Overview
Threat Intelligence enables Businesses to provide the best possible defense against the most probable threats. This course introduces attendees with the basics concepts of Threat Intelligence and take them thru the entire process of setting up a Threat Intel Platform using MISP to consume all the intelligence from around 80+ global community feeds and also enables the attendees to share intelligence on malwares and attacks back to the community.
Skills Covered
Threat Intelligence is an evidence-based knowledge, including context, mechanisms, indicators, implications and actionable advice, about an existing or emerging menace or hazard to assets that can be used to inform decisions regarding the subject’s response to that menace or hazard. With Intelligence and Automation equipping cyber criminals to conduct targeted and stealth attacks, it us utmost important for enterprises to be equipped with cyber threat intelligence to achieve a cyber resilient posture.
- Gain in-depth knowledge of security threats, attacks, vulnerabilities, attacker’s behaviors, cyber kill chain, SOC processes, procedures, technologies, and automation workflows
- Understand the MITRE ATT&CK Framework and Able to identify attacker techniques, tactics, and procedures (TTP) to investigate on indicators of compromise (IOCs) and provide automated / manual responses to eliminate the attack/incident
- Able to understand the concepts of Threat Intelligence and gain in-depth knowledge on how to integrate Threat Intelligence with the SIEM, SOAR, EDR and other SOC technologies to reduce the Mean time to Detect (MTTD) and Mean time to Respond (MTTR)
- Able to Understand and learn how to setup a Threat Intelligence Framework and platform for your organization and consume community and commercial feeds to understand attacks and defend your organization from future attacks
- Gain in-depth knowledge on Malware Information Sharing Platform (MISP) and learn to setup a working instance with configurations and integrations that can be used immediately in your organisation
- Gain knowledge of Incident Response Methodology, processes and in-depth knowledge on how to integrate Threat Intelligence processes with Incident Response processes using HIVE and learn how to automate them as a single workflow
Who Should Attend
Cybersecurity Analysts, Network and Security Administrators, Entry-level cybersecurity professionals, SOC Analyst
Exam & Certification
Certified Cyber Threat Intelligence Analyst (CCTIA).