptions
		Note 4 – Outlook
		Note 5 – Facts and sourcing
		Note 6 – Analytic expertise
		Note 7 – Effective summary
		Note 8 – Implementation analysis
		Note 9 – Conclusions
		Note 10 – Tradecraft and counterintelligence
	Understanding and adapting ICD 203 to CTI
	Understanding the STIX standard
		Using STIX for cyber threat analysis
		Specifying threat indicator patterns using STIX
		Using the STIX standard for threat response management
		Threat intelligence information sharing
		Understanding the STIX v2 standard
	Understanding the TAXII standard
		How TAXII standard works
	AFI14-133 tradecraft standard for CTI
		Analytic skills and tradecraft
		Additional topics covered in AFI14-133
	Summary
Chapter 5: Goal Setting, Procedures for CTI Strategy, and Practical Use Cases
	Technical requirements
	The threat intelligence strategy map and goal setting
		Objective 1 – Facilitate and support real-time security operations
		Objective 2 – Facilitate an effective response to cyber threats
		Objective 3 – Facilitate and support the proactive tracking of cyber threats
		Objective 4 – Facilitate and support the updating and implementation of security governance
	TIPs – an overview
		Commercial TIPs
		Open-source TIPs
	Case study 1 – CTI for Level 1 organizations
		Objective
		Strategy
		Example
	Case study 2 – CTI for Level 2 organizations
		Objective
		Strategy
		Example
	Case study 3 – CTI for Level 3 organizations
		Objective
		Strategy
		Example
	Installing the MISP platform (optional)
	Summary
Section 2: Cyber Threat Analytical Modeling and Defensive Mechanisms
Chapter 6: Cyber Threat Modeling and Adversary Analysis
	Technical requirements
	The strategic threat modeling process
		Identifying and decomposing assets
		Adversaries and threat analysis
		Attack surfaces and threat vectors
		Adversary analysis use case – Twisted Spider
		Identifying countermeasures
		System re-evaluation
	Threat modeling methodologies
		Threat modeling with STRIDE
		Threat modeling with NIST
	Threat modeling use case
		Equifax data breach summary
		Threat modeling for ABCompany
		Advanced threat modeling with SIEM
	User behavior logic
		Benefits of UBA
		UBA selection guide – how it works
	Adversary analysis techniques
		Adversary attack preparation
		Attack preparation countermeasures
		Adversary attack execution
		Attack execution mitigation procedures
	Summary
Chapter 7: Threat Intelligence Data Sources
	Technical requirements
	Defining the right sources for threat intelligence
		Internal threat intelligence sources
		External threat intelligence sources
		Organization intelligence profile
		Threat feed evaluation
		Threat data quality assessment
	Open Source Intelligence Feeds (OSINT)
		Benefits of open source intelligence
		Open source intelligence portals
		OSINT platform data insights (OSINT framework)
		OSINT limitations and drawbacks
	Malware data for threat intelligence
		Benefits of malware data collection
		Malware components
		Malware data core parameters
	Other non-open source intelligence sources
		Benefits of paid intelligence
		Paid threat intelligence challenges
		Some paid intelligence portals
	Intelligence data structuring and storing
		CTI data structuring
		CTI data storing requirements
		Intelligence data storing strategies
	Summary
Chapter 8: Effective Defense Tactics and Data Protection
	Technical requirements
	Enforcing the CIA triad – overview
		Enforcing and maintaining confidentiality
		Enforcing and maintaining integrity
		Enforcing and maintaining availability
	Challenges and pitfalls of threat defense mechanisms
		Data security top challenges
		Threat defense mechanisms' pitfalls
	Data monitoring and active analytics
		Benefits of system monitoring
		High-level architecture
		Characteristics of a reliable monitoring system
	Vulnerability assessment and data risk analysis
		Vulnerability assessment methodology
		Vulnerability assessment process
		Vulnerability assessment tools
		Vulnerability and data risk assessment
	Encryption, tokenization, masking and quarantining
		Encryption as a defense mechanism
		Tokenization as a defense mechanism
		Masking and quarantining
	Endpoint management
		Reliable endpoint management requirements
		Mobile endpoint management
		Endpoint data breach use case – point of sale
	Summary
Chapter 9: AI Applications in Cyber Threat Analytics
	Technical requirements
	AI and CTI
		Cyber threat hunting
		How adversaries can leverage AI
	AI's position in the CTI program and security stack
	AI integration – the IBM QRadar Advisor approach
		QRadar simplified architecture
		Deploying QRadar
		What's in it for you or your organization?
	Summary
Chapter 10: Threat Modeling and Analysis – Practical Use Cases
	Technical requirements
	Understanding the analysis process
	Intrusion analysis case – how to proceed
		Indicator gathering and contextualization
		Pivoting through available sources
		Classifying the intelligence according to CTI frameworks
		Memory and disk analysis
		Malware data gathering
		Malware analysis and reverse engineering
		Analyzing the exfiltrated data and building adversary persona
		Analyzing the malicious files
		Gathering early indicators – Reconnaissance
		The Cyber Kill Chain and Diamond model
	MISP for automated threat analysis and storing
		MISP feed management
		MISP event analysis
	Summary
Section 3: Integrating Cyber Threat Intelligence Strategy to Business processes
Chapter 11: Usable Security: Threat Intelligence as Part of the Process
	Technical requirements
	Threat modeling guidelines for secured operations
		Usable security guidelines
		Software application security guidelines
	Data privacy in modern business
		Importance of usable privacy in modern society
		Threat intelligence and data privacy
	Social engineering and mental models
		Social engineering and threat intelligence
		Mental models for usability
	Intelligence-based DevSecOps high-level architecture
	Summary
Chapter 12: SIEM Solutions and Intelligence-Driven SOCs
	Technical requirements
	Integrating threat intelligence into SIEM tools – Reactive and proactive defense through SIEM tools
		System architecture and components of a SIEM tool
		SIEM for security – OTX and OSSIM use case
	Making SOCs intelligent – Intelligence-driven SOCs
		Security operations key challenges
		Intelligence into security operations
	Threat intelligence and IR
		IR key challenges
		Integrating intelligence in IR
	Integrating threat intelligence into SIEM systems
	Summary
Chapter 13: Threat Intelligence Metrics, Indicators of Compromise, and the Pyramid of Pain
	Technical requirements
	Understanding threat intelligence metrics
		Threat intelligence metrics requirements
		Threat intelligence metrics baseline
	IOCs, the CTI warhead
		The importance of IOCs
		Categories of IOCs
		Recognizing IOCs
	PoP, the adversary padlock
		PoP indicators
		Understanding the PoP
		Understanding the seven Ds of the kill chain action
	Understanding IOAs
	Summary
Chapter 14: Threat Intelligence Reporting and Dissemination
	Technical requirements
	Understanding threat intelligence reporting
		Types of threat intelligence reports
		Making intelligence reports valuable
		An example of a threat intelligence report template
		Threat intelligence report writing tools
	Building and understanding adversaries' campaigns
		Naming adversary campaigns
		Advanced persistent threats (APTs) – a quick overview
		Tracking threat actors and groups
		Retiring threat intelligence and adversary campaigns
	Disseminating threat intelligence
		Challenges to intelligence dissemination
		Strategic, tactical, and operational intelligence sharing
		Threat intelligence sharing architectures
		YARA rules and threat intelligence sharing formats
		Some information sharing and collaboration platforms
	The threat intelligence feedback loop
		Understanding the benefits of CTI feedback loop
		Methods for collecting threat intelligence feedback
		The threat intelligence feedback cycle – use case
	Summary
Chapter 15: Threat Intelligence Sharing and Cyber Activity Attribution – Practical Use Cases
	Technical requirements
	Creating and sharing IOCs
		Use case one – developing IOCs using YARA
		Use case two – sharing intelligence using Anomali STAXX
		Use case three – sharing intelligence through a platform
	Understanding and performing threat attribution
		Use case four – building activity groups from threat analysis
		Use case five – associating analysis with activity groups
		Use case six – an ACH and  attributing activities to nation-state groups
	Summary
Index
About Packt
Other Books You May Enjoy




نظرات کاربران

تمامی حقوق معنوی و مادی وبسایت متعلق به اینترنشنال لایبرری می باشد
نماد اعتماد الکترونیکی