Module 20 Threat Intelligence Flashcards
What must you do to effectively protect a network?
Stay informed about the threats and vulnerabilities, continue to upgrade skills
What is the SANS institute?
Expensive training, SysAdmin, Audit, Network, Security (SANS)
What is Mitre?
Mitre corporation maintains a list of Common Vulnerabilities and Exposures used by prominent security organizations
What does Cisco have?B
Security report - mid year and annual cybersecurity reports - update on the state of security preparedness
What can also be helpful?
Blogs, podcasts, Cisco Talos Group
What is Cisco Talos?
Talos is one of the largest commercial threat intelligence teams in the world - goal is to help protect enterprise users, data and infrastructure from active adversaries.
What is FireEye?
Offers services to help enterprises secure their network. It uses security intelligence, expertise and technology
What does FireEye do for SOAR and SIEM?
Helix Security Platform, using behavioral analysis and threat detection.
- blocks advanced malware that bypass signature based defenses.
What does the government use with private business?
AIS - automatic indicator sharing is a free service offered by DHS.
- Enables real-time exchange of cyber threat indicators between government and private sector
What are the threat intelligence sharing standards?
STIX, TAXII and CybOX. Tools that share info about upcoming cyber threats.
What is the MISP?
Malware Information Sharing Platform - open source for sharing IOCs for new threats.
- enables automated sharing of IOC’s between people and machines using STIX
What is IOC
indicators of compromise
What is a TIP
Threat intelligence platform - centralizes the collection of threat data from numerous sources.
