دانلود کتاب Intelligence-Driven Incident Response, 2nd Edition (5th Early Release)

فهرست مطالب :

1. Introduction Intelligence as Part of Incident Response History of Cyber Threat Intelligence Modern Cyber-Threat Intelligence The Way Forward Incident Response as a Part of Intelligence What Is Intelligence -Driven Incident Response? Why Intelligence -Driven Incident Response? Operation SMN SolarWinds Conclusion Sources : 2. Basics of Intelligence Intelligence and Research Data Versus Intelligence Sources and Methods Models Using Models for Collaboration Process Models OODA Intelligence Cycle Using the Intelligence Cycle Qualities of Good Intelligence Levels of Intelligence Tactical Intelligence Operational Intelligence Strategic Intelligence Confidence Levels Conclusion 3. Basics of Incident Response Incident-Response Cycle Preparation Identification Containment Eradication Recovery Lessons Learned Kill Chain Targeting Reconnaissance Weaponization Delivery Exploitation Installation Command and Control Actions on Objective Example Kill Chain Diamond Model Basics of the Diamond Model Extending the Model ATT&CK & D3FEND ATT&CK D3FEND Active Defense Deny Disrupt Degrade Deceive Destroy F3EAD Find Fix Finish Exploit Analyze Disseminate Using F3EAD Picking the Right Model Scenario: ROAD RUNNER Conclusion 4. Exploit Tactical Versus Strategic OODA Loops What to Exploit? Gathering Information Information Gathering Goals Mining Previous Incidents Gathering External Information (aka Conducting a Literature Review) Extracting and Storing Threat Data Standards for Storing Threat Data Data Standards and Formats for Indicators Data Standards and Formats for Strategic Information Process for Extracting Managing Information Threat-Intelligence Platforms Conclusion 5. Analyze The Fundamentals of Analysis Dual Process thinking Inductive, Deductive, and Abductive Reasoning Case Study: The OPM Breach Analytic Processes and Methods Structured Analytic Techniques Target-Centric Analysis Conducting the Analysis What to Analyze? Enriching Your Data Leverage Information sharing Developing Your Hypothesis Evaluating Key Assumptions Judgment and Conclusions Things that are Gonna Screw You Up, Aka Analytic Bias Accounting for biases Conclusion 6. Strategic Intelligence What Is Strategic Intelligence? Sherman Kent: Father of American Intelligence Analysis The Role of Strategic Intelligence in IDIR Intelligence Beyond Incident Response Building a Frame with Strategic Intelligence The Strategic Intelligence Cycle Setting Strategic Requirements Collection Analysis Processes for strategic intelligence Dissemination Moving towards anticipatory intelligence Conclusion About the Authors